| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.08.2012, 10:52
| #1 |
| |  C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus gestern hab ich bei facebook nen link angeklickt worauf der pc eine datei mit endung jpg downloadete da ich dachte es wär ein bild öffnete ich es. ich weiß das es dum war aber ich war neugierig.nun habe ich irgendeinen virus auf dem pc habe schon einen scan mit malewarebytes durchgeführt und auch mit avast. nun weiß ich zwar wo sich die datei befindet aber wenn ich das verzeichnis öffne kann ich die datei nicht sehen oder so. wolte mal fragen ob mir jemand helfen kann?? wäre sehr nett mfg Chuky12 |
|
22.08.2012, 23:54
| #2 |
| /// Helfer-Team  | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung)
__________________ |
|
23.08.2012, 13:00
| #3 |
| | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus hier log von malewarebytes
__________________Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.08.23.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Simon :: SIMO-PC [Administrator] 23.08.2012 13:19:48 mbam-log-2012-08-23 (13-19-48).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 309404 Laufzeit: 23 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) hier von OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.08.2012 13:52:31 - Run 1 OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Simon\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,34% Memory free 15,96 Gb Paging File | 14,15 Gb Available in Paging File | 88,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200,00 Gb Total Space | 126,34 Gb Free Space | 63,17% Space Free | Partition Type: NTFS Drive D: | 265,76 Gb Total Space | 219,34 Gb Free Space | 82,53% Space Free | Partition Type: NTFS Drive G: | 2,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SIMO-PC | User Name: Simon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Simon\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe () PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe () PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll () MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll () MOD - C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll () MOD - C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll () MOD - C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll () MOD - \\?\globalroot\systemroot\syswow64\mswsock.DLL () MOD - \\.\globalroot\systemroot\syswow64\mswsock.dll () MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll () MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (vToolbarUpdater12.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic) DRV:64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (rusb3xhc) -- C:\Windows\SysNative\drivers\rusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (rusb3hub) -- C:\Windows\SysNative\drivers\rusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys () DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (mvs91xx) -- C:\Windows\SysNative\drivers\mvs91xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (mv91cons) -- C:\Windows\SysNative\drivers\mv91cons.sys (Marvell Semiconductor Inc.) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (AthDfu) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (AODDriver4.1) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FDC81C83-10C8-41AD-BFFA-A94375FF9F5F} IE:64bit: - HKLM\..\SearchScopes\{FDC81C83-10C8-41AD-BFFA-A94375FF9F5F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {FDC81C83-10C8-41AD-BFFA-A94375FF9F5F} IE - HKLM\..\SearchScopes\{FDC81C83-10C8-41AD-BFFA-A94375FF9F5F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = kiebel.de | PC-Systeme und Notebooks nach Maß! IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Bing [binary data] IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Bing [binary data] IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FF E2 43 5F F7 D1 CC 01 [binary data] IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=3212_3&babsrc=SP_ss&mntrId=10741c28000000000000c86000a4d034 IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={8DA47EC7-4421-4F13-8750-625ABC2F972B}&mid=f0e99d04224e47d0929f1929464039c7-9f41ace779713308e61718e055016d10f2ba0e36&lang=de&ds=AVG&pr=fr&d=2012-08-22 13:22:37&v=12.2.0.5&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Simon\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Simon\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.22 13:08:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.0.5\ [2012.08.22 13:22:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.08.08 17:41:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.08.08 17:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Extensions [2012.08.09 16:56:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.08 17:41:52 | 000,564,654 | ---- | M] () (No name found) -- C:\USERS\SIMON\APPDATA\ROAMING\THUNDERBIRD\PROFILES\539KOSAI.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI ========== Chrome ========== CHR - homepage: Babylon Search CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = https://isearch.avg.com/search?cid={8DA47EC7-4421-4F13-8750-625ABC2F972B}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms} CHR - default_search_provider: suggest_url = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding} CHR - homepage: Babylon Search CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Simon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: AVG Secure Search = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\ CHR - Extension: YouTube = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Babylon Toolbar = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\ CHR - Extension: AVG Do Not Track = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\ CHR - Extension: Google Mail = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe () O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39126170-9AF1-48D6-BBAE-303152A73783}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.03.03 01:00:00 | 000,000,048 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\Shell - "" = AutoRun O33 - MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\Shell\AutoRun\command - "" = F:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.23 13:21:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2012.08.22 14:42:37 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\AVG2012 [2012.08.22 13:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012.08.22 13:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012.08.22 13:22:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\AVG Secure Search [2012.08.22 13:22:36 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys [2012.08.22 13:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012.08.22 13:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search [2012.08.22 13:08:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012.08.22 13:08:14 | 000,000,000 | -H-D | C] -- C:\$AVG [2012.08.22 13:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012.08.22 13:08:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2012.08.22 13:07:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012.08.22 12:27:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\avas [2012.08.22 12:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012.08.22 12:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.08.22 11:35:42 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Adobe [2012.08.22 10:30:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012.08.22 10:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012.08.22 09:48:00 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.08.22 09:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.08.22 09:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.08.22 09:30:44 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Malwarebytes [2012.08.22 09:30:32 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.22 09:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.22 09:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.22 09:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.21 10:33:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.08.21 10:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.08.21 10:33:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan [2012.08.20 18:33:46 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2012.08.20 18:26:59 | 000,000,000 | RHSD | C] -- C:\Users\Simon\M-10-6897-8685-3464 [2012.08.12 18:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Ultimate Bundle [2012.08.11 21:29:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Neuer Ordner [2012.08.11 20:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012.08.11 20:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.08.11 20:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012.08.11 15:31:02 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.08.11 15:25:28 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra [2012.08.11 15:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2012.08.11 15:14:37 | 000,560,184 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012.08.11 15:09:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\SWAT 4 (2005) _ SWAT 4 - The Stetchkov Syndicate ( [2012.08.11 14:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tiny and Big - Grandpa's Leftovers [2012.08.11 14:30:48 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\foobar2000 [2012.08.11 14:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000 [2012.08.11 14:11:16 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empire Interactive [2012.08.09 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Rockstar Games [2012.08.09 17:05:03 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Rockstar Games [2012.08.09 17:04:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012.08.09 17:02:04 | 000,000,000 | RH-D | C] -- C:\Users\Simon\AppData\Roaming\SecuROM [2012.08.09 17:02:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2012.08.09 16:56:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\BabylonToolbar [2012.08.09 16:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar [2012.08.09 16:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.08.09 16:55:32 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Babylon [2012.08.09 16:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012.08.09 16:55:25 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\YourFileDownloader [2012.08.09 15:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE [2012.08.09 15:32:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012.08.09 15:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012.08.09 15:18:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\.minecraft [2012.08.09 15:11:10 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Simon\Desktop\MinecraftSP.exe [2012.08.08 21:53:55 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Call of Juarez - Bound in Blood [2012.08.08 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Electronic Arts [2012.08.08 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.08.08 20:31:34 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.08.08 20:31:32 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite [2012.08.08 20:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.08.08 20:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.08.08 20:16:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012.08.08 20:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012.08.08 18:41:57 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Square Enix [2012.08.08 18:41:48 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2012.08.08 18:41:48 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2012.08.08 18:41:48 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2012.08.08 18:41:48 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2012.08.08 18:41:48 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2012.08.08 18:41:48 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2012.08.08 18:41:47 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2012.08.08 18:41:47 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012.08.08 18:41:47 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2012.08.08 18:41:47 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012.08.08 18:41:47 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2012.08.08 18:41:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012.08.08 18:41:47 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2012.08.08 18:41:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012.08.08 18:41:46 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2012.08.08 18:41:46 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012.08.08 18:41:46 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012.08.08 18:41:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012.08.08 18:41:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012.08.08 18:41:46 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012.08.08 18:41:46 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012.08.08 18:41:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012.08.08 18:41:45 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012.08.08 18:41:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012.08.08 18:41:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012.08.08 18:41:44 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.08.08 18:41:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.08.08 18:41:44 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012.08.08 18:41:44 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012.08.08 18:41:43 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.08.08 18:41:43 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.08.08 18:41:43 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012.08.08 18:41:43 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.08.08 18:41:43 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.08.08 18:41:43 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.08.08 18:41:42 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.08.08 18:41:42 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.08.08 18:41:42 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.08.08 18:41:42 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.08.08 18:41:41 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.08.08 18:41:41 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.08.08 18:41:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.08.08 18:41:41 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.08.08 18:41:41 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.08.08 18:41:41 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.08.08 18:41:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.08.08 18:41:40 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.08.08 18:41:40 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.08.08 18:41:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.08.08 18:41:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.08.08 18:41:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.08.08 18:41:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.08.08 18:41:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.08.08 18:41:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.08.08 18:41:39 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.08.08 18:41:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.08.08 18:41:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.08.08 18:41:39 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.08.08 18:41:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.08.08 18:41:39 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.08.08 18:41:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.08.08 18:41:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.08.08 18:41:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.08.08 18:41:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.08.08 18:41:38 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.08.08 18:41:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.08.08 18:41:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.08.08 18:41:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.08.08 18:41:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.08.08 18:41:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.08.08 18:41:37 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.08.08 18:41:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.08.08 18:41:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.08.08 18:41:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.08.08 18:41:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.08.08 18:41:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.08.08 18:41:36 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.08.08 18:41:36 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.08.08 18:41:36 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.08.08 18:41:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.08.08 18:41:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.08.08 18:41:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.08.08 18:41:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.08.08 18:41:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.08.08 18:41:35 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.08.08 18:41:35 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.08.08 18:41:35 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.08.08 18:41:35 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.08.08 18:41:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.08.08 18:41:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.08.08 18:41:34 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.08.08 18:41:34 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.08.08 18:41:34 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.08.08 18:41:34 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.08.08 18:41:34 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.08.08 18:41:34 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.08.08 18:41:34 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.08.08 18:41:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.08.08 18:41:33 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.08.08 18:41:33 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.08.08 18:41:33 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.08.08 18:41:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.08.08 18:41:33 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.08.08 18:41:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.08.08 18:41:32 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.08.08 18:41:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.08.08 18:41:31 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.08.08 18:41:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.08.08 18:41:31 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.08.08 18:41:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.08.08 18:41:31 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.08.08 18:41:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.08.08 18:41:31 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.08.08 18:41:31 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.08.08 18:41:30 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.08.08 18:41:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.08.08 18:41:30 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.08.08 18:41:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.08.08 18:41:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.08.08 18:41:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.08.08 18:41:30 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.08.08 18:41:30 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.08.08 18:41:30 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.08.08 18:41:30 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.08.08 18:41:29 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.08.08 18:41:29 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.08.08 18:41:29 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.08.08 18:41:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.08.08 18:41:29 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.08.08 18:41:29 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.08.08 18:41:29 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.08.08 18:41:29 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.08.08 18:41:28 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.08.08 18:41:28 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.08.08 18:41:28 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.08.08 18:41:28 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.08.08 18:41:28 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.08.08 18:41:28 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.08.08 18:41:27 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.08.08 18:41:27 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.08.08 18:41:26 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.08.08 18:41:26 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.08.08 18:41:26 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.08.08 18:41:26 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.08.08 18:41:25 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.08.08 18:41:25 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.08.08 18:41:25 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.08.08 18:41:25 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.08.08 18:41:25 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.08.08 18:41:25 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.08.08 18:41:25 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.08.08 18:41:25 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.08.08 18:41:24 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.08.08 18:41:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.08.08 18:41:24 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.08.08 18:41:24 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.08.08 18:41:21 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.08.08 18:41:21 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.08.08 18:41:20 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.08.08 18:41:20 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.08.08 18:41:20 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.08.08 18:41:20 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.08.08 18:41:20 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.08.08 18:41:20 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.08.08 18:41:19 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.08.08 18:41:19 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.08.08 18:41:19 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.08.08 18:41:19 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.08.08 18:41:18 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.08.08 18:41:18 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.08.08 18:41:18 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.08.08 18:41:18 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.08.08 18:41:18 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.08.08 18:41:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.08.08 18:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX - Eidos Interactive [2012.08.08 18:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart File Advisor [2012.08.08 17:47:57 | 000,000,000 | R--D | C] -- C:\Users\Simon\Desktop\work [2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Thunderbird [2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Thunderbird [2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Mozilla [2012.08.08 17:41:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2012.08.08 17:27:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\spielöööööö [2012.08.08 17:22:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.08.08 17:17:39 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Google [2012.08.08 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Deployment [2012.08.08 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Apps [2012.08.08 17:16:56 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Adobe [2012.08.08 17:11:31 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\VirtualStore [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Vorlagen [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\AppData\Local\Verlauf [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\AppData\Local\Temporary Internet Files [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Startmenü [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\SendTo [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Recent [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Netzwerkumgebung [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Lokale Einstellungen [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Documents\Eigene Videos [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Documents\Eigene Musik [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Eigene Dateien [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Documents\Eigene Bilder [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Druckumgebung [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Cookies [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\AppData\Local\Anwendungsdaten [2012.08.08 17:11:26 | 000,000,000 | -HSD | C] -- C:\Users\Simon\Anwendungsdaten [2012.08.08 17:11:13 | 000,000,000 | --SD | C] -- C:\Users\Simon\AppData\Roaming\Microsoft [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Videos [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Searches [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Saved Games [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Pictures [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Music [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Links [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Favorites [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Downloads [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Documents [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Desktop [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\Contacts [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.08.08 17:11:13 | 000,000,000 | R--D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.08.08 17:11:13 | 000,000,000 | -H-D | C] -- C:\Users\Simon\AppData [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Windows Live [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Temp [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Microsoft [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Macromedia [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InfraRecorder [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\InfraRecorder [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Identities [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\ATI [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\ATI [2012.08.08 17:11:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\AMD [2012.08.08 17:11:00 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Programme [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.08.08 17:10:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.08.08 17:10:56 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.08.06 17:26:22 | 000,087,168 | R--- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys [2012.08.06 17:26:22 | 000,064,384 | R--- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys [2012.08.06 17:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.08.06 17:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KCService.de Fernwartung [2012.08.06 17:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [2012.08.06 17:04:53 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll [2012.08.06 17:04:52 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.08.06 17:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS [2012.08.06 17:04:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.08.06 17:04:40 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll [2012.08.06 17:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012.08.06 17:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.08.06 17:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.08.06 17:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012.08.06 17:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012.08.06 17:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012.08.06 17:03:54 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys [2012.08.06 17:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.08.06 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.08.06 17:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012.08.06 16:51:51 | 000,123,744 | R--- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012.08.06 16:51:50 | 007,163,744 | R--- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012.08.06 16:51:49 | 000,433,504 | R--- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012.08.06 16:51:49 | 000,074,592 | R--- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012.08.06 16:51:48 | 000,141,152 | R--- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012.08.06 16:51:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.08.06 16:51:33 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.08.03 12:03:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.07.30 11:00:31 | 000,569,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys ========== Files - Modified Within 30 Days ========== [2012.08.23 13:54:39 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.23 13:54:39 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.23 13:54:21 | 001,618,958 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.23 13:54:21 | 000,698,748 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.23 13:54:21 | 000,654,066 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.23 13:54:21 | 000,148,944 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.23 13:54:21 | 000,121,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.23 13:47:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.23 13:47:23 | 2133,417,983 | -HS- | M] () -- C:\hiberfil.sys [2012.08.23 13:28:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266864814-2457279537-2174918196-1001UA.job [2012.08.23 13:21:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2012.08.23 13:18:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.23 11:15:54 | 104,747,107 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.08.22 13:22:58 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012.08.22 13:22:36 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys [2012.08.22 13:08:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012.08.22 13:08:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012.08.22 09:48:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012.08.22 09:30:32 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.22 09:29:30 | 000,002,452 | ---- | M] () -- C:\Users\Simon\Desktop\Google Chrome.lnk [2012.08.22 09:18:03 | 000,000,000 | -H-- | M] () -- C:\Users\Simon\AppData\Roaming\winbras.sys [2012.08.21 11:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.08.21 10:33:51 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2012.08.21 10:18:52 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.21 10:18:52 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.20 18:30:33 | 000,000,546 | ---- | M] () -- C:\Users\Simon\Desktop\Powder.lnk [2012.08.20 18:28:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266864814-2457279537-2174918196-1001Core.job [2012.08.12 18:12:23 | 000,000,909 | ---- | M] () -- C:\Users\Simon\Desktop\The Sims™ 3 (no launcher).lnk [2012.08.11 20:55:19 | 000,000,930 | ---- | M] () -- C:\Users\Simon\Desktop\Slender.lnk [2012.08.11 20:31:58 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012.08.11 15:28:23 | 000,000,852 | ---- | M] () -- C:\Users\Simon\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk [2012.08.11 15:25:28 | 000,000,780 | ---- | M] () -- C:\Users\Simon\Desktop\SWAT 4.lnk [2012.08.11 15:14:39 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2012.08.11 14:35:49 | 000,000,798 | ---- | M] () -- C:\Users\Simon\Desktop\tinyandbig.lnk [2012.08.11 14:30:39 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk [2012.08.11 14:14:45 | 000,001,423 | ---- | M] () -- C:\Users\Simon\Desktop\CoJBiBGame_x86.lnk [2012.08.11 14:14:29 | 000,000,798 | ---- | M] () -- C:\Users\Simon\Desktop\JustCause2.lnk [2012.08.11 14:11:16 | 000,003,105 | ---- | M] () -- C:\Users\Simon\Desktop\FlatOut2.lnk [2012.08.09 17:04:41 | 000,000,861 | ---- | M] () -- C:\Users\Simon\Desktop\GTA EfLC.lnk [2012.08.09 16:56:07 | 000,000,304 | ---- | M] () -- C:\user.js [2012.08.08 20:32:02 | 000,001,954 | ---- | M] () -- C:\Users\Simon\Desktop\DAEMON Tools Lite.lnk [2012.08.08 20:31:34 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.08.08 17:39:50 | 000,036,906 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2012.08.08 17:39:39 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2012.08.08 17:15:03 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.08.08 17:10:35 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.08.08 17:10:35 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2012.08.23 13:48:01 | 000,092,672 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@ [2012.08.23 13:48:00 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@ [2012.08.23 13:47:54 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@ [2012.08.23 11:15:54 | 104,747,107 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.08.22 13:22:58 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012.08.22 13:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012.08.22 13:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012.08.22 12:36:57 | 000,080,896 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000064.@ [2012.08.22 12:36:32 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000000.@ [2012.08.22 12:36:04 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000004.@ [2012.08.22 09:48:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012.08.22 09:30:32 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.21 10:33:51 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2012.08.21 09:21:09 | 000,000,000 | -H-- | C] () -- C:\Users\Simon\AppData\Roaming\winbras.sys [2012.08.20 18:30:19 | 000,000,546 | ---- | C] () -- C:\Users\Simon\Desktop\Powder.lnk [2012.08.20 18:28:04 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\L\00000004.@ [2012.08.12 18:12:23 | 000,000,909 | ---- | C] () -- C:\Users\Simon\Desktop\The Sims™ 3 (no launcher).lnk [2012.08.11 20:54:55 | 000,000,930 | ---- | C] () -- C:\Users\Simon\Desktop\Slender.lnk [2012.08.11 20:31:58 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2012.08.11 15:28:23 | 000,000,852 | ---- | C] () -- C:\Users\Simon\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk [2012.08.11 15:25:28 | 000,000,780 | ---- | C] () -- C:\Users\Simon\Desktop\SWAT 4.lnk [2012.08.11 14:35:36 | 000,000,798 | ---- | C] () -- C:\Users\Simon\Desktop\tinyandbig.lnk [2012.08.11 14:30:39 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2012.08.11 14:30:39 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk [2012.08.11 14:14:12 | 000,001,423 | ---- | C] () -- C:\Users\Simon\Desktop\CoJBiBGame_x86.lnk [2012.08.11 14:14:12 | 000,000,798 | ---- | C] () -- C:\Users\Simon\Desktop\JustCause2.lnk [2012.08.11 14:11:16 | 000,003,105 | ---- | C] () -- C:\Users\Simon\Desktop\FlatOut2.lnk [2012.08.09 17:04:32 | 000,000,861 | ---- | C] () -- C:\Users\Simon\Desktop\GTA EfLC.lnk [2012.08.09 16:56:06 | 000,000,304 | ---- | C] () -- C:\user.js [2012.08.08 20:32:02 | 000,001,954 | ---- | C] () -- C:\Users\Simon\Desktop\DAEMON Tools Lite.lnk [2012.08.08 17:41:49 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.08.08 17:39:37 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.08.08 17:39:35 | 000,036,906 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012.08.08 17:22:12 | 000,002,452 | ---- | C] () -- C:\Users\Simon\Desktop\Google Chrome.lnk [2012.08.08 17:17:41 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266864814-2457279537-2174918196-1001UA.job [2012.08.08 17:17:41 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266864814-2457279537-2174918196-1001Core.job [2012.08.08 17:11:16 | 000,000,017 | ---- | C] () -- C:\Users\Simon\AppData\Local\resmon.resmoncfg [2012.08.08 17:11:14 | 000,001,443 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.08.08 17:11:14 | 000,001,409 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.08.08 17:11:14 | 000,001,063 | ---- | C] () -- C:\Users\Simon\Desktop\InfraRecorder.lnk [2012.08.06 17:05:02 | 000,002,623 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KCS Fernwartung.lnk [2012.08.06 17:04:53 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012.08.06 17:04:52 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012.08.06 17:04:52 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2012.08.06 17:04:48 | 000,015,416 | ---- | C] () -- C:\Windows\SysNative\drivers\ASACPI.sys [2012.08.06 16:50:02 | 2133,417,983 | -HS- | C] () -- C:\hiberfil.sys [2012.05.10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.26 12:37:10 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.26 12:37:10 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.04.26 12:37:09 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@ [2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@ [2012.01.13 15:27:07 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.13 14:35:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin < End of report > und hier der zweite von OTLOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.08.2012 13:52:31 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Simon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,34% Memory free
15,96 Gb Paging File | 14,15 Gb Available in Paging File | 88,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,00 Gb Total Space | 126,34 Gb Free Space | 63,17% Space Free | Partition Type: NTFS
Drive D: | 265,76 Gb Total Space | 219,34 Gb Free Space | 82,53% Space Free | Partition Type: NTFS
Drive G: | 2,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SIMO-PC | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0CB2E2BC-A312-5821-C5C7-A295A1BEFD08}" = AMD Catalyst Install Manager
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21D0374C-C358-0748-CAF9-7CBE65EB6FFF}" = AMD Fuel
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{2C22EA92-CB30-4932-0052-000001000000}" = InfraRecorder 0.52 (x64 edition)
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{42A2440F-7A5D-6956-3EF0-815814399EAA}" = AMD Accelerated Video Transcoding
"{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{572788F2-0AB7-FA0E-6E91-B98044F4B7E6}" = AMD Media Foundation Decoders
"{82EE86D9-60B9-1025-9960-97E9B7C7B4B4}" = AMD Drag and Drop Transcoding
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A108BD40-0A8C-4385-8874-74C4B6086CC3}" = AVG 2012
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All
"{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = AMD VISION Engine Control Center
"{25D56EF8-ED54-41F2-B3AB-C62F76A54E1E}" = KCService.de Fernwartung
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E9B398A-8F39-410C-8200-7F5289CD7B02}_is1" = The Sims 3 Ultimate Bundle
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5D58EACA-0317-4CFF-9E13-53CCD525DE32}" = Catalyst Control Center InstallProxy
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = Installer
"{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BabylonToolbar" = Babylon toolbar on IE
"DAEMON Tools Lite" = DAEMON Tools Lite
"foobar2000" = foobar2000 v1.1.13
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}" = SWAT 4 - The Stetchkov Syndicate
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"Just Cause 2_is1" = Just Cause 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"SpeedFan" = SpeedFan (remove only)
"Tiny and Big - Grandpas Leftovers" = Tiny and Big - Grandpa's Leftovers (remove only)
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.08.2012 07:07:55 | Computer Name = Simo-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
aswSP. System Error: Das System kann die angegebene Datei nicht finden. .
Error - 22.08.2012 07:07:55 | Computer Name = Simo-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
avast! Network Shield Support. System Error: Das System kann die angegebene Datei
nicht finden. .
Error - 22.08.2012 08:43:16 | Computer Name = Simo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x72c Startzeit der fehlerhaften Anwendung: 0x01cd8040090cf92d
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
f15c4aee-ec56-11e1-b125-c86000a4d034
Error - 22.08.2012 14:57:13 | Computer Name = Simo-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.08.2012 15:31:24 | Computer Name = Simo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x430 Startzeit der fehlerhaften Anwendung: 0x01cd8097ba6a2743
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
f53b0255-ec8f-11e1-b329-c86000a4d034
Error - 23.08.2012 05:06:21 | Computer Name = Simo-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.08.2012 05:09:24 | Computer Name = Simo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x7c0 Startzeit der fehlerhaften Anwendung: 0x01cd810e5ac3c2e0
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
3b1c694e-ed02-11e1-8ca0-c86000a4d034
Error - 23.08.2012 05:11:48 | Computer Name = Simo-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.08.2012 07:46:25 | Computer Name = Simo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4fd626ed Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x7cc Startzeit der fehlerhaften Anwendung: 0x01cd810f1b8864a1
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
2aae064f-ed18-11e1-bc8a-c86000a4d034
Error - 23.08.2012 07:48:57 | Computer Name = Simo-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 23.08.2012 05:10:15 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPsec-Richtlinien-Agent" ist vom Dienst "Basisfiltermodul"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 23.08.2012 05:10:17 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 23.08.2012 05:10:38 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 23.08.2012 05:10:38 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 23.08.2012 07:46:30 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 23.08.2012 07:47:27 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 23.08.2012 07:47:27 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPsec-Richtlinien-Agent" ist vom Dienst "Basisfiltermodul"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 23.08.2012 07:47:30 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 23.08.2012 07:47:55 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 23.08.2012 07:47:55 | Computer Name = Simo-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
< End of report >
so hoffe das das alles richtig is und das mir geholfen werden kann |
|
23.08.2012, 18:17
| #4 |
| /// Helfer-Team | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.03 01:00:00 | 000,000,048 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\Shell - "" = AutoRun
O33 - MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\Shell\AutoRun\command - "" = F:\autorun.exe
[2012.08.22 14:42:37 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\AVG2012
[2012.08.20 18:28:04 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\L\00000004.@
[2012.08.23 13:48:01 | 000,092,672 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@
[2012.08.23 13:48:00 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@
[2012.08.23 13:47:54 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@
[2012.08.22 12:36:57 | 000,080,896 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000064.@
[2012.08.22 12:36:32 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000000.@
[2012.08.22 12:36:04 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000004.@
[2012.08.11 14:30:48 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\foobar2000
[2012.08.11 14:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2012.08.11 14:30:39 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2012.08.08 17:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Extensions
[2012.08.08 17:41:52 | 000,564,654 | ---- | M] () (No name found) -- C:\USERS\SIMON\APPDATA\Roaming\THUNDERBIRD\PROFILES\539KOSAI.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI
[2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Thunderbird
[2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Thunderbird
[2012.08.08 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Mozilla
[2012.08.08 17:41:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.08.08 17:17:39 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Google
[2012.08.08 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Deployment
[2012.08.08 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Apps
[2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@
[2012.01.13 15:53:37 | 000,002,048 | -HS- | C] () -- C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@
:Files
C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\
C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\
C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
|
24.08.2012, 09:24
| #5 |
| | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus hier is die log nachdem ich den code eingegeben habe und den pc neustarten musste : All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. Registry value HKEY_USERS\S-1-5-21-4266864814-2457279537-2174918196-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File move failed. G:\autorun.inf scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74fcc52b-e185-11e1-a48f-c86000a4d034}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74fcc52b-e185-11e1-a48f-c86000a4d034}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74fcc52b-e185-11e1-a48f-c86000a4d034}\ not found. File F:\autorun.exe not found. C:\Users\Simon\AppData\Roaming\AVG2012\cfgall folder moved successfully. C:\Users\Simon\AppData\Roaming\AVG2012 folder moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\L\00000004.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000064.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000000.@ moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000004.@ moved successfully. C:\Users\Simon\AppData\Roaming\foobar2000\playlists folder moved successfully. C:\Users\Simon\AppData\Roaming\foobar2000\index-data folder moved successfully. C:\Users\Simon\AppData\Roaming\foobar2000\configuration folder moved successfully. C:\Users\Simon\AppData\Roaming\foobar2000 folder moved successfully. C:\Program Files (x86)\foobar2000\themes folder moved successfully. C:\Program Files (x86)\foobar2000\icons folder moved successfully. C:\Program Files (x86)\foobar2000\components folder moved successfully. C:\Program Files (x86)\foobar2000 folder moved successfully. C:\Users\Public\Desktop\foobar2000.lnk moved successfully. C:\Users\Simon\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\USERS\SIMON\APPDATA\Roaming\THUNDERBIRD\PROFILES\539KOSAI.DEFAULT\EXTENSIONS\TBTESTPILOT@LABS.MOZILLA.COM.XPI moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\TestPilotExperimentFiles folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\minidumps folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\Mail\pop.googlemail.com folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\Mail\Local Folders folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\Mail folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default\extensions folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles\539kosai.default folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Profiles folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird\Crash Reports folder moved successfully. C:\Users\Simon\AppData\Roaming\Thunderbird folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\startupCache folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\F folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\E folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\D folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\C folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\B folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\A folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\9 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\8 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\7 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\6 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\5 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\4 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\3 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\2 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\1\A9 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\1 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\0\A4 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache\0 folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default\Cache folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles\539kosai.default folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird\Profiles folder moved successfully. C:\Users\Simon\AppData\Local\Thunderbird folder moved successfully. C:\Users\Simon\AppData\Roaming\Mozilla folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\uninstall folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\searchplugins folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\isp folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\extensions folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\distribution\extensions folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\distribution folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\defaults\pref folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\defaults\messenger folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\defaults folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\components folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\chrome\icons\default folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\chrome\icons folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird\chrome folder moved successfully. C:\Program Files (x86)\Mozilla Thunderbird folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Install folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\21.0.1180.83 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.115 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\Download folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\1.3.21.115 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update\1.3.21.111 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Update folder moved successfully. C:\Users\Simon\AppData\Local\Google\CrashReports folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Temp folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\SwiftShader folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#Totaljerkface.com - Home Of Happy Wheels - Index folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#gofeminin.de : Trends, Beauty, Astro, Schlankheit, Tests, Quiz... folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#mochiads.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#maps-4-u.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#mail.google.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#heias.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#chatroulette.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys\#chat.chatbuzzy.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.totaljerkface.com\media\games\hwpreloader.swf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.totaljerkface.com\media\games folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.totaljerkface.com\media folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\Totaljerkface.com - Home Of Happy Wheels - Index folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.gofeminin.de\world\communaute\video\mp4player.swf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.gofeminin.de\world\communaute\video folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.gofeminin.de\world\communaute folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\www.gofeminin.de\world folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\gofeminin.de : Trends, Beauty, Astro, Schlankheit, Tests, Quiz... folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\vox-static.liverail.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\s.ytimg.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\mochiads.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\maps-4-u.com\lso.swf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\maps-4-u.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\mail.google.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\heias.com\x\heias_sc.swf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\heias.com\x folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\heias.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\chatroulette.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\chat.chatbuzzy.com\Scriptolution2.swf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN\chat.chatbuzzy.com folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\9666LEKN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\VWFY8FVG folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Pepper Data folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Media Cache folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_TW folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_CN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\tr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ru folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_PT folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_BR folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\nl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ko folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ja folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\it folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\id folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\hu folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\fr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es_419 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\en folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\de folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\da folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\cs folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\lib folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\js folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\css folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\icons folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extension State folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\databases\http_a.affil.io_0 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\databases folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\User Data folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\Dictionaries folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\VisualElements folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\Locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\Installer folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83\default_apps folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.83 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\VisualElements folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\Locales folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\Installer folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\Extensions folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79\default_apps folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application\21.0.1180.79 folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome\Application folder moved successfully. C:\Users\Simon\AppData\Local\Google\Chrome folder moved successfully. C:\Users\Simon\AppData\Local\Google folder moved successfully. C:\Users\Simon\AppData\Local\Deployment folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\ZNEDAC54.G62\9W981DA6.2L5\manifests folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\ZNEDAC54.G62\9W981DA6.2L5\goog...app_4fe91ede9f9bdca3_0001.0003_463523b0f72dfa64 folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\ZNEDAC54.G62\9W981DA6.2L5\clic...exe_4fe91ede9f9bdca3_0001.0003_none_8152382b64d98ef8 folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\ZNEDAC54.G62\9W981DA6.2L5 folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\ZNEDAC54.G62 folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\Data\D3PWNO2Y.P8V\G0XO6R0O.PCK\goog...app_4fe91ede9f9bdca3_0001.0003_463523b0f72dfa64\Data folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\Data\D3PWNO2Y.P8V\G0XO6R0O.PCK\goog...app_4fe91ede9f9bdca3_0001.0003_463523b0f72dfa64 folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\Data\D3PWNO2Y.P8V\G0XO6R0O.PCK folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\Data\D3PWNO2Y.P8V folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0\Data folder moved successfully. C:\Users\Simon\AppData\Local\Apps\2.0 folder moved successfully. C:\Users\Simon\AppData\Local\Apps folder moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@ moved successfully. C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\@ moved successfully. ========== FILES ========== C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U folder moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\L folder moved successfully. Folder move failed. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0} scheduled to be moved on reboot. Folder move failed. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U scheduled to be moved on reboot. Folder move failed. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0} scheduled to be moved on reboot. C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U folder moved successfully. C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\L folder moved successfully. C:\Users\Simon\AppData\Local\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0} folder moved successfully. < ipconfig /flushdns /c > Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. C:\Users\Simon\Desktop\cmd.bat deleted successfully. C:\Users\Simon\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 443172 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Simon ->Temp folder emptied: 445687671 bytes ->Temporary Internet Files folder emptied: 26190296 bytes ->Flash cache emptied: 492 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 13200712 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 556 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 463,00 mb OTL by OldTimer - Version 3.2.58.1 log created on 08242012_101858 Files\Folders moved on Reboot... File\Folder G:\autorun.inf not found! C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U folder moved successfully. C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0} folder moved successfully. File\Folder C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U not found! C:\Users\Simon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... nun hat sich nach dem fix mit OTL der windows befehlsprozessor geöffnet und ich konnte den nicht schließen. Habe den pc neugestartet und nun öfnet der sich nichtmehr (zum glück) ist das normal? |
|
24.08.2012, 15:50
| #6 |
| /// Helfer-Team | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus Sehr gut!  Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 2. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus |
|
27.08.2012, 10:06
| #7 |
| | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus oh oh ich dachte ich sei den virus los aber malewarebytes hat scho wieder 3 dateien gefunden  hier die log:Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.08.27.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Simon :: SIMO-PC [Administrator] 27.08.2012 10:41:04 mbam-log-2012-08-27 (11-03-49).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 326609 Laufzeit: 22 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@ (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@ (Rootkit.0Access) -> Keine Aktion durchgeführt. (Ende) und hier adw datei: # AdwCleaner v1.801 - Logfile created 08/27/2012 at 11:05:54 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Simon - SIMO-PC # Boot Mode : Normal # Running from : C:\Users\Simon\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Simon\AppData\Local\AVG Secure Search Folder Found : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Found : C:\Users\Simon\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\Simon\AppData\Roaming\Babylon Folder Found : C:\Users\Simon\AppData\Roaming\BabylonToolbar Folder Found : C:\ProgramData\AVG Secure Search Folder Found : C:\ProgramData\Babylon Folder Found : C:\Program Files (x86)\AVG Secure Search Folder Found : C:\Program Files (x86)\BabylonToolbar Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search File Found : C:\user.js ***** [Registry] ***** Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\IGearSettings Key Found : HKLM\SOFTWARE\AVG Secure Search Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\BabylonToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\b Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] [x64] Key Found : HKCU\Software\AVG Secure Search [x64] Key Found : HKCU\Software\BabylonToolbar [x64] Key Found : HKCU\Software\IGearSettings [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI [x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 [x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj [x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 [x64] Key Found : HKLM\SOFTWARE\Classes\b [x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd [x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 [x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore [x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 [x64] Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol [x64] Key Found : HKLM\SOFTWARE\Classes\S [x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE [x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=112555&tt=3212_3&babsrc=HP_ss&mntrId=10741c28000000000000c86000a4d034 -\\ Google Chrome v21.0.1180.83 File : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "description": "AVG Secure Search", Found : "name": "AVG Secure Search", Found : "default_icon": "browser_icon_babylon48.png", Found : "default_title": "Babylon Toolbar" Found : "description": "Babylon ToolBar", Found : "128": "babylon48.png", Found : "48": "babylon48.png" Found : "name": "Babylon Toolbar", Found : "path": "BabylonChromeToolBar.dll", Found : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml", Found : "name": "Babylon ToolBar", Found : "path": "C:\\Users\\Simon\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\[...] Found : "name": "Babylon ToolBar" Found : "path": "C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\12.[...] ************************* AdwCleaner[R1].txt - [14340 octets] - [27/08/2012 11:05:54] ########## EOF - C:\AdwCleaner[R1].txt - [14469 octets] ########## mhhh das is jez blöd weil die dateien erst eigentlich weg waren aber der pc läuft super |
|
27.08.2012, 11:03
| #8 | |
| /// Helfer-Team   | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virusZitat:
Sie sind dort NICHT mehr aktiv - können gefahrlos analysiert weden oder aber entsorgt werden . Rajo - nur kurz hier >> FYI :-) |
|
27.08.2012, 18:17
| #9 |
| /// Helfer-Team | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus Kollege Rajo hat recht  Sehr gut!
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
27.08.2012, 19:52
| #10 |
| | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus okey ich glaub euch profis mal weil ich davon sowiso kein plan hab aber ich glaub das adw ein paar symbole von programen gelöscht hat zb. mbam gta iv thunderbird und google chrome is zwar kein problem wollte es nur erwähnen. Außerdem sieht das system 2 trainer ( von cod 2 und just cause 2 ) als virus und sie sind es nicht so hier is die textdatei vom löschen unter adw: # AdwCleaner v1.801 - Logfile created 08/27/2012 at 11:09:07 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Simon - SIMO-PC # Boot Mode : Normal # Running from : C:\Users\Simon\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Simon\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Deleted : C:\Users\Simon\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Simon\AppData\Roaming\Babylon Folder Deleted : C:\Users\Simon\AppData\Roaming\BabylonToolbar Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\Program Files (x86)\AVG Secure Search Folder Deleted : C:\Program Files (x86)\BabylonToolbar Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search File Deleted : C:\user.js ***** [Registry] ***** Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKLM\SOFTWARE\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\b Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=112555&tt=3212_3&babsrc=HP_ss&mntrId=10741c28000000000000c86000a4d034 --> hxxp://www.google.com -\\ Google Chrome v21.0.1180.83 File : C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "description": "AVG Secure Search", Deleted : "name": "AVG Secure Search", Deleted : "default_icon": "browser_icon_babylon48.png", Deleted : "default_title": "Babylon Toolbar" Deleted : "description": "Babylon ToolBar", Deleted : "128": "babylon48.png", Deleted : "48": "babylon48.png" Deleted : "name": "Babylon Toolbar", Deleted : "path": "BabylonChromeToolBar.dll", Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml", Deleted : "name": "Babylon ToolBar", Deleted : "path": "C:\\Users\\Simon\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\[...] Deleted : "name": "Babylon ToolBar" Deleted : "path": "C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\12.[...] ************************* AdwCleaner[R1].txt - [14345 octets] - [27/08/2012 11:05:54] AdwCleaner[S1].txt - [11324 octets] - [27/08/2012 11:09:07] ########## EOF - C:\AdwCleaner[S1].txt - [11453 octets] ########## und hier von emisoft : Emsisoft Anti-Malware - Version 6.6 Letztes Update: 27.08.2012 20:30:25 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\, I:\ Archiv Scan: An ADS Scan: An Scan Beginn: 27.08.2012 20:30:47 D:\SQUARE ENIX - Eidos Interactive\Just Cause 2\Just Cause 2 v1.0.0.1 + 15 Trainer.exe gefunden: Trojan.Win32.CheatEngine.AMN!E1 c:\users\simon\appdata\roaming\windrvconfig.txt gefunden: Trace.File.agent!E1 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000004.@ gefunden: Trojan.Win64.Sirefef.AMN!E1 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000000.@ gefunden: Backdoor.Win64.AMN!E1 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\00000008.@ gefunden: Trojan.Win32.Sirefef!E1 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\000000cb.@ gefunden: Backdoor.Win32.ZAccess.AMN!E1 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000064.@ gefunden: Trojan.Win64!E2 C:\_OTL\MovedFiles\08242012_101858\C_Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\U\80000032.@ gefunden: Trojan.Win32.Alureon!E2 C:\Windows\assembly\GAC_64\Desktop.ini gefunden: Trojan.Win64!E2 C:\Windows\assembly\GAC_32\Desktop.ini gefunden: Trojan.Win32.Sirefef!E2 C:\Users\Simon\Downloads\FlatOut2_Trainer+2.zip -> pdtrain.exe gefunden: Virus.Win32.Hupigon.LZC!E2 C:\Users\Simon\Downloads\jc2v1001p11-deviated.zip -> DEViATED.exe gefunden: Trojan.SuspectCRC!E2 C:\Users\Simon\Downloads\just_cause_2_-_all_-_v1.0.0.1___23_trainer_ces-lingon.zip -> Just Cause 2 - All - v1.0.0.1 + 23 Trainer CES-LinGon\Just Cause 2 v1.0.0.1 -DLC + 23 Trainer.exe gefunden: Trojan-Clicker.ANXR!E2 C:\Users\Simon\Downloads\just_cause_2_-_all_-_v1.0.0.1___23_trainer_ces-lingon.zip -> Just Cause 2 - All - v1.0.0.1 + 23 Trainer CES-LinGon\Just Cause 2 v1.0.0.1 -SR Only + 23 Trainer.exe gefunden: Trojan-Clicker.Win32.VBiframe!E2 D:\Activision\Call of Duty 2\CoD2SP_s.exe gefunden: Riskware.Crack.CoD2!E2 D:\Activision\Call of Duty 2\iRRM_CoD2_Trainer.exe gefunden: Trojan-Proxy.Win32.Small.DT!E2 D:\$RECYCLE.BIN\S-1-5-21-4266864814-2457279537-2174918196-1001\$R8MRX5C.exe gefunden: Trojan-Clicker.Win32.VBiframe!E2 D:\$RECYCLE.BIN\S-1-5-21-4266864814-2457279537-2174918196-1001\$R5CSKVX.exe gefunden: Trojan.SuspectCRC!E2 D:\$RECYCLE.BIN\S-1-5-21-4266864814-2457279537-2174918196-1001\$RTCZPES.exe gefunden: Trojan-Clicker.ANXR!E2 I:\VanHelsing - Call of Duty deutsch beachten - 23\Crack\CoD2SP_s.exe gefunden: Riskware.Crack.CoD2!E2 Gescannt 580034 Gefunden 20 Scan Ende: 27.08.2012 20:46:02 Scan Zeit: 0:15:15 |
|
28.08.2012, 16:03
| #11 |
| /// Helfer-Team | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus Die Benutzung von Cracks und Keygens ist illegal und verstoesst gegen unseren Kodex. Schon mal darueber nachgedacht, warum es Cracks gibt? Mit Cracks & Co installiert man sich Hintertueren auf dem Rechner. Kriminelle nutzen solche Rechner als Botnetz fuer ihre Machenschaften. Dein System ist als nicht vertrauenswuerdig einzustufen und du solltest keine sensiblen Sachen wie Homebanking an dem PC betreiben. Anleitungen zum Neuaufsetzen (bebildert) > Windows 7 neu aufsetzen > Vista > XP 1. Datenrettung:
2. Formatieren, Windows neu instalieren:
3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. |
|
29.08.2012, 08:33
| #12 |
| | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus Nur ums klarzustellen ich benutze keinesfalls cracks bei spielen es sind trainer und das sind cheating programme . Außersem ist es ein reiner gaming pc für meine zwecke und nicht für banking oä gedacht . Und jetzt noch ne frage: tut es nach dem vollständigen entfernens des trojaners wirklich not den pc neu aufzusetzen ?? Das hätte ich auch sofort selber machen können und hätte nich langwierig alle virenprogramme gedownloaded und angewendet . Und ich bitte um eine ernste antwort ( |
|
29.08.2012, 20:11
| #13 | |
| /// Helfer-Team | C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virusZitat:
Setze die Kiste neu auf, du hast ein Rootkit auf dem System. Willst du die Polizei vor der Tuer stehen haben, weil jemand mit Deinem PC Straftaten begeht? |
|
| Themen zu C:\Windows\Installer\{186ebdc5-ab8b-9ec9-f05a-9114f54dd4b0}\u\\00000008.@ virus |
| 00000008.@, angeklickt, befindet, bild, c:\windows, datei, durchgeführt, endung, facebook, facebook trojaner link, frage, fragen, geklickt, gestern, installer, jpg, link, link angeklickt, malewarebytes, scan, verzeichnis, virus, virus auf dem pc, windows |
