| |
| |||||||
Log-Analyse und Auswertung: Antivir: 'TR/Jorik.Bublik.cq' freenet.de SpamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.06.2013, 10:55
| #1 |
 |  Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Hallo, meine Mutter bekam eine Mail von "Freenet", mit zip Anhang. Betreff: "Fw_ Ihre DSL-Rechnung der freenet Breitband GmbH - Rechnungsnummer 53865320" Im Zip File war eine Exe namens "Ihre Rechnung.zip". Die Datei habe ich wie hier beschrieben: http://www.trojaner-board.de/136354-...schaltung.html an virus@trojaner-board.de geschickt. Und Markus kontaktiert per Mail. Meine Mutter hat versucht die Exe auszuführen :-( Avira hat laut Ereignislog den Zugriff verweigert. Wie muss ich vorgehen, um sicher zu gehen? Danke |
|
12.06.2013, 11:13
| #2 |
| /// the machine /// TB-Ausbilder    | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Hi,
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ |
|
12.06.2013, 12:33
| #3 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Extras
__________________Code:
ATTFilter OTL Extras logfile created on: 12.06.2013 13:05:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UP\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,50 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,57% Memory free
4,99 Gb Paging File | 3,63 Gb Available in Paging File | 72,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,87 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B598A0-FED6-49FC-894E-3A65D06775C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A8F6D4F-AA61-4E4B-A4B6-E2CDDE9F6D45}" = rport=139 | protocol=6 | dir=out | app=system |
"{14A3D595-7DF8-452D-89FD-B9FC89E150A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16230073-52E9-44C0-BF23-9B752EA80E72}" = lport=137 | protocol=17 | dir=in | app=system |
"{36BD00FA-7A87-4492-AB23-23F6FAD154D6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3716BAF1-D37A-4979-AEAB-8B605AB65BF3}" = lport=3389 | protocol=6 | dir=in | app=system |
"{372EF30E-C0F9-4251-991B-A29B23D98436}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45A94CA0-0AC1-42DC-BA2B-EF87CC0D07E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A7F40A3-AAAF-4FAD-A45A-1B5628DC2571}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EEF8DA1-841D-4495-91E8-7EB085784C0F}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{63258CC0-832C-4AB7-A7D2-50D2F2BCC080}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68AE022E-CA35-4B01-868B-D2150703E790}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863A44E2-22F0-4DF6-919C-6C2CA1CD34C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8656AD80-0578-440A-B772-D2509EFD2DC2}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C343E14-CF79-4D15-A243-AFFA698249BE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8FD6EF72-21B7-4E0D-A971-CB1F6FAA2A5E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94C4491A-442E-427F-B597-CB410736009D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B696B67-A6E2-4A7D-9D04-D4B1B23CFF05}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A24533D4-90D1-4CF2-8542-40DC44576720}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A98271EA-6280-40B3-A256-BDFB4CD67AF2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B124F087-60B4-4559-8D31-B6472931001E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B12C3F56-5206-4EE9-A754-7224D08A0986}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7A0453E-0244-44E0-BEAC-2A29CDF646DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8DB6202-A501-441D-B8AD-7CDF3197D201}" = rport=445 | protocol=6 | dir=out | app=system |
"{BC3BC357-26C7-4EF5-AC16-4F543DBEC606}" = lport=138 | protocol=17 | dir=in | app=system |
"{DBC6B725-70D0-4FA9-8146-EF492DCF885B}" = rport=138 | protocol=17 | dir=out | app=system |
"{F2113536-7060-45CA-B437-EB5775A303C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD9F59EC-C536-4BBC-B1A8-B8FE46F44487}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06097CEE-C0D7-4993-91F6-046F49F46B10}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{0ABE0379-697F-43BD-B568-341514D34EA7}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{0FDBBB99-6991-4B25-BDB0-002982CD7F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22A9353B-A1A1-41AC-B63B-76C22AFBBCAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{250D6FA2-4DB7-49FD-A365-E1246E9B563F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F7591B7-5336-4AC9-83A5-E54357846011}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{331E0B20-26F5-4EE8-9EBD-B57548857648}" = protocol=6 | dir=out | app=system |
"{3A576EA8-71D1-4C44-89F7-4E0E3C7A993A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BB4C5B3-364F-400D-B5B9-F15000A99194}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3EB61444-7A3F-49BA-97BB-CDE123236518}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3FEF6BAF-9746-4458-BEF0-8A9A7DC93221}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41943D30-A712-485E-BB37-70066E57F17D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{571BA441-9B02-4544-A10D-137C34A3B436}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5B77DB1F-C866-4741-A097-5A049F6773B5}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{6CEB4F73-5BF9-45BE-A8BB-10D17452D259}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{71A84D4F-0B2D-417A-8232-FB79BB852E48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7716839E-9634-40B4-8429-B9E030C5F11F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{840916D8-F5EC-4465-8653-05698E2C7163}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85CEBB8C-10C4-4BCC-86DB-7FA32EAF5F74}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{8D07BD8B-2D26-43EB-923C-C05A0C13E6BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91CD68C6-0A16-4B46-956F-3A9B21A94B5C}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"{9393AED4-C0E1-4B0B-B5CC-ABE673B7CDBE}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{9B5CF10C-AACA-4266-8C56-89F5D715F779}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EA5C179-E75D-4C80-ABF7-FD3E22A65E02}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C2B7F119-34EB-4BA1-B963-4A6E9BC5E663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C998B17E-9358-4853-ACBC-3491ED27C966}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D1665D45-A4DB-4A5F-AAE5-1697BE4AC23B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D467D9BA-B5E7-43A6-896E-FB3003431623}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E0AD0BB6-CB5C-4346-A83D-5A06440B56A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F08E0C64-58B7-465C-A8BB-690B1FB9CA1A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{F6ACE780-7335-4CDA-90CF-8A7FD4D9B166}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"TCP Query User{B92153E0-DAF4-40B9-AD7C-9EAC0CCD03A5}C:\program files\jfritz\jfritz.exe" = protocol=6 | dir=in | app=c:\program files\jfritz\jfritz.exe |
"UDP Query User{D0D9DCB7-6EE4-4723-BAAA-B7FA2EBC723F}C:\program files\jfritz\jfritz.exe" = protocol=17 | dir=in | app=c:\program files\jfritz\jfritz.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022D2599-2316-4927-89F1-9188894CEB02}" = StarMoney
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}" = AMD Catalyst Install Manager
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{66CDB4B8-10A9-4D47-A948-D2564035AB3E}" = StarMoney 7.0
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B594A3F-FDF9-74A0-B3F6-C2E7B6AA339F}" = AMD Media Foundation Decoders
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98D77F94-61D8-0C3A-85E9-E588471956EB}" = AMD Accelerated Video Transcoding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6273C55-5524-4587-A655-D106125E7A41}" = CashMaster V1.40.021
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF595A9D-325A-0B86-4BFA-F2D90553A9FC}" = AMD Drag and Drop Transcoding
"{AF5B3ED5-70D3-48CF-A00F-FC29F5261A37}_is1" = JFritz 0.7.4.1.32
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1A70A4D-549B-4C56-9C00-EF55A22E52B6}" = StarMoney
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CBFDA5B8-3190-3CC6-A4B7-D27B3B48D72C}" = AMD Steady Video Plug-In
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DBE146EB-0898-4CDC-AABA-DCCA86659633}" = StarMoney 8.0
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2250DN
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{EA6451EA-DCCA-21BC-3BFE-018E1C43F0F4}" = AMD Fuel
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F314861D-F02B-07F6-612E-C51B1DA80EA4}" = ccc-utility
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Foxit Reader_is1" = Foxit Reader 5.0
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TeamViewer 7" = TeamViewer 7
"WeatherBlinkbar Uninstall" = WeatherBlink Toolbar
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.05.2013 02:49:48 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:49:48.752]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:51:01 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:51:01.756]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:52:18 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:52:18.014]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:53:31 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:53:31.022]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:54:42 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:54:42.059]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:55:54 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:55:54.522]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:57:07 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:57:07.514]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:58:18 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:58:18.510]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 02:59:30 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:59:30.520]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 03:00:41 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 09:00:41.687]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
Error - 14.05.2013 03:01:52 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 09:01:52.511]: [00001248]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.178.27]
[ System Events ]
Error - 06.04.2013 02:56:51 | Computer Name = UP-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Audio" ist vom Dienst "Windows-Audio-Endpunkterstellung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1053
Error - 06.04.2013 02:56:52 | Computer Name = UP-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Aufgabenplanung" ist vom Dienst "Windows-Ereignisprotokoll"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1053
Error - 11.04.2013 13:54:32 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 25.04.2013 14:36:06 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 16.05.2013 13:28:31 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 17.05.2013 12:41:38 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 18.05.2013 08:52:24 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 21.05.2013 12:22:05 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
Error - 21.05.2013 12:26:01 | Computer Name = UP-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 21.05.2013 12:32:21 | Computer Name = UP-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?05.?2013 um 18:30:08 unerwartet heruntergefahren.
< End of report >
Code:
ATTFilter OTL logfile created on: 12.06.2013 13:05:28 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UP\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,50 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,57% Memory free 4,99 Gb Paging File | 3,63 Gb Available in Paging File | 72,81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 68,87 Gb Free Space | 70,59% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS Computer Name: UP-PC | User Name: UP | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\UP\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\WeatherBlink\bar\1.bin\gcSrchMn.exe (MindSpark) PRC - C:\Programme\WeatherBlink\bar\1.bin\gcbarsvc.exe (COMPANYVERS_NAME) PRC - C:\Programme\WeatherBlink\bar\1.bin\gcbrmon.exe (VER_COMPANY_NAME) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) PRC - C:\Programme\JFritz\jfritz.exe () PRC - C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Java\jre7\launch4j-tmp\jfritz.exe (Oracle Corporation) PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - c:\Programme\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) PRC - C:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe () PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.) PRC - C:\Programme\ICS\CashM\cashm.exe (ICS) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll () MOD - C:\Programme\JFritz\jfritz.exe () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () MOD - C:\Windows\System32\CBNDLL.DLL () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe () MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Programme\ICS\CashM\zlib.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (WeatherBlinkService) -- C:\Programme\WeatherBlink\bar\1.bin\gcbarsvc.exe (COMPANYVERS_NAME) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (OxSer) -- system32\DRIVERS\OxSer.sys File not found DRV - (OxMf) -- system32\DRIVERS\OxMf.sys File not found DRV - (amdiox86) -- system32\DRIVERS\amdiox86.sys File not found DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (CBN) -- C:\Windows\System32\drivers\CBN.SYS (MARX Datentechnik GmbH ) DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (OxPPort) -- C:\Windows\System32\drivers\OxPPort.sys (OEM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 58 A5 0A 88 66 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{B699BE7C-8F35-4AD3-84EB-BE0492995952}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=4b844f41-b7cf-476c-996f-06083e5b50c2&apn_sauid=8979E394-BFA6-475E-933A-22C49F7851CB IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "My Web Search" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "My Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js..keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=" FF - user.js..extensions.toolbar.mindspark._gcMembers_.last.keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@WeatherBlink.com/Plugin: C:\Program Files\WeatherBlink\bar\1.bin\NPgcStub.dll (MindSpark) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files\WeatherBlink\bar\1.bin [2013.04.11 12:15:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 21:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Extensions [2013.04.11 12:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions [2013.04.11 12:15:21 | 000,000,000 | ---D | M] (WeatherBlink) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\gcffxtbr@WeatherBlink.com [2012.08.17 10:54:48 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\toolbar@ask.com [2012.08.17 10:54:48 | 000,002,344 | ---- | M] () -- C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\searchplugins\askcom.xml [2013.04.11 12:15:27 | 000,009,635 | ---- | M] () -- C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\searchplugins\my-web-search.xml [2013.05.25 12:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.25 12:13:58 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Search Assistant BHO) - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Programme\WeatherBlink\bar\1.bin\gcSrcAs.dll (MindSpark) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Toolbar BHO) - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Programme\WeatherBlink\bar\1.bin\gcbar.dll (MindSpark) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (WeatherBlink) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Programme\WeatherBlink\bar\1.bin\gcbar.dll (MindSpark) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WeatherBlink Browser Plugin Loader] C:\Programme\WeatherBlink\bar\1.bin\gcbrmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [WeatherBlink Search Scope Monitor] C:\Programme\WeatherBlink\bar\1.bin\gcSrchMn.exe (MindSpark) O4 - Startup: C:\Users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CashMaster starten.lnk = C:\Programme\ICS\CashM\cashm.exe (ICS) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21BD6CFD-04ED-444C-9D38-C3D31A2B486A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E89008DF-4221-49A6-B68C-2235D22BF181}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.12 10:59:23 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{EDC0E4DB-C4F5-44D6-A40C-6AE9DA7E4D8D} [2013.06.11 09:50:17 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{F3C5156A-CD98-4F77-AD61-707469E4628A} [2013.06.08 09:54:13 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{4B0557E9-2A50-4343-BA58-25659E78729D} [2013.06.07 10:45:37 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{464466BF-CBE0-44F7-B48A-2FED7387A2ED} [2013.06.06 09:11:16 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{88F1A6E4-FA5A-4AB1-993C-806BB37E8B3E} [2013.06.04 09:58:05 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{A8363911-1BC3-401D-88CF-A1C54F81DFC2} [2013.05.31 09:07:45 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{ADDBC9E0-6281-4F55-96F0-10E16F7934BB} [2013.05.29 08:50:59 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{29705585-BB3F-4372-876C-F7AC2F8574AF} [2013.05.28 09:08:20 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{0BEF41C7-DDEC-4279-A12F-FB6BECFA3B23} [2013.05.25 12:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.05.25 11:11:37 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{1204A2E7-1905-45DF-8F3E-313DE2413325} [2013.05.25 10:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.05.25 10:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2013.05.25 10:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2013.05.25 10:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.05.25 10:48:27 | 000,000,000 | ---D | C] -- C:\AMD [2013.05.24 18:38:24 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{26FCB528-0AA1-4A43-B845-54EAD6F2D8E9} [2013.05.23 10:13:53 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{A9B29610-9F63-4C2B-AF6C-F2C4ABF3E9AE} [2013.05.22 12:56:56 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{B2EF20AE-B618-43DE-ABE6-77ECA5F88BD0} [2013.05.21 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{743C10E7-51C6-4864-BF37-760861A6982B} [2013.05.17 09:16:16 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{7CE95E56-4ECD-41B2-821E-4F254C7DD535} [2013.05.16 19:26:29 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{26B47367-8F47-4B7F-9334-875B2598338A} [2013.05.15 18:19:00 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.15 18:18:58 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.15 18:18:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.15 18:18:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.05.15 18:18:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.15 18:18:56 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.15 18:18:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.05.15 18:18:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.05.15 18:18:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.05.15 18:18:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.05.15 11:05:12 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{DBFE50AD-FCAB-4063-9F8E-47AF7289286E} [2013.05.15 09:03:00 | 000,077,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_AuthenticAMD.dll [2013.05.15 09:02:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2013.05.15 09:02:58 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.15 09:02:51 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.05.15 09:02:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013.05.15 09:02:44 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2013.05.14 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{0296B5A4-6D4A-44D5-BC14-547D3369113A} ========== Files - Modified Within 30 Days ========== [2013.06.12 12:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.12 11:22:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.12 11:22:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.06.12 09:03:05 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.12 09:03:05 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.12 08:54:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.12 08:54:10 | 2010,619,904 | -HS- | M] () -- C:\hiberfil.sys [2013.06.01 08:46:49 | 000,658,988 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.01 08:46:49 | 000,620,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.01 08:46:49 | 000,132,558 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.01 08:46:49 | 000,108,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.28 17:24:00 | 000,012,579 | ---- | M] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg [2013.05.22 14:31:38 | 000,019,097 | ---- | M] () -- C:\Users\UP\Desktop\DIN-Formate.gif [2013.05.16 08:50:04 | 000,296,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.05.28 17:23:59 | 000,012,579 | ---- | C] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg [2013.05.22 14:31:37 | 000,019,097 | ---- | C] () -- C:\Users\UP\Desktop\DIN-Formate.gif [2013.03.29 04:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe [2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe [2013.03.29 03:24:06 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2013.03.29 03:24:06 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2013.03.12 07:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2013.03.04 20:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat [2013.02.01 02:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat [2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012.11.22 17:14:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2012.10.11 15:23:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012.01.06 16:08:40 | 000,000,000 | ---- | C] () -- C:\Users\UP\AppData\Roaming\JFritz.lock [2012.01.06 15:40:26 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat [2012.01.06 15:40:20 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.01.06 15:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.06.20 20:50:42 | 000,001,068 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2011.06.20 20:50:42 | 000,000,153 | ---- | C] () -- C:\Windows\brpcfx.ini [2011.06.20 20:50:22 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.06.20 20:50:22 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.06.20 20:49:32 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011.06.20 20:49:25 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll [2011.06.20 20:27:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL [2011.06.20 20:27:38 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI [2011.06.20 20:27:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT [2011.06.19 21:42:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.06.19 21:18:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.06.19 21:08:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 861 bytes -> C:\Users\UP\Documents\theo.eml:OECustomProperty < End of report > |
|
12.06.2013, 15:21
| #4 | |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de SpamCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.06.2013, 08:01
| #5 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Combofix.txt Code:
ATTFilter ComboFix 13-06-08.02 - UP 12.06.2013 16:41:02.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2557.1525 [GMT 2:00]
ausgeführt von:: c:\users\UP\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\WeatherBlink
c:\program files\WeatherBlink\bar\1.bin\BOOTSTRAP.JS
c:\program files\WeatherBlink\bar\1.bin\CHROME.MANIFEST
c:\program files\WeatherBlink\bar\1.bin\chrome\gcffxtbr.jar
c:\program files\WeatherBlink\bar\1.bin\CREXT.DLL
c:\program files\WeatherBlink\bar\1.bin\CrExtPgc.exe
c:\program files\WeatherBlink\bar\1.bin\gcauxstb.dll
c:\program files\WeatherBlink\bar\1.bin\gcbar.dll
c:\program files\WeatherBlink\bar\1.bin\gcbarsvc.exe
c:\program files\WeatherBlink\bar\1.bin\gcbprtct.dll
c:\program files\WeatherBlink\bar\1.bin\gcbrmon.exe
c:\program files\WeatherBlink\bar\1.bin\gcbrstub.dll
c:\program files\WeatherBlink\bar\1.bin\gcdatact.dll
c:\program files\WeatherBlink\bar\1.bin\gcdlghk.dll
c:\program files\WeatherBlink\bar\1.bin\gcdyn.dll
c:\program files\WeatherBlink\bar\1.bin\gcfeedmg.dll
c:\program files\WeatherBlink\bar\1.bin\gchighin.exe
c:\program files\WeatherBlink\bar\1.bin\gchkstub.dll
c:\program files\WeatherBlink\bar\1.bin\gchtmlmu.dll
c:\program files\WeatherBlink\bar\1.bin\gchttpct.dll
c:\program files\WeatherBlink\bar\1.bin\gcidle.dll
c:\program files\WeatherBlink\bar\1.bin\gcieovr.dll
c:\program files\WeatherBlink\bar\1.bin\gcimpipe.exe
c:\program files\WeatherBlink\bar\1.bin\gcmedint.exe
c:\program files\WeatherBlink\bar\1.bin\gcmlbtn.dll
c:\program files\WeatherBlink\bar\1.bin\gcmsg.dll
c:\program files\WeatherBlink\bar\1.bin\gcPlugin.dll
c:\program files\WeatherBlink\bar\1.bin\gcradio.dll
c:\program files\WeatherBlink\bar\1.bin\gcregfft.dll
c:\program files\WeatherBlink\bar\1.bin\gcreghk.dll
c:\program files\WeatherBlink\bar\1.bin\gcregiet.dll
c:\program files\WeatherBlink\bar\1.bin\gcscript.dll
c:\program files\WeatherBlink\bar\1.bin\gcskin.dll
c:\program files\WeatherBlink\bar\1.bin\gcsknlcr.dll
c:\program files\WeatherBlink\bar\1.bin\gcskplay.exe
c:\program files\WeatherBlink\bar\1.bin\gcSrcAs.dll
c:\program files\WeatherBlink\bar\1.bin\gcSrchMn.exe
c:\program files\WeatherBlink\bar\1.bin\gctpinst.dll
c:\program files\WeatherBlink\bar\1.bin\gcuabtn.dll
c:\program files\WeatherBlink\bar\1.bin\INSTALL.RDF
c:\program files\WeatherBlink\bar\1.bin\installKeys.js
c:\program files\WeatherBlink\bar\1.bin\LOGO.BMP
c:\program files\WeatherBlink\bar\1.bin\NPgcStub.dll
c:\program files\WeatherBlink\bar\1.bin\T8EXTEX.DLL
c:\program files\WeatherBlink\bar\1.bin\T8EXTPEX.DLL
c:\program files\WeatherBlink\bar\1.bin\T8HTML.DLL
c:\program files\WeatherBlink\bar\1.bin\T8RES.DLL
c:\program files\WeatherBlink\bar\1.bin\T8TICKER.DLL
c:\program files\WeatherBlink\bar\gen1\COMMON.T8S
c:\program files\WeatherBlink\bar\IE9Mesg\COMMON.T8S
c:\program files\WeatherBlink\bar\Message\COMMON.T8S
c:\program files\WeatherBlink\bar\Settings\s_pid.dat
c:\windows\system32\Temp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WeatherBlinkService
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-12 bis 2013-06-12 ))))))))))))))))))))))))))))))
.
.
2013-06-12 15:23 . 2013-06-12 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-25 08:55 . 2013-05-25 08:55 -------- d-----w- c:\programdata\ATI
2013-05-25 08:55 . 2013-05-25 08:55 -------- d-----w- c:\program files\AMD AVT
2013-05-25 08:55 . 2013-05-25 08:55 -------- d-----w- c:\program files\AMD
2013-05-25 08:48 . 2013-05-25 08:48 -------- d-----w- C:\AMD
2013-05-15 16:19 . 2013-04-05 04:29 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 07:03 . 2013-04-01 05:10 77144 ----a-w- c:\windows\system32\mcupdate_AuthenticAMD.dll
2013-05-15 07:02 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 07:02 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 07:02 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 07:02 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 07:02 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 07:02 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 07:02 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 07:02 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 09:22 . 2012-09-13 09:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 09:22 . 2012-09-13 09:59 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-14 06:48 . 2011-09-08 09:14 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 04:45 . 2013-05-15 07:02 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 07:02 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 07:14 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-03 06:59 . 2013-04-03 06:59 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-03 06:59 . 2013-04-03 06:59 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-03 06:59 . 2013-04-03 06:59 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-03 06:59 . 2013-04-03 06:59 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-03 06:59 . 2013-04-03 06:59 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-03 06:59 . 2013-04-03 06:59 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-03 06:59 . 2013-04-03 06:59 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-03 06:59 . 2013-04-03 06:59 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-03 06:59 . 2013-04-03 06:59 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-03 06:59 . 2013-04-03 06:59 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-03 06:59 . 2013-04-03 06:59 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-03 06:59 . 2013-04-03 06:59 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-03 06:59 . 2013-04-03 06:59 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-03 06:59 . 2013-04-03 06:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-03 06:59 . 2013-04-03 06:59 361984 ----a-w- c:\windows\system32\html.iec
2013-04-03 06:59 . 2013-04-03 06:59 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-03 06:59 . 2013-04-03 06:59 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-29 02:37 . 2013-03-29 02:37 71704 ----a-w- c:\windows\system32\atimpc32.dll
2013-03-29 02:37 . 2013-03-29 02:37 71704 ----a-w- c:\windows\system32\amdpcom32.dll
2013-03-29 02:37 . 2011-05-25 02:24 118584 ----a-w- c:\windows\system32\atiuxpag.dll
2013-03-29 02:37 . 2011-05-25 02:24 92304 ----a-w- c:\windows\system32\atiu9pag.dll
2013-03-29 02:37 . 2011-05-25 03:07 970912 ----a-w- c:\windows\system32\aticfx32.dll
2013-03-29 02:36 . 2011-05-25 02:58 7233336 ----a-w- c:\windows\system32\atidxx32.dll
2013-03-29 02:36 . 2011-05-25 02:50 4450264 ----a-w- c:\windows\system32\atiumdva.dll
2013-03-29 02:36 . 2011-05-25 02:39 5944264 ----a-w- c:\windows\system32\atiumdag.dll
2013-03-29 02:33 . 2013-03-29 02:33 9986048 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-03-29 02:13 . 2013-03-29 02:13 180224 ----a-w- c:\windows\system32\clinfo.exe
2013-03-29 02:13 . 2013-03-29 02:13 798734 ----a-w- c:\windows\system32\amdocl_ld32.exe
2013-03-29 02:13 . 2013-03-29 02:13 995342 ----a-w- c:\windows\system32\amdocl_as32.exe
2013-03-29 02:13 . 2013-03-29 02:13 65536 ----a-w- c:\windows\system32\OpenVideo.dll
2013-03-29 02:12 . 2013-03-29 02:12 56320 ----a-w- c:\windows\system32\OVDecode.dll
2013-03-29 02:10 . 2013-03-29 02:10 23810560 ----a-w- c:\windows\system32\amdocl.dll
2013-03-29 02:09 . 2013-03-29 02:09 50176 ----a-w- c:\windows\system32\OpenCL.dll
2013-03-29 02:00 . 2013-03-29 02:00 62976 ----a-w- c:\windows\system32\coinst_12.104.dll
2013-03-29 01:57 . 2013-03-29 01:57 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2013-03-29 01:55 . 2013-03-29 01:55 46080 ----a-w- c:\windows\system32\aticalrt.dll
2013-03-29 01:55 . 2013-03-29 01:55 44032 ----a-w- c:\windows\system32\aticalcl.dll
2013-03-29 01:51 . 2013-03-29 01:51 13703168 ----a-w- c:\windows\system32\aticaldd.dll
2013-03-29 01:48 . 2013-03-29 01:48 19870720 ----a-w- c:\windows\system32\atioglxx.dll
2013-03-29 01:35 . 2013-03-29 01:35 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-03-29 01:34 . 2013-03-29 01:34 492544 ----a-w- c:\windows\system32\atieclxx.exe
2013-03-29 01:34 . 2013-03-29 01:34 219136 ----a-w- c:\windows\system32\atiesrxx.exe
2013-03-29 01:32 . 2013-03-29 01:32 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2013-03-29 01:32 . 2013-03-29 01:32 25600 ----a-w- c:\windows\system32\atimuixx.dll
2013-03-29 01:32 . 2013-03-29 01:32 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2013-03-29 01:10 . 2013-03-29 01:10 430080 ----a-w- c:\windows\system32\atiadlxx.dll
2013-03-29 01:10 . 2013-03-29 01:10 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-03-29 01:09 . 2013-03-29 01:09 34816 ----a-w- c:\windows\system32\atigktxx.dll
2013-03-29 01:08 . 2013-03-29 01:08 463872 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-03-29 01:07 . 2013-03-29 01:07 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-03-19 05:04 . 2013-04-10 15:48 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 15:48 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 15:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 15:48 69632 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-05-03 10082920]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-16 348664]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
c:\users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CashMaster starten.lnk - c:\program files\ICS\CashM\cashm.exe [2003-7-18 1970176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
JFritz.lnk - c:\program files\JFritz\jfritz.exe [2012-1-6 202752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 StarMoney 7.0 OnlineUpdate;StarMoney 7.0 OnlineUpdate;c:\program files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [2011-11-08 554160]
R2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [2012-12-21 699680]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 netr28u;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 63872]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 141952]
R3 OxMf;OxMf;c:\windows\system32\DRIVERS\OxMf.sys [x]
R3 OxSer;OxSer;c:\windows\system32\DRIVERS\OxSer.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
S1 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-03-29 219136]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-03-28 291840]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-02-14 79872]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-03-21 362600]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 09:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A
/* Do Not Edit - START: _gcMembers_ */
// created Thu Apr 11 2013 12:15 GMT+0200
pref(extensions.toolbar.mindspark._gcMembers_.defaults.exist,true);
pref(keyword.URL,hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=);
pref(extensions.toolbar.mindspark._gcMembers_.last.keyword.URL,hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=);
/* Do Not Edit - END: _gcMembers_ */
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-WeatherBlink Search Scope Monitor - c:\progra~1\WEATHE~2\bar\1.bin\gcsrchmn.exe
HKLM-Run-WeatherBlink Browser Plugin Loader - c:\progra~1\WEATHE~2\bar\1.bin\gcbrmon.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4225751292-1800472845-3731939530-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4225751292-1800472845-3731939530-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Java\jre7\launch4j-tmp\jfritz.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\Brother\Brmfcmon\BrMfimon.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\UI0Detect.exe
c:\program files\TeamViewer\Version7\TeamViewer.exe
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-12 17:37:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-12 15:37
.
Vor Suchlauf: 8 Verzeichnis(se), 75.168.301.056 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 75.003.019.264 Bytes frei
.
- - End Of File - - 6F6318CE64F1C98791985FC9A2F9832E
A36C5E4F47E84449FF07ED3517B43A31
|
|
13.06.2013, 08:14
| #6 |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches OTL log bitte. Noch Probleme? 
__________________ --> Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam |
|
13.06.2013, 10:58
| #7 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de SpamCode:
ATTFilter # AdwCleaner v2.303 - Datei am 13/06/2013 um 09:27:27 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : UP - UP-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\UP\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\searchplugins\my-web-search.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\UP\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D0E499F53381f84992C7A212CF1D8F5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\prefs.js
C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "My Web Search");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "My Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("extensions.mywebsearch.prevDefaultEngine", "Ask.com");
Gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Gelöscht : user_pref("extensions.mywebsearch.prevKwdURL", "");
Gelöscht : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Gelöscht : user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
*************************
AdwCleaner[S1].txt - [8704 octets] - [13/06/2013 09:27:27]
########## EOF - C:\AdwCleaner[S1].txt - [8764 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by UP on 13.06.2013 at 9:38:51,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B699BE7C-8F35-4AD3-84EB-BE0492995952}
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-2A8F922D.pf
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{000DAE9A-96B5-49D0-9835-9CCA4B30C13E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0054C98F-8ABD-4ED9-BB01-5FCE5CB2EEE1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{008404AC-088D-48B6-BA79-21445932E7E6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0094B215-6467-4CE3-9E6E-CE3CFB34C216}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{010DA909-84B1-4DE5-B522-7A715522E321}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{014867CD-921C-4DF5-B078-2A7D073015D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{015F0465-D82E-43DD-9863-2D6484FEFEE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{01627A1F-C06D-4BB7-8F6B-4DA9A354E4B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{01F65242-BC68-4644-B45A-DEE148FFCE52}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{021562B9-B77C-4EF2-9B5B-699374231AD7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{023E035E-005B-4CB8-B2FA-A2A3BD2B0578}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{025BCB3E-9E9F-4A97-A4E1-15B6FBCB4B2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{027F21D0-B2CD-40F5-8F68-4C2816339A6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0296B5A4-6D4A-44D5-BC14-547D3369113A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{03942E1D-103C-475B-9BAB-B8583EFFBB25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{03D20F55-8B4B-4B26-AEFC-D6AFF29217A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04B18A5B-05CC-4237-AA4F-31423504DA41}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04C19A8F-B746-4D90-A284-769603C7A91D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04C77FB4-C2E4-4604-8746-DA261A45ECCB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05677015-77CC-46B1-9445-283F6E1EFDE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05771F1C-8EE5-494A-BA01-E0856B949C05}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05B3CB36-097C-403A-9C53-9087F9D0EC7A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05E18039-ADE1-4C30-B031-BDF6AE837EF5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{06A57D32-0F0C-47E5-BE3B-4BADB67FB198}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07199FAA-F857-4901-9ECE-08F326B3270A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07CAF77A-8B87-4FCD-B493-3B8F2DE27E07}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07DA663B-7AE7-4A2B-AA51-6AD224367CCC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{089689BA-C1F0-45C1-96F8-F2A0105879D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{08C345FC-CE42-4D0B-BCC1-688F450EB161}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{09AC8C15-0B55-41CE-8B88-736722E92B96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{09BC09DF-7B58-497D-9818-0C2CFD950DE9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0BEF41C7-DDEC-4279-A12F-FB6BECFA3B23}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0BFF76C1-6647-4C19-9926-439D77237383}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0C284788-D4DF-4AEF-973F-05186DBA2738}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0D6E587E-EF3E-452E-B5F0-22005B43C374}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0E394910-0C3E-43DB-84E3-66C1623E50C1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0E8D6226-1BC7-4DF7-B104-873B6ED7F306}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F06110C-5640-4C51-A726-F9CD0D70180A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F68B560-ABF3-4328-91F6-8660D92884CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F6C4F11-9799-4B82-8C21-955D5949B0E4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FB53E6E-AAF0-4EBA-90A4-04A86FA33FA6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FBB98AF-D758-402E-BCBE-33074503931B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FFCAACD-9EE1-4C53-B5CC-8846A9404DE2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{102E5097-F3F9-4D18-A39B-362FFFB15C87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{10C64545-1C24-4B80-8F9B-471F458C0065}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{114AEE97-43DA-4BF0-935F-98F6C1FC2720}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{11E33C4D-6252-4B72-9583-5FF0CE8A3556}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1204A2E7-1905-45DF-8F3E-313DE2413325}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1209589C-E942-43E0-8281-BCB91722DEE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{122AFC3C-665E-469A-9178-6D938E4DF337}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{122B6814-F165-4969-B672-D9FD8DFF7CA2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{12427ED9-60E6-42D3-AE3B-6415037CC3FB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{12C42477-E9B7-46CC-BFAC-00923F092BF7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1372D2C5-4410-49F8-96A6-1F56D22107AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13843A2E-76DB-40E0-BF52-2CE76F70AEFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13AA76D8-F0A5-45CA-8BA7-DBEC65A68819}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13E9748F-A67C-4689-BE04-6A6A09624614}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{14840E43-4262-49AD-A73C-E6793EDF4599}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{149BF9A8-0A96-46A1-ABDD-CCBC49660AB4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{14D352B5-D446-4C8D-BB13-6836E40051B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{154AAE0D-55AB-47EE-8B26-7F4B23158EFA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16274537-D552-4B18-BDC3-6D022B68522E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1645EE66-A5FC-4B9F-A4B4-5385C8B6CFB3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16467E81-C18C-4B4E-B6B3-D261EF3F1739}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16841B18-A24E-4E9E-9F6D-0FF53A14092F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16A2116B-0502-4897-B0B6-E3D03351DA3C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1701EEBD-C5F6-469E-9F7E-9A6FE9EE49A1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{176FF57A-F4E6-4C95-AF35-7ABD231E76A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{17A26101-2D34-4E1B-A7BF-76BE1F599E3A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{17DCBF1F-6ADE-4C7D-821F-98D6661A301C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{19D9C617-AA81-4070-B2DF-7EAE0AFE11EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1A8007F0-76AD-4A92-9822-D211493281C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1B38F586-147B-4926-8364-FB4408960CFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1BD9D889-1131-491D-8C90-25A9B9E415C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1BF51290-3A74-43A4-A7AA-7B4FD8D02423}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1C7311BE-EB0D-4E35-8793-A15E1D8056DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1CF02746-3DC0-4995-863A-1F5473639BCC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1CFDF182-478E-4AEF-BB42-A1AEDD3EDAAA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1D4D7CB0-31F0-423F-BF05-CE1151BE1FF8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1D63D913-0BAD-4790-AB79-4E891FE166F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1DD02981-4E0C-428F-B2C7-FBACA336F679}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EBAE431-321C-49C6-AB30-70BB29188E8B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EC9B2A5-C81B-4300-B3D4-9E0B6C30A01E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EE266AE-0905-4C7D-B557-33AB69A31630}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F307B30-E534-4AC1-B01C-2224E3306791}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F4C020B-DBCE-41F9-977D-33FBAA666E0C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F4EC95D-694A-44E9-927A-97509A8EE6F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F877729-703A-470C-9D50-3197394BA550}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F87C008-0BBE-435E-AE34-D27467C48F6E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1FD4ADA4-2643-467B-ABC8-596D5D6AD966}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{20930A58-8F03-452D-91EE-A2CCBF9753F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2099096A-2016-49AC-91E6-AC2A815A8293}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2151E76A-0464-4294-8021-71353FE4D912}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2158F68D-C1BD-4BA8-AF10-EC5BD58F9961}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2179B435-0FB7-4055-894D-724DA1128563}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21A414F2-4505-4AC6-B0B4-6EA3EB1E1549}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21CFB2F0-25E0-4196-8A4E-1BF4FFCB9D0B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21D93F53-257D-4B3B-A642-2DBF418326B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2216986A-8C09-425E-8428-AA03A2305F0B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2299BD47-257F-4735-B2D7-F31BA2CD5356}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{233A0F66-3E94-4679-8671-B7A259F1D5AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23B69A01-8A19-45DB-8A52-724CC317C45D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23CDF2F3-2E60-40E2-8711-16643EFDC551}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23D48D28-17E5-4361-8560-F56F5E5F6FE9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{242DEE9F-36C6-4EA4-B316-A6F006937936}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2454273A-FC67-4822-9452-E96F2E2079EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{24E5673D-75E5-4CEC-8D14-E8FE4D1A7526}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2518D2D6-1756-4EDC-A651-F844D15A5C15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25DFED60-993C-477D-B1D3-19B0613A96F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25EA4369-B3B0-44F0-AF63-95A69D41A10A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25FE07C1-EF80-4849-9310-593725A3F65B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26B47367-8F47-4B7F-9334-875B2598338A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26C1A9FF-ECD3-484A-A1AF-537891E2F454}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26E5FECD-9E6C-49A9-8825-C2F9936D6F01}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26FCB528-0AA1-4A43-B845-54EAD6F2D8E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{270A2DF6-3BF7-459A-9CFB-F1CAE6500617}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27464840-EA54-42BA-9A64-85E8AA35BD93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2755625E-8ECB-4C38-B29E-361E0FBA1E4C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27A5D3E6-D045-42D8-8530-9F5001A77295}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27BA5E6A-6B6D-403A-AA21-DB1565B34BCF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2892C4E2-246B-413D-8FF4-5EFF3F075DC5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{28A4BBF7-770C-4394-AA06-2BB3914A5A4E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{29705585-BB3F-4372-876C-F7AC2F8574AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2A4CA49C-3F71-4EE2-9C3A-82336B97FF78}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2A88F1D1-2F22-467E-8607-8E830C73A9E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2AAE5B4C-424B-4521-A149-45A4C5926511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2B505348-90C3-4A56-86BB-B92F2D1C8B45}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2BFEAD28-BB2A-4A68-AD63-1AB43A18F461}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2C29835C-AA60-4727-9D75-07B938946920}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2C960227-8561-487A-87D5-D1636C149D44}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CB44102-F07F-4168-AE59-0B2A1ECB9244}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CC9C40D-8917-4C52-AD24-52D323C932C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CEFB04E-5108-4B6A-9B3A-A7FEBE3AC800}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2D7AF252-865D-4BF8-8527-FD790C5092CE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2D7BBC96-578A-45FC-B70A-70C8AB8F0506}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2E50F675-C557-4A75-B72B-2BB50723EA13}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2E560C0D-3295-42BD-AD95-3AA001CD40E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2F0425A5-1532-48B0-9DF6-060B5EA7951D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2FD4CF3F-C88F-4BF0-BB87-6614923123F3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30299CF1-5B58-4662-B420-C7D70A0F941B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30353B3D-6EC8-4E53-BE7A-386256A1DF32}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30BD07C6-3341-48B4-B904-7958988D4EFF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30D1259B-0856-4D97-9B14-9F8DC736026C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{314E63DE-DCAD-4B76-A377-F8463882E526}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{32451A3C-200D-4222-BA25-71D681607205}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{325B7D8B-2C56-4169-A980-7371E5FFC9E2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{327FD21E-D655-4E60-93AF-F4C809E4C950}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{33716008-44D1-497B-A70E-C82A015130A9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{342E3478-9483-4FB6-A0DA-95F79D158764}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{344AD720-0820-4A40-93CE-D1FA9F0BC3A3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{354690D8-F93A-4CFD-9D23-1E3D255DAA4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{362285F0-9561-4516-B962-17D4CFBA4ED5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3624A990-E2EA-47D4-B47C-5F3B4D1CA3AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{36B4DA97-CB49-4D44-9221-3852CCF568B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{36ECA919-5C9D-426B-92DE-EF2AEC4EE1EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{37570763-64F4-40E2-BBC4-80AD0359108A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{383F2A42-AB87-45B1-9C89-A2980FED731B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{38B31952-0C21-4B5B-B6B8-EF309C9847F2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{38E625CA-F559-48E7-B218-009E010CAFD5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3948EEE5-41F3-43E5-8C15-6CE848D3FD74}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{394A6ED7-1610-442C-8080-D803B4236746}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{39D3CAB4-B2D9-45EA-97F3-A4BA6E4B5D37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{39FA15A4-2107-486C-8AE2-A90D97A5B315}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3A4FFA4D-43F9-45D7-945E-066945FA8B6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3ACB42AD-FE91-4694-B416-FA765491FFCD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B1FF2EA-3D60-4ACD-A1B4-3C4713DBF62C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B257ACD-4AAE-443D-A54E-A815599ACF7A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B3164E9-2FAA-4525-BC4A-9AC7C7FDD5F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B47A53C-7379-4E84-9378-DB387015BDF6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B98AC8C-E4A9-42C1-BAD2-113311788629}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3BB4B6E7-E12A-4D57-9153-02A58280B30F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3BC5B5B9-E55C-4516-8E6B-010A995D8474}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CAAC943-188A-4F1D-9F98-B348E23E95AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CBD11C5-04B4-4E16-ADB9-BEF9E8B8B82D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CEAB108-4CB4-4A59-93E0-E53A259FC763}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3D343283-C742-4816-8209-026FEEAE14DC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3D7822A0-8664-4D15-9C78-F1944FD7DC4D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3DDA07E0-A0C8-4A3A-B8ED-7E82246D959E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E15E7A1-A88C-4C33-A5AF-493FA3183484}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E55A5A5-BCDF-4794-A5A9-C4B19170AB0F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E5FF309-4C1A-4542-94AB-C9049F57E8B5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3F3FFCA6-9B34-4776-BDCA-F21F1DF52DF0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{404EA176-0473-469E-BEF6-2C5783C346CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{40FE7FEF-1D79-4BCE-83D5-8477F2C4F0B3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4119DE01-5C22-4311-9003-7BAA22EA0B67}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{41DB5F8D-5110-44E0-9F63-243CC5D55561}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{41E1551D-E362-4522-A0CE-4223744C23E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4244AB40-FC2D-473C-8B1C-E27517194C31}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42646B87-4AC3-401A-AD1C-4F457778C1C5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{429FD7C8-CE94-474B-A6BB-6C20A4A6005D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42E98F38-0A14-43A7-879E-5FC54B7DC156}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42F253D2-036E-4B2F-8FE3-0190BF45E6F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{43FFED72-B430-4563-9872-6521834465C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{444AC3CC-A0F1-41CB-9416-D4C8D0E6DB6B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4479A85E-DB9A-45C6-8363-C8FFE0D88ABB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{44856460-85DA-457F-92F8-EBFFE66AE810}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4576AD61-E1E1-44B1-B89E-02E4125011CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{45FEB38A-85FE-42DF-A6A9-5CEA4CAAB90B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{460DC7EF-B548-466D-A405-3DF9C48D54AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{461ACFB8-3CD8-40A8-948C-D7129E1FB58E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{46338DAB-C507-469E-AACA-C407FA75F639}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{464041A9-B47E-409E-A88F-946971D3A1F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{464466BF-CBE0-44F7-B48A-2FED7387A2ED}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{476E9D23-B666-477A-AEB9-5097AB04C4A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{47747862-C943-46E6-A76C-C493275CD606}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{483C0834-278C-4D56-9E7C-7A95E7522A67}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4858F450-0828-4B73-B976-844EF7AC0B8D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48C32370-9BC2-42E2-8297-73D0D68650A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48F47DA1-F4C6-4DD7-9205-424F310D8F53}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48F4F055-7565-4273-87FD-B692FB79C92A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4952A650-53F3-487F-A199-C234DB7A0B86}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{49539006-9266-4D22-8E02-5E83E7EE0DE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{496D88C1-14FD-4ADB-993A-7F705F8DAAA7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{49AB0A98-821D-4035-92E3-FE3F08D544AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A1A573E-3A5E-4291-8A18-3E1962E170BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A303311-8E56-46F5-A35C-1953D5918309}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A4BB0C6-395A-408A-9845-0F89819AC469}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A6644E3-BF51-4F06-8124-6B44613E18E3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4ABFC388-FA30-445A-BAEF-22301B079025}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4AD0E794-758D-45D2-9403-B872C1EF420A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4ADB0851-11A5-453E-A9F0-758BB9E6DD09}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4AF3726F-271B-4274-88D3-F1A035D72C10}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4B0557E9-2A50-4343-BA58-25659E78729D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4B5CC351-8A51-4967-ACB5-AD6AD4C48F95}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4BF3C3FE-9D84-4233-822E-74AF5660F6EE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C3035BB-588E-4FE2-8E27-B024CF2C24DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C4E4D86-3E6D-4340-AA03-81AE6BE3A4C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C8C815F-AE0E-4332-BF1C-DAC010E26816}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4CA04863-E04B-45C9-BD91-E7F73AD8A9A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D0DDC5D-ACCD-43E3-BE5E-AA03F3DA4CC0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D3A8339-B18A-484A-BE2B-F778D359AE91}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D6E723E-53C6-456F-954E-A70AF2F00945}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4DC8B937-6379-425D-BD6E-A98BDE7733E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4DCA0647-4B5F-44A4-9768-EB5A967E4F36}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F3055A1-C9E8-4274-B924-D11C8C289932}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F46A3A2-20FC-4DBC-B5D0-647E89910995}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F493906-6D14-4C60-9D23-A2399D4315FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F6C7FC3-F3B6-4932-9136-156117FE5663}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F8B39E3-98C4-404D-81A8-84C45624E25A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F8E5F93-5D97-421E-A07D-B8253C5E3B10}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5000EF51-B45D-40FE-AAF7-AF774410F004}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50A156DB-7311-4709-806D-C3B827BA0EC3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50B5F6DA-C8E1-4E08-8338-DD338349413F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50EB9945-C5AC-4538-B4BE-A4DC1DF71504}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50F0CDCD-2039-483F-9823-70DBC5711FE0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{51F99D0F-B61C-463F-9167-FCADB9252B85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52532D4B-0C90-4092-B67D-17A4D4A45EC0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{525D87FC-0EAF-4FBF-B40B-628BC6E35EF6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{527826BE-E2A0-48E2-AEF0-14BEA8912E45}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52C35510-870C-47E8-9226-9CB9914ACFA1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52E77631-41F7-48F6-99AF-56152A29AD61}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{532CC3E2-EE26-4DB3-A8AB-E20050CF42BD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{53495269-C1AC-4056-9C51-2F26C60B0C28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{53C6C961-A98D-497B-87B3-5F89952EE1AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5433D83D-B3CA-440E-A84D-9DF6149D085E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5499C6DE-EEE5-40C2-8335-1BFA2173CD8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5528A806-718A-4D92-BF96-CCE760CA41AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5571BC1D-F74C-43CD-AC4C-883513CD8574}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{570FDD90-91CF-465C-9006-A50B992A73B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{571DE70F-0B54-4948-8262-81CB9D3B5577}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57336498-F04B-4DCB-8923-830246D6E605}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{575D70BC-091C-4DD0-9E1C-0F02DAF367EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{579F60BE-9296-4F23-B565-428535406957}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57D0D169-6EE3-4101-BA62-FACD1296C194}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57FC404A-5E1C-4B56-B092-359DC75F7AA6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{582C6857-B211-4D65-AE89-2D8A2A3E67A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5854E183-04F1-4E77-89F9-BBDBF8D77DD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58675302-EA0D-4164-87C2-E51D9CB3FA4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{588032B9-5DA7-45D8-824A-924FCAB9E6E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58AA02A2-8A30-46B4-8560-ECB826725D2D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58E12A6A-595A-4916-8B23-588FC9D2E616}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{593A544D-D0F4-4A9A-BF56-3197729782EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5971933F-FBFF-4E7C-B162-6186BC128B94}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59D1CD3E-86B0-45B4-9558-6A2600AA4A68}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59D93645-9BF0-4E6D-A9D8-DC180DD92C5D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59EC4201-C3C5-4F8C-B534-BF357C8940B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A2EA667-021E-4DC1-A523-A8EA7DFCBFD6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A3D324E-A09E-4DE3-98D1-5832ED1E3B41}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A44578E-2236-4FCA-AA77-E77B5DFB67F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5B4791BF-83F0-46A5-AAC8-7BD13F5B7D83}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5BF14D39-98E1-442E-919F-F9833A6B7D63}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5C309052-4375-44D0-9ED2-56CAEFDF119B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5CE15972-0557-4B53-ABF5-759B41D87294}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D26C15B-1A6A-4826-8C3F-F7FDAB51D043}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D3D4A26-C993-4816-B1FB-A3B97FA5ACB3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D7DF7A0-9C17-419E-8352-519946A9337C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5DCDA36C-ABC6-4A58-9B5C-9834C21C9F5A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5E0E6967-49E2-4BB9-85C4-E667B5D53A96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5E6B23D0-B0CC-4074-A74F-F6E01F3ACF5C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5F694FE6-FD9D-455A-92CC-D0C8384BCD28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5F91EBF7-AAC4-438F-AB79-031F255E5253}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5FA262CA-5DE3-4974-9141-E04E97B7C12F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5FF16193-8C8E-403A-BA47-83D5744FFE0C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6000D458-96AC-47B3-A3F9-7A25D5C19882}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{601DA959-C73A-4DDF-96BC-B0E43939BDCB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{606BA4EF-3740-4874-842B-BCDF5263AFE2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{60B6AEDD-5014-4998-83BA-C8196FFCAFAA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{612DFF6C-6199-490A-B624-EA5AE8D82B18}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{61676A20-375E-4F03-941F-6EEF7467DD25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{61AF0B89-F3CF-4C85-A3A7-8DCC6AC833B9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{620C33BA-D978-411D-A6B8-E71B719CDB1A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{620E704C-3858-4466-BA70-098D54C6A208}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{628468A5-0321-44BA-87E6-39312C4B1A3F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{62979C2F-40A7-4197-9F7D-40505763E907}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{62999B76-127B-40C4-A7C0-7B42A55F1773}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{63AD0486-6026-4D6B-811B-75825C9D89FF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6413C4D5-9470-4538-9BF8-FB77E3DA7476}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64A0905E-C7A0-4EF3-817B-2F8E6CA473A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64A5D50F-E57D-4BD4-A15C-65F32ED09AD0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64E7998E-9A9A-4F68-8D35-2336A878215A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{655AD731-838E-498A-8E7D-F039847C5402}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{65724960-52C5-41DB-AAD9-9C7B97A6B039}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{65744EEF-8282-4D02-AF15-7345862DDE7B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6655F222-D308-4C46-8101-F8DA30C90672}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{669A60E2-3E24-49C1-9A24-C2540F53C9AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{66CB8157-1242-4CB8-B095-6FD8FA2E1B2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6794898D-66E2-4353-A076-99648ADAD508}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{681DC91F-F025-4A13-B55F-D70D92DE9F02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{685EFE4A-B21B-4808-88A5-C712A05A5DA4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6898E4C5-9B23-4579-A291-19128F4B530C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68B26648-B09A-40AC-8F60-BEE1C023C76D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68B65E55-6128-48AD-AB9E-3AC580281C0E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68C9391E-73F6-4CBF-ABE8-3A4FA26EA216}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68D099F2-7100-4C7C-93AA-59CFBFDDC379}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6904F4DA-A648-47F5-AD45-2624122EC576}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{69189FC3-CC6A-4D63-BAD0-B19EEA40BAA9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{691F9379-C447-4D80-9FED-6F613B8FE505}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{69E38BCC-26CD-4790-8660-48A49ECF8E11}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6A88CFF2-792F-4D79-9C31-720A1AA62585}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6A9B2BA3-A2A1-4593-82EC-75C5D36C9CD2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B0362D0-8B03-4680-947D-22069DEC2EA0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B3B2665-3F0A-4F96-AC2F-CF70EC559AE5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B6DEB4B-8F3F-4318-B2AE-498D492AA81C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BA10E8B-C88D-4A13-B0FB-D4FB6D4CDA15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BAFC08F-D47B-4679-966B-6ED86152F3E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BEC1847-23A2-4E29-B461-9BC9FDDBBBB2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6CCF8EA9-BA91-4F73-8380-1277D27633CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D0FF6A1-42C7-4335-B4D2-4E8B4E158E94}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D32D3FF-4849-4142-9C5E-BF86ABCED5A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D51CAD6-7FAE-4CC1-9EA8-57A2AE72D558}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6E3DF629-3715-47DC-8398-CEFF87D759A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6E5F64AC-4C7D-463D-929E-05DFC78DC3B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6EE2DCBC-82B0-41E5-9999-8187C679CD4D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6F3309DE-A9D2-4815-9C1D-49BA984C1DFB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6F6FF9EA-D1F6-4927-A752-D77D2A2426B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6FA0AA9D-FB2B-4BB5-BC5B-4E3F7D54D676}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6FA6837B-8D9C-456A-8274-9776DB2039E7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{702DD0D7-13B2-47E8-AE0E-9902353EB25E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70423093-E9A7-4813-ACF9-D19B0FB8F260}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7084A884-476F-48EB-BFA5-E9BDBC32EF53}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{708C9E54-857A-46C8-8AE9-8B3527CCC6F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70A8939D-9CFC-48EC-8714-26CE5A5BB294}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70B38E54-030A-4710-A256-C233BD35CDB5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70B99448-012E-4B39-BE00-123C9DD3E32C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{71A44C89-9048-4C7F-8D2D-5EE4F3A3801E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{71E698DE-23B1-407F-9901-7138252DFFEA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7271459B-755D-42D4-8EBD-6BE2332AC2E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{728CBF0D-8DB2-4772-A957-0D6A311FD7EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{72F2F359-E5C8-4BF9-865D-BF2BA81F4A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7358A879-42D5-4526-9F27-723C9CD6D4C7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{743C10E7-51C6-4864-BF37-760861A6982B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{74559496-1997-41DB-8154-BA316E69A03D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{74705EBE-E57D-4E99-94E8-1081C2DD6C62}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{75540E21-30CE-422C-83C0-5207DDDF0172}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{755E1A65-9D2C-404B-8E48-E4F4D3AA3F47}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76480A8A-6B85-4EDC-978F-26B7204A0DA5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76663A3A-2E3A-4D8E-B6BB-82F8E81BF002}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76CC3E08-D6FF-4A83-A6B4-6F717C7A3A8F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{77110A37-90B2-4395-8BCB-721087979C26}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7736E142-3818-4DC1-ABA0-0E55336ADD46}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{77A0D216-C76F-4B0E-89CA-FCCC11941E14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78217991-921B-4669-BFA7-682122271078}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78365B0B-D90F-47FF-89E8-F5C76012E0ED}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{786A62A1-372D-4F3C-AF49-EC5CFD6655F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78775B05-01EA-42FF-B27E-C94E35BC2A6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78817B55-DC16-4CB9-8235-9AB60AB8E4C4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7902666D-62B6-4829-A7F3-52770C98FC93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{795710AB-BA2F-45A3-9B4B-2A8CE3EE97E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{79C213E1-5AE3-4C03-A519-AEB7BE5569C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{79EA27E3-EEF1-4A35-AF61-8B6A79854E0F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A525E19-625A-4513-AE93-901E8CB7F118}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A77E31E-3968-4353-A5B2-E0405771AAC7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A820C94-4BFB-45B9-93E6-DDD790EA2C83}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7AA1BC57-2EA3-4869-9F5B-3789C43EB661}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7AB36458-837F-49E5-BCFC-24C425BE5F7D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7B146173-4C28-4764-A08D-75957E18806D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7B73DCEF-1ECE-4935-B1CD-46C17B582C9A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BB37A36-5117-441F-A892-F127B596DB5E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BBF65A1-5C98-4F8A-BAC5-119AD77F99F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BC64D34-53AD-4573-8226-76E018E74D17}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7C399ABF-7A1E-4A03-902D-5AD4A577E02D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7C60F4D2-EED0-4C56-AD83-0ED32629573E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7CC8AE55-4258-448D-A475-40567C0BDA93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7CE95E56-4ECD-41B2-821E-4F254C7DD535}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D1B4A76-0C06-4AEF-A33C-FDDD71E9C968}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D34833F-1AD3-4B70-99E3-22B1E9CC8CC2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D3F1EA5-6B4F-45D2-8048-AB65B24E415B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D89F014-7016-4688-A118-5BA202D2EB25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7E0A6056-78E4-4083-8A50-31DE3A023DBE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7ECEA3F4-B8E6-4DB9-8BA5-A8918E67E55A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F1D459F-57F8-4F3A-9E4C-D9F2F8C12F9F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F2CF017-37C2-4670-95F2-C13EC3568B85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F50C2CF-E999-4F48-884F-57F139AB2C4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{80A019B9-A475-4B80-9CD0-00E66205E78B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{816EFC9B-6162-496C-BAE7-8D2E9FF51F1A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81774051-9583-4DF3-8230-A4A8F6B9DE8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81C473FD-C82D-4E75-9278-A7FBA81B2F11}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81D5C872-14C8-4830-831A-EB3F55A3AE6C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81F44202-506A-4EA3-B168-70E00D36E511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81F9D7A8-890E-427B-A8FC-7BE9400BE2FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{826052B3-FED5-43B7-9B8F-5AAE324B213B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{82613B98-CBF9-4C42-93F9-D48D66E129D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83025519-4108-4C54-AF9B-A4BB4BEF9A7C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83053B2B-127E-49DB-B0C3-C027657067F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{830EB296-0735-4DCF-A909-19DDEAC20769}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{833965C6-6A35-4B0E-B937-9D4FC693739E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83B320C2-46CB-4CF2-8CA4-ECE6A1BA0613}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83CD634F-289C-43C3-8285-6271A13927D5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{84241867-137A-426C-A368-2533936902C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{842BCA06-7C1F-40E8-865F-54BBDC8357E6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8432BE82-B4BA-4083-BDA6-9A879E2EF06B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8441788E-AEB8-4596-930B-2B73753D8B8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{84A4BC31-BD79-4D90-845F-C05D212CC560}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8500CD60-813F-4768-9D5E-48D7C6D33822}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85174610-1B9D-4010-9B31-043B01E32A92}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{857BD189-12B1-4E75-B833-5631BD12596E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85AA4735-A9FB-46BF-8F28-F463202C37AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85FBF4B5-8BF4-4F99-BC5D-FB0C49C89DFC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{860B2698-7E47-4F22-A4E2-5746CA17F195}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{86FA3EE9-0644-4722-B053-0F2243C41F4A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{870D72DE-9892-4C16-A7EC-3A19020E3F03}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87371069-A13B-4D73-A08E-EC660F154ADD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87D6DB77-E41B-436F-A397-AC83814D8EB1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87FF246A-5F9C-41D0-AC1D-A33C4355F528}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{881C089D-7987-4760-89B8-45AB76E01206}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88ED9B6E-FDE9-4476-A9FA-07D20A2B6F6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88F1A6E4-FA5A-4AB1-993C-806BB37E8B3E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88F37773-E514-496C-A29A-883D14DEA519}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88FA0465-7CD9-4AB4-8839-6BE2037ACB7D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88FF9F85-A104-42BB-987C-CF72F1C91467}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89293C35-5E6E-45DF-B4F9-F632442C8996}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{894DED80-02D9-4EEF-AC87-49D7B50B27FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89889EB6-34AB-49D3-9529-CB8D761D2C2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89A02354-F6D4-409B-9B13-D44FA356F1DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A2A15C9-2A65-4404-B148-D8ABB58B0FAD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A37E7EA-35F1-4A73-A23E-B58E1BD2C2B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A65D5B1-9A45-4D18-B947-BF5570AD04FF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8AB2529F-431E-4675-9B8B-DC63454AE745}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8B2B892E-4050-43DF-85AF-B1771D22E904}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8B5BF874-2EF5-4D89-96AF-627EBD619714}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8BCFB64A-D2DF-49E9-A930-CE5FA680DBDE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8C16F757-4480-4C4E-B51F-815A6E1325EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8CE87183-FC45-498C-BDA0-3C9FC6C7742D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8D3BE354-6BB3-42E5-956F-73AB6E2DCA36}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8DA26F03-5712-46A5-A9DC-3CAEAC3F2E02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8DFDD749-A9F1-424D-9029-4C7B51592886}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8E609D93-FFC6-453B-98FE-F8859CA3C3BE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8F7C05B4-3295-4A56-9C31-3F819618E24F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8F860F59-B6BA-4B7D-AC27-E1770B6EA7FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90159F77-8A64-430D-8345-4578FCD5F46C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90496EA8-45FA-45E4-A5CC-F4CB11BD2208}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{905BEDD7-578C-4B1F-841E-9A5F85C3D9E4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{908779C9-56E0-4927-885F-187DEDF74A28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9099D336-A238-4721-B42D-D011C86869AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90FB8A52-FBAD-475D-9652-8AF470CB95E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{910BA246-81FF-49DA-B666-70E751C4843E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9161BCC9-013B-4E92-8CF4-BE056AD5067A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91631C76-49D1-42C7-A8AC-6EAA2C004B39}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91A2D8A0-9C73-4D7F-A8CB-2B5DA8B668B7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91C3D78F-EF35-45D7-838E-7A319154239A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91E4F34C-7515-42E0-97C5-FC7A370CCD61}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9240B4DC-0606-4042-AD12-15C63F957EA9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92432542-53B5-49D3-AE9B-2EEDACC0BFDD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{924A1889-DD33-478A-96AA-CB9697FDDB9A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9282D468-B66D-4F3A-AB05-FB41B343D461}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DCCAC1-7AE5-4975-B418-98D451E8C732}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DEA894-403C-46AA-8BD6-856601B18B2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DEFB66-DE46-4B92-A692-4619EEDA2FBE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{931C37FD-EBCC-4622-B86B-352B5B56BB5B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{938FDED7-5AC7-45D2-956B-4527399D0CC4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{943F2CCA-B87E-403C-B50E-83B882E4D37D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{946CA5BD-FEE6-4B74-975E-0EA2919E00C5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{94999E90-BB90-41D0-8FA9-876B3B1E13FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{94E5AB30-ABBA-49AF-BB8C-B0AD633B78C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9501258D-645E-4AC3-864D-F1EB721DACE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{95458BCA-B1AA-4CBD-B5B6-F93540457EEC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9572C66E-9E1E-4DB1-9BDD-A356A10A039A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{959DBB92-A831-4128-A9C2-83F54840CEC5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{95DD5CF7-529B-49A8-B774-83A2E1D6BFD7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96A7778D-F797-48CB-A3A5-0CC9F63F7742}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96BE5C43-A3CC-4F6A-B676-59429BC8436D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96D338E6-A0A8-4D61-AFFC-8E31CBAA8B56}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96DB0DEC-9005-4B10-886E-C23ADDE43875}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96F4EAA8-6D80-4E0A-8024-BCBD31D524C1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96F7B440-EBC6-4E26-83CB-144C68E49511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{97C04604-F86B-4081-AA4F-AFCC57103281}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{98612620-4D61-48FF-BBB5-0B6BA65983E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{98DB0252-8236-4CEE-9E2E-517C21624A49}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99776108-0419-4BDB-87E7-6480F03B8AEE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99A271C1-1D83-47F7-AC2C-8CB4B172857F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99A35D01-6B64-41F1-9DE1-9D313518807D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9A630097-C648-4AA5-8471-A7DAD300AAD6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9AB02ED9-5EB2-4661-ACD2-9CD4E8694A3B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9AFF4716-5E9D-4E02-AC0A-13390C4DC4D9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9B00E288-BB33-4F22-B21B-53A62E5BDD6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9B1704A9-834F-4FBE-BAA1-6E8FC350298A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9BDF9C09-C151-4E90-B63E-B1B1022C74AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9CE1E4CA-C90D-4890-88E4-DCE70C2922F9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9D9A9B2F-E3F4-414B-897E-540879FFC1AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9E0C42F3-6B4D-4446-A3F6-DB20087389D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9E710F24-63DF-45AA-9DE0-87E57F4BC932}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9EDFC3D2-3497-4EFD-96D3-E189AF6826EE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9FB6D974-AFFD-4131-BB6C-A12A21207AE3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A011EEFC-71EF-41C4-BA62-796F899942AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A0FFBFA0-9569-482D-BE3A-FEF21FBB2F15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2123408-7619-43EA-B040-A9BE0681C756}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2EEC72D-8E98-4C25-8C3A-9120507E0FE0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2F3E003-3F30-4E1F-9222-E37247541F1F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A328CA4D-7C5B-4378-B872-E160533B1966}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A3880567-3A5A-4CF1-B59C-5BF2862A0020}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4100589-7CF7-45F8-865C-89EA8DE4F02A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A42F64E2-F223-4027-9B88-9985C858E255}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A44E4BF9-8D35-4FC2-B868-4003176253A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4CD4A1B-AB28-49B5-B0D1-46F60210BC19}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4EB442E-F31C-47DA-96C0-AFADE74FAA93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4FDE67D-4CFA-4396-9DB2-EA659016910F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5997495-1595-4A7E-BA98-7350DB460F29}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5B81530-1641-47E0-BE23-A56F07D192E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5D79962-7C45-46EB-92A2-21D86D2280D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5D950BE-8F80-4D26-A8FA-BB4519DCDC5D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5ED8D03-4A34-4D71-BF39-4FD0F17E9754}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A627B16C-40C4-4118-91B5-3503F76C69F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A783EF8F-C74F-4D00-85EB-599139245754}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A7C51BE8-1125-4B0A-B159-38A458B902CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A7F67600-A804-44FF-9DCD-A01F0EBE40FE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8363911-1BC3-401D-88CF-A1C54F81DFC2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8442C5B-6238-4BBC-82CC-85323B42ABCD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A85D51C2-2942-4280-9ECF-D11EC47FF6D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8712EEF-97D6-4940-8A50-8A771446255A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8721E90-5B67-498E-9B53-665956235A08}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A88C17D9-A448-4752-99F2-70992047308D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A88E9B1A-3A2D-40D7-A3FB-F26806DBE950}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8AA9A74-908B-417D-97B0-8728ED7A1E89}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A9B29610-9F63-4C2B-AF6C-F2C4ABF3E9AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A9EF78F3-612B-4375-8DB0-3DC398B87864}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AA6137C6-FE56-4C9D-9519-A3166885F3D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AA713239-EA31-4871-924F-363437169EE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AAF183BA-457A-487D-B387-84CFB21B6888}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB1A2FAF-463F-41F8-B3A2-E62CE1AF4E15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB1ADE2A-39EE-4045-A5B5-3E481074EC14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB7A7DDB-0FF1-4B05-97AB-0899D5AD4E2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ABCF278D-5A64-4EF8-85C2-947A2A76F5B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AC40F553-7054-4C1A-BCAD-86ED2F0C645B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AC9DD3BA-E741-4A4F-A80D-17A75E421916}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ACC60EC8-1CD1-4039-AF86-A385ABD16357}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ACF5BB13-C4F9-40C7-AA7E-2855337D8DEC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AD7F742B-99BB-4C9C-9064-8216BF45B96F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADD0BC26-031B-44FF-8E34-B4C5A442ADB9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADDBC9E0-6281-4F55-96F0-10E16F7934BB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADDD89E3-3845-4682-996E-EA95FA8F2E03}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF02B717-6BE4-4329-A1DC-34F516ECB082}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF988F3B-1F91-4FA6-8E11-0C009BC3E3AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF9B9D87-37EC-4FC3-8AC4-91F4F0D5F888}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AFD20F14-3685-4F11-879E-FF2E8D4F60DE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B11F50C6-0300-4783-9725-EF94E61AC658}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B17501A7-4CE1-4C0A-91B9-35F91DA40604}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B2D586E2-F7AB-4DC5-A0A8-8DA24ED59F9E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B2EF20AE-B618-43DE-ABE6-77ECA5F88BD0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B315928B-9436-4416-B080-56E98C1477C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B34DA21E-305A-4529-ADED-B80D9F3847D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3BBAC2C-602E-471C-9232-F1CFAEFEC2F6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3DBDB73-B1DB-417E-B2AB-AE72559C7F87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3DF285B-42B3-466E-A4FB-296083FFECFE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B42EA41A-F903-4531-A2D0-08C921F1C9B8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B434CDA8-4EA3-475E-BD3C-102D0DBA6059}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B44731C9-BB09-4373-B146-3135D6D8C5A3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B4FB7A85-41E7-44E6-9F5D-69724252C81F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B501F206-54A3-4529-9845-F981EC1C653F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B5F64CBC-C3CC-4C37-8E22-F51C2341ABD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B60290B3-A831-41F5-897E-1E04FD193250}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B6320E92-5A42-4423-9533-E7C3B261837E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B63BBF5E-20CA-4037-9AEA-B0597A9DEB27}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B65080BE-4582-4079-9F14-569DE773671C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B6541212-E85A-4ABA-BAB5-08D15201DFD9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B656985C-45B3-4534-80FA-E2E8C04F7086}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B697D22B-7C1A-4FE5-8A62-0293CEF5D52D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B69D4A70-0F4E-4CC0-BCFD-9FFCCB38F320}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B747328D-C981-4916-B483-04E7826DF8A5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B779FA41-971F-4A52-8010-C3D20CBF3CEB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B7FCE830-DE4A-4E9A-A5BA-5C692A72A4F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B828843A-33CC-43D9-AC50-DB6D0E1C7AC1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B82B0497-2F76-4954-AC8D-DC5A62BAB534}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B97C499D-D023-41C1-A72B-B16CD750F7CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B9CD30E0-1C2C-4DFD-AEB1-4B7D8375AEBA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA34F005-42CA-4B35-8367-AF38E7DD94D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA6550DC-DDF5-4608-8D87-289B9505B26F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA66ECFF-A5CB-4E73-B031-C9A229A1AF2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BAE7F351-E574-4A3C-88AA-214B45050F85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BB3560E6-B143-4E4B-9B3B-97F2AF933DFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BBD416B2-B0CB-4D9F-8CB2-5A5A494FFCE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BC4199D1-9330-45BB-B0D8-439A9BD17DBA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BCBEAF15-C38C-4C80-AFDE-3D6B6C0C465A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BCEF6B33-5712-41BF-8F33-18AD86655389}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD0DC7C9-5591-41B5-9259-624A613602F4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD1562AD-2E12-4186-BECB-CAB0BF731E9B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD1CA25D-7219-46C1-907E-B91F00DBA14C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD5A941E-7EF1-4E22-A484-934AAECC7830}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD70542A-C3C2-4FB5-9B13-3FEF6B80E99E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BE5C12D8-268E-4720-A251-A7C26A1978B1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BE677D0A-BA18-460E-A5B9-C6C3F0059C91}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BEA1A773-CCA3-4ACF-9E73-55CB3AA38EFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BECE9DA4-A5BA-4543-A3B1-8CF6E36C74DA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BEEC3297-E2DC-4208-B443-A000461736CA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BFEC0A92-E2D4-4FFC-860F-E664B40996C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0590219-9C90-44EF-9082-529C48EF3BAD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C069145D-1A5D-4A65-8494-CD33121EDE3F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0B018C0-632D-4ABA-8AE9-7211DCC5187A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0F5F53D-5793-497E-8A8A-9AA819BEE7B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C129E0CD-C2A0-43D4-B856-12F68D6D8B16}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C167FA70-D754-4812-8FBD-ECBF167DF643}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C19D7FB7-D97F-4E15-9F80-166715A730D6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C1DC8D4A-3311-44A9-B017-D041B6371E80}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2815802-4525-4789-9ED0-60FED872D913}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2A774DF-88A4-4E5F-9ABD-72415D2A6009}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2A7903D-4514-4F7B-A269-704A0EE5EFAF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C30E8CC8-4C52-47F6-A778-D5797E8D5251}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C31DEF93-C076-4D17-A8E5-8136D50AF162}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C357F7F3-9325-4957-A0EA-9A5531BAD053}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C41B40BB-1C43-463E-9859-E9BA9F211654}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C41BC904-AEF6-4C10-9F4E-D2A8483FEA8B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C45864EE-9032-4EFD-A5E7-55508C1035C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C4C27760-7D9F-4F3E-B828-62E1DDACAD40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C4E9D987-C723-4746-9AF5-AA887FF308B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C565733B-035A-4BB1-BCFD-D1055730B4F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C60DB0F8-477A-4CDB-9D9B-934656171A87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C61F64A0-D8D2-4F3B-B43A-B6AE0A3FBA38}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C6D4A1A6-15F0-46B9-8A64-3C5E6A61AD50}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C779C684-5AAC-48C4-922B-747A6062923B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C795D9D0-F96B-4F45-B76F-6297D5FAF50B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C864209B-74D8-41E5-B1E6-A47DC9B44FB6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C86F14E7-83E0-4AF3-A0A3-AA1633495A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C98F9AE7-3A40-459D-A68A-4BDEF7EB5920}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CAE35E9A-D854-414B-BFAE-A27F74B66A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CAF5BDE3-E2DA-4C89-996C-5B3701E07541}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CB68D912-292D-49E6-80BD-121ECCF61771}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CBF0E40B-16B1-47A2-A86D-3D77783E5072}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CC8B28B2-004D-413E-AE8E-AF0203CC3954}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CD20507B-0E20-4177-AE25-5C4F18578B9F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CD59C6FB-08F2-4780-98AD-941DDF413B69}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CDEEF1C5-AE34-4800-B088-B1219D3B9D1C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CE46D979-4643-4D66-A60E-40D3BA1CE99E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CE82009B-CE4D-43FD-8552-D6350C78E893}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF0CC19C-31B6-41C7-921C-BFC3109EC497}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF5E5137-FE6D-45FD-932D-471702365DCA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF9E7224-56FE-4AB5-BE50-7437E4D8F46A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFA8D085-A908-4733-944D-918F733D0600}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFB11BBD-17D8-4015-8B9C-2E39F2C073AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFB6A210-3A4D-4691-80CF-6B6B056C2A72}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D04E5290-5D3B-4758-BC9E-C6E2A54DD312}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D054A2FA-CFB5-4F34-B4B3-ABEC7D866F37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D067E5B3-AEDA-45B8-9703-8F55FECF4E6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D0B4E0F9-083F-40C7-A633-D7F28B153D0D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1014499-1237-43F1-8CFA-358B95B58F05}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D10726B8-31EA-4839-99A7-86CB615DE604}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1666E64-E664-4CD6-A12E-16A12D695DD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1F34A43-6514-46F9-9D94-58EF373229FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D2794504-E4F3-4F40-9C99-C31CA6719856}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D36733FB-552A-439D-80D7-99D0D9A62330}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D3991675-1226-41A2-8747-76E001A352DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D6556DD0-43A1-4C2C-82D0-C36F149278EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D6DA7EE1-A1C2-48C8-9845-FCAE8E666C57}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D751B0AC-B0A3-4950-ADE1-D063DB2C16B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D769C08B-EC87-4411-9AE9-8ED925C04EEE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7C0FE3C-FEAA-4DF6-905C-B9458250376C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7D110F4-4AA8-4677-9F26-3BC540831BA3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7E059DC-87A9-4DEB-ACA7-92F68BD52233}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D82D312C-22A6-4AE8-A465-513B2A7C72F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D860D5E7-4DBA-44B3-B5A3-55E8B90B513D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8E9D21D-6561-4921-B4F4-755CE68FE829}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8EEDA26-B36E-40CA-8D70-48C027621576}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8FD44F0-ACF2-4883-B54C-4CB58A7A73CB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D939D70D-304F-4B99-AE7D-8BC154AA38A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D9BF6987-71A9-4423-B630-7DCB2A3D36DB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D9F6F9F0-4539-4568-93C8-294D026744B8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA48E2CA-8FAD-477A-BDA9-B8BBEF5EE7EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA75DD1B-1FA2-4B7A-9963-FB6D7075E1DE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA92CD46-D863-4021-BC1E-544850AB58B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DB15E794-ED03-4C24-8CA9-9BDD887AD312}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DB6421C2-58DD-4913-9717-F1FBE14117B4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DBFE50AD-FCAB-4063-9F8E-47AF7289286E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DC146F62-CBB4-45BF-AD04-E9D0BAD3CE70}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DC6BBCAB-9F16-4650-A22B-9BB1B2EA263F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DD483E84-ACD0-4A9F-9F5D-05E8E17E3047}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DD9C8067-7E6A-4847-93DB-39D031F8C045}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DDC52DB6-84E9-4092-A10F-3A1AB1CEF48B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE2A5B68-50EE-47DE-B852-438D18AEEF2B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE7CBD27-FE5B-4275-A6CE-00D2DD6529F9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE8D44B8-261B-4799-9DFE-F5CC138B1980}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DEE3BCCD-59DA-4684-BC2F-33F67A146E46}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DF538BE4-BFC9-4848-A977-B35C6BDEB03D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DF68358C-115E-473C-97E0-EBE01EF53A9C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DFA5F200-EB88-4351-AB8E-D109A945A029}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DFB2C85F-E4DD-42E8-8999-16D46ECDD771}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E0304DAF-EF97-4FFA-873C-4B32344E9D86}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E04FAA55-8216-4EC7-99EE-6B583AA20608}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E05946D7-FD56-4522-9EA9-3C92C916380F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E0A909A6-8C13-4809-AF47-230EE760E6BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E1CD0098-0416-474D-B890-4726E433D9F6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E23AEA58-1050-4F92-BD95-E529B28300B3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E2D4613C-C652-43C7-B9F4-D579BBE4EFCA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E38956A9-FF50-49A9-9CD1-270200D9014B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3ADA2D8-669A-436A-985A-878268AF2101}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3D4FAFD-A9CA-479A-8705-F23D161BA8B7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3E5E8AF-7615-4F53-93F0-C6135604058C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3E96F15-B67D-43FE-BEAD-A7F1951F8E37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3EC59BB-A92F-4F7C-8848-32A1397AF51F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4318995-1E6C-47AA-98A8-7032D8ED19CE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E444655D-8337-446C-AA46-F996CD283015}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E495B75B-AD81-463D-BC42-EB9880E80DC8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4A89FA0-52B7-4EC7-8F35-B76FABFBBF1D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4F38D7A-4274-4259-9EF4-9ABB1DD8229F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5630DF8-D500-4F6D-A9A7-61424C64B493}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5804073-B56D-46C0-B05D-9334D7F5C4C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5B1B33B-478B-4659-9D3F-EAF40EF1A396}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5D61484-E03C-4667-91C7-0016634F7FE1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5E00E70-303E-4B40-90F2-ED5C33E935D0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E67AC73D-71FD-4DA8-94B2-F44AD45A2411}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E6B6C95B-A0AF-4EF8-AEB3-7954D15DB0DC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E70F7894-C89E-4DDA-A90C-2CD75F42F48E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E84A543D-E22A-482C-9318-A245D799F579}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8744F77-BDEE-4E00-B72C-398DA9027A66}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8842B5C-3271-477D-BD39-D903571EC73B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8DA627A-11B7-4B06-8D49-C184E28296CA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8EDD117-EE39-4F6D-9B87-2CA32E43F013}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E94C4DF3-0194-42ED-AC1D-DBD6502E2409}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E9BD7114-4C90-4EDD-A0AD-CCFDBE840B5F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E9F68971-04B0-4809-A6C9-EAF58783BE14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA1CB095-89EA-4B97-B24D-EB21A695ABB7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA4D49AC-14BA-4E7D-9A44-4FB3989520D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA6BCE86-810D-4C56-A373-F1BAF6769571}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EAA568E7-F4E5-412C-AB27-F1218D1BBED0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EB76AF52-0BD6-457A-B33D-58FD18785506}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EB7B4BB0-5FAE-41EA-9610-990315397C9B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EBE38127-832B-462A-B7E7-5C22CDA94310}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC022C4B-5A57-41DF-8193-5095A4C7D1E5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC180433-E10B-4933-9B78-4CC587E2013F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC1E7EAC-38A8-4419-B289-F99AE26137BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED283558-AC70-43C7-B46C-4B86CD894F42}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED807C4A-9E4E-45D5-85A8-67BA7FED7DE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED8A4E67-4BF7-4C94-9936-B66B48A9F7D7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EDC0E4DB-C4F5-44D6-A40C-6AE9DA7E4D8D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EDC670FF-3596-46FE-9996-384407D02D99}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EE070AF7-E79A-4C1E-A391-AF25378EA8BE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EE49685E-A656-4E64-A2F5-1E1F103D9189}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EEEE7CE7-28BF-494F-97BD-40A0E5B2D00A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EF318D36-FF9A-4F13-90E7-799AE434BCAF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EF714A98-4AD1-4414-8799-DD8D0AFD6AAB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F017FDDD-06C7-4373-9A41-A27FF8B15DF0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F01DBE58-D797-4456-8A5C-0E1A3396A5EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F0239798-F550-4F22-9DF5-3EFFD1E46264}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F0D6CBB5-318B-421C-8A07-4773E8D2101E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F15271A7-CC53-4DA6-8D5A-0DAE9434B7FE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F1603AFD-0113-40E4-B62E-5BF59B7D3D35}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F190C0D8-8926-4889-8E0B-0EE26469B44B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F1BE3BE7-3721-4798-AF82-0CC4DFAB6095}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F235A8D0-9953-4899-AA63-EFE071375ACF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F26D3054-1D9E-4B72-B7AB-D3CF57264508}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F271F053-DE3A-430E-896E-EF8DAD343C58}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F2A440B9-9CE3-41E9-94AE-A588FB7D8B21}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F2BDA206-F419-4235-8D0A-4D0BE55B077B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3160105-AE76-489D-A469-B2EF64B51A8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F33831F7-FD21-4FB7-88C6-59A078C45558}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F348DC97-EC7F-404C-9740-3971EE3F2F87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F39AA347-27B7-4607-BB00-D5D5C310261F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F39B2AA2-4F9A-4D41-A422-28F7ED3DD5F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3B1054B-A9A4-4FBB-A883-DC0CC0E75DC4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3C5156A-CD98-4F77-AD61-707469E4628A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F41BBE1E-085B-4231-9C68-71F219F7A832}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F483F3CD-41FA-4B9F-A7EE-3BB54996F3E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F4F5B1E5-9186-42A3-A26D-3EF2839E58DB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F53A8378-B6B5-4B69-90BF-19613D3D0B0D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F563E103-71DD-4CE5-AC80-5CDE9F4289E2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F56C3C9E-EFFD-4BA9-9E91-F619673F8742}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F61C1ACB-F663-47B5-A16C-BC9F8CCB01F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F6492C19-D155-4771-A419-28C24A0DE89A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F65F539F-033E-436B-882D-D2A77A4CAFE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F6E5C4B5-334D-4CD3-9B5A-0A24250623D0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F845C4B4-3CB4-45C9-A307-07FF23EF0F40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F84F6C91-5E3D-4E89-AD64-10D1F85D27C4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F85AC0E1-57E7-4A34-A6AF-073986F56C8F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F93D094F-292B-4678-87A4-81F746046CB2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F96923F5-D47E-4F96-ABCA-4C5F568E9D96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9866BA3-6699-4CA5-B11D-622ED5B63A40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9C26754-FDC1-490B-B6A9-4242D291D08D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9D60878-70CD-4AE6-8601-EC2FDD4881A4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FA191CA5-1D48-4D89-B2C8-ED9E92D88FD8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FA890061-EDE4-4B3C-A1D8-ED9D45426362}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FAD6F801-A351-4776-B71F-05FE77A1D241}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FB34DE55-A05E-4251-A163-E592FB71E3C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FDA7BF7F-3D36-45A9-8DF9-6A99E90807C2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FDFEFA7B-C37E-4F76-BBA4-AD02BB12F311}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FE03BF73-43B2-4638-ACB3-97DE71B2644C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FEC0AE40-5ADD-4ABA-AFEF-37952F21EE47}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FEFAC5EB-7E50-4E60-9904-63F23C8D4297}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FF2FB48F-F434-4CAD-93CE-797C1253A5A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FF9731BB-5C9B-4060-9D5E-E61AD38B5568}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FFC5C59F-21E0-41D2-84BC-D0941449642A}
~~~ FireFox
Successfully deleted the following from C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\prefs.js
user_pref("extensions.toolbar.mindspark._gcMembers_.defaultSearchOption", "true");
user_pref("extensions.toolbar.mindspark._gcMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.installDate", "2013041112");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerId", "^XN^xdm101^S05015^de");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerSubId", "CN7G5e2wwrYCFUNP3godQUsA1A");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.toolbarId", "C3A1324B-E08B-411B-A282-57C6420D4166");
user_pref("extensions.toolbar.mindspark._gcMembers_.lastActivePing", "1371029641443");
user_pref("extensions.toolbar.mindspark._gcMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.searchHistory", "neunkirchen saar");
user_pref("extensions.toolbar.mindspark._gcMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "weatherblink@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "weatherblink@mindspark.com");
Emptied folder: C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\minidumps [32 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.06.2013 at 9:42:02,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
13.06.2013, 10:59
| #8 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de SpamCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2dacedb75798cf429e6a9a6ad176b85d
# engine=14059
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-13 09:24:36
# local_time=2013-06-13 11:24:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 99 8637 236538766 1401 0
# compatibility_mode=5893 16776574 100 94 62600364 122746667 0 0
# scanned=151340
# found=0
# cleaned=0
# scan_time=5828
Code:
ATTFilter OTL logfile created on: 13.06.2013 11:39:25 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UP\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,50 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 58,56% Memory free 4,99 Gb Paging File | 3,86 Gb Available in Paging File | 77,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,56 Gb Total Space | 68,07 Gb Free Space | 69,77% Space Free | Partition Type: NTFS Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS Drive Z: | 3,60 Gb Total Space | 3,44 Gb Free Space | 95,58% Space Free | Partition Type: NTFS Computer Name: UP-PC | User Name: UP | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\UP\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - c:\Programme\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.) PRC - C:\Programme\ICS\CashM\cashm.exe (ICS) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () MOD - C:\Windows\System32\CBNDLL.DLL () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Programme\ICS\CashM\zlib.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (OxSer) -- system32\DRIVERS\OxSer.sys File not found DRV - (OxMf) -- system32\DRIVERS\OxMf.sys File not found DRV - (catchme) -- C:\Users\UP\AppData\Local\Temp\catchme.sys File not found DRV - (amdiox86) -- system32\DRIVERS\amdiox86.sys File not found DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (CBN) -- C:\Windows\System32\drivers\CBN.SYS (MARX Datentechnik GmbH ) DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (OxPPort) -- C:\Windows\System32\drivers\OxPPort.sys (OEM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 58 A5 0A 88 66 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files\WeatherBlink\bar\1.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 21:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Extensions [2013.06.13 09:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions [2013.06.12 16:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\trash [2013.05.25 12:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.25 12:13:58 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013.06.12 17:31:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - Startup: C:\Users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CashMaster starten.lnk = C:\Programme\ICS\CashM\cashm.exe (ICS) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21BD6CFD-04ED-444C-9D38-C3D31A2B486A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E89008DF-4221-49A6-B68C-2235D22BF181}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.13 09:38:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.13 09:38:23 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.12 17:37:52 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.06.12 16:37:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.06.12 16:37:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.06.12 16:37:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.06.12 16:35:06 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.06.12 16:34:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.06.12 13:04:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\UP\Desktop\OTL.exe [2013.05.25 12:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.05.25 10:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.05.25 10:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2013.05.25 10:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2013.05.25 10:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.05.25 10:48:27 | 000,000,000 | ---D | C] -- C:\AMD [2013.05.15 18:19:00 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.15 18:18:58 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.15 18:18:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.15 18:18:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.05.15 18:18:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.15 18:18:56 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.15 18:18:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.05.15 18:18:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.05.15 18:18:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.05.15 18:18:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.05.15 09:03:00 | 000,077,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_AuthenticAMD.dll [2013.05.15 09:02:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2013.05.15 09:02:58 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.15 09:02:51 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.05.15 09:02:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2013.05.15 09:02:44 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe ========== Files - Modified Within 30 Days ========== [2013.06.13 11:22:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.13 09:38:23 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 09:38:23 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 09:29:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.13 09:29:15 | 2010,619,904 | -HS- | M] () -- C:\hiberfil.sys [2013.06.12 17:31:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.06.12 13:41:58 | 000,001,068 | ---- | M] () -- C:\Windows\Brpfx04a.ini [2013.06.12 13:38:27 | 000,658,988 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.12 13:38:27 | 000,620,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.12 13:38:27 | 000,132,558 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.12 13:38:27 | 000,108,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.12 13:04:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\UP\Desktop\OTL.exe [2013.06.12 11:22:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.12 11:22:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.28 17:24:00 | 000,012,579 | ---- | M] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg [2013.05.22 14:31:38 | 000,019,097 | ---- | M] () -- C:\Users\UP\Desktop\DIN-Formate.gif [2013.05.16 08:50:04 | 000,296,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.06.12 16:37:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.06.12 16:37:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.06.12 16:37:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.06.12 16:37:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.06.12 16:37:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.05.28 17:23:59 | 000,012,579 | ---- | C] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg [2013.05.22 14:31:37 | 000,019,097 | ---- | C] () -- C:\Users\UP\Desktop\DIN-Formate.gif [2013.03.29 04:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe [2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe [2013.03.29 03:24:06 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2013.03.29 03:24:06 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2013.03.12 07:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2013.03.04 20:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat [2013.02.01 02:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat [2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012.11.22 17:14:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2012.10.11 15:23:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012.01.06 16:08:40 | 000,000,000 | ---- | C] () -- C:\Users\UP\AppData\Roaming\JFritz.lock [2012.01.06 15:40:26 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat [2012.01.06 15:40:20 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.01.06 15:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2011.06.20 20:50:42 | 000,001,068 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2011.06.20 20:50:42 | 000,000,153 | ---- | C] () -- C:\Windows\brpcfx.ini [2011.06.20 20:50:22 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.06.20 20:50:22 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.06.20 20:49:32 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011.06.20 20:49:25 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll [2011.06.20 20:27:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL [2011.06.20 20:27:38 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI [2011.06.20 20:27:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT [2011.06.19 21:42:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.06.19 21:18:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.06.19 21:08:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 861 bytes -> C:\Users\UP\Documents\theo.eml:OECustomProperty < End of report > Code:
ATTFilter OTL Extras logfile created on: 13.06.2013 11:39:30 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UP\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,50 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 58,56% Memory free
4,99 Gb Paging File | 3,86 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,07 Gb Free Space | 69,77% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
Drive Z: | 3,60 Gb Total Space | 3,44 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B598A0-FED6-49FC-894E-3A65D06775C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A8F6D4F-AA61-4E4B-A4B6-E2CDDE9F6D45}" = rport=139 | protocol=6 | dir=out | app=system |
"{14A3D595-7DF8-452D-89FD-B9FC89E150A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16230073-52E9-44C0-BF23-9B752EA80E72}" = lport=137 | protocol=17 | dir=in | app=system |
"{36BD00FA-7A87-4492-AB23-23F6FAD154D6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3716BAF1-D37A-4979-AEAB-8B605AB65BF3}" = lport=3389 | protocol=6 | dir=in | app=system |
"{372EF30E-C0F9-4251-991B-A29B23D98436}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45A94CA0-0AC1-42DC-BA2B-EF87CC0D07E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A7F40A3-AAAF-4FAD-A45A-1B5628DC2571}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EEF8DA1-841D-4495-91E8-7EB085784C0F}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{63258CC0-832C-4AB7-A7D2-50D2F2BCC080}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68AE022E-CA35-4B01-868B-D2150703E790}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863A44E2-22F0-4DF6-919C-6C2CA1CD34C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8656AD80-0578-440A-B772-D2509EFD2DC2}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C343E14-CF79-4D15-A243-AFFA698249BE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8FD6EF72-21B7-4E0D-A971-CB1F6FAA2A5E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94C4491A-442E-427F-B597-CB410736009D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B696B67-A6E2-4A7D-9D04-D4B1B23CFF05}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A24533D4-90D1-4CF2-8542-40DC44576720}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A98271EA-6280-40B3-A256-BDFB4CD67AF2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B124F087-60B4-4559-8D31-B6472931001E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B12C3F56-5206-4EE9-A754-7224D08A0986}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7A0453E-0244-44E0-BEAC-2A29CDF646DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8DB6202-A501-441D-B8AD-7CDF3197D201}" = rport=445 | protocol=6 | dir=out | app=system |
"{BC3BC357-26C7-4EF5-AC16-4F543DBEC606}" = lport=138 | protocol=17 | dir=in | app=system |
"{DBC6B725-70D0-4FA9-8146-EF492DCF885B}" = rport=138 | protocol=17 | dir=out | app=system |
"{F2113536-7060-45CA-B437-EB5775A303C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD9F59EC-C536-4BBC-B1A8-B8FE46F44487}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06097CEE-C0D7-4993-91F6-046F49F46B10}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{0ABE0379-697F-43BD-B568-341514D34EA7}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{0FDBBB99-6991-4B25-BDB0-002982CD7F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22A9353B-A1A1-41AC-B63B-76C22AFBBCAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{250D6FA2-4DB7-49FD-A365-E1246E9B563F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F7591B7-5336-4AC9-83A5-E54357846011}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{331E0B20-26F5-4EE8-9EBD-B57548857648}" = protocol=6 | dir=out | app=system |
"{3A576EA8-71D1-4C44-89F7-4E0E3C7A993A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BB4C5B3-364F-400D-B5B9-F15000A99194}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3EB61444-7A3F-49BA-97BB-CDE123236518}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3FEF6BAF-9746-4458-BEF0-8A9A7DC93221}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41943D30-A712-485E-BB37-70066E57F17D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{571BA441-9B02-4544-A10D-137C34A3B436}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5B77DB1F-C866-4741-A097-5A049F6773B5}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{6CEB4F73-5BF9-45BE-A8BB-10D17452D259}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{71A84D4F-0B2D-417A-8232-FB79BB852E48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7716839E-9634-40B4-8429-B9E030C5F11F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{840916D8-F5EC-4465-8653-05698E2C7163}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85CEBB8C-10C4-4BCC-86DB-7FA32EAF5F74}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{8D07BD8B-2D26-43EB-923C-C05A0C13E6BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91CD68C6-0A16-4B46-956F-3A9B21A94B5C}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"{9393AED4-C0E1-4B0B-B5CC-ABE673B7CDBE}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{9B5CF10C-AACA-4266-8C56-89F5D715F779}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EA5C179-E75D-4C80-ABF7-FD3E22A65E02}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C2B7F119-34EB-4BA1-B963-4A6E9BC5E663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C998B17E-9358-4853-ACBC-3491ED27C966}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D1665D45-A4DB-4A5F-AAE5-1697BE4AC23B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D467D9BA-B5E7-43A6-896E-FB3003431623}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E0AD0BB6-CB5C-4346-A83D-5A06440B56A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F08E0C64-58B7-465C-A8BB-690B1FB9CA1A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{F6ACE780-7335-4CDA-90CF-8A7FD4D9B166}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"TCP Query User{B92153E0-DAF4-40B9-AD7C-9EAC0CCD03A5}C:\program files\jfritz\jfritz.exe" = protocol=6 | dir=in | app=c:\program files\jfritz\jfritz.exe |
"UDP Query User{D0D9DCB7-6EE4-4723-BAAA-B7FA2EBC723F}C:\program files\jfritz\jfritz.exe" = protocol=17 | dir=in | app=c:\program files\jfritz\jfritz.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022D2599-2316-4927-89F1-9188894CEB02}" = StarMoney
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}" = AMD Catalyst Install Manager
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{66CDB4B8-10A9-4D47-A948-D2564035AB3E}" = StarMoney 7.0
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B594A3F-FDF9-74A0-B3F6-C2E7B6AA339F}" = AMD Media Foundation Decoders
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98D77F94-61D8-0C3A-85E9-E588471956EB}" = AMD Accelerated Video Transcoding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6273C55-5524-4587-A655-D106125E7A41}" = CashMaster V1.40.021
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF595A9D-325A-0B86-4BFA-F2D90553A9FC}" = AMD Drag and Drop Transcoding
"{AF5B3ED5-70D3-48CF-A00F-FC29F5261A37}_is1" = JFritz 0.7.4.1.32
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1A70A4D-549B-4C56-9C00-EF55A22E52B6}" = StarMoney
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CBFDA5B8-3190-3CC6-A4B7-D27B3B48D72C}" = AMD Steady Video Plug-In
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DBE146EB-0898-4CDC-AABA-DCCA86659633}" = StarMoney 8.0
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2250DN
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{EA6451EA-DCCA-21BC-3BFE-018E1C43F0F4}" = AMD Fuel
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F314861D-F02B-07F6-612E-C51B1DA80EA4}" = ccc-utility
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Foxit Reader_is1" = Foxit Reader 5.0
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
< End of report >
|
|
13.06.2013, 11:00
| #9 |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.06.2013, 11:56
| #10 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam nein, auch vorher nicht :-) ANtivir hatte den Zugriff auf die Datei ja verweigert, ich denke also das Ding wurde eh geblockt. Trotzdem war das Ausführen obiger Progrämmchen wohl nicht schlecht :-) Habe jetzt noch den Plugin Check durchgeführt. Alles ok denke ich!? :-) Danke! |
|
13.06.2013, 18:45
| #11 |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Schau mal in die ganzen LOgs, unter gelöscht, und sag mir nochmal Avira hats komplett geblockt  Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob/Kritik loswerden möchtest: Lob, Kritik und Wünsche - Trojaner-Board Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 09:22
| #12 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Hi & Danke, alles sauber jetzt. Mit Avira meinte ich, dass es den Freenet Spam bzw. die exe geblockt hatte. Die Sachen die gelöscht wurden waren ja andere? ;-) Gruß |
|
18.06.2013, 12:27
| #13 |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Avira is müll, nimm lieber Avast
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 12:38
| #14 |
| | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam ja, werd ich bei gelegenheit mal umstellen ;-) |
|
18.06.2013, 13:31
| #15 |
| /// the machine /// TB-Ausbilder | Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam Alles klar
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam |
| antivir, breitband, datei, exe, file, free, freenet, kontaktiert, mail, mutter, namens, rechnung.zip, spam, tr/jorik.bublik.cq, versuch, versucht, virus, vorgehen, zugriff |
Linear-Darstellung
