Rechner mit dem GVU 2.12 Trojaner befallen!

Dennis1997 · 26.04.2014, 20:21

Hallo,
der Rechner einer Verwandten ist mit dem GVU 2.12 Trojaner befallen. Sie meine, dass der Trojaner schon eine Weile drauf ist.
Es lassen sich keine Fenster, wie z.B. der Task-Maneger, öffnen. Auch die Kiste im abgesicherten Modus zu starten, hat nicht geklappt.

Bei dem Betriebssystem handelt es sich um Windows 7 64-Bit.

Ich hoffe es kann mir geholfen werden.

Danke schon einmal im Voraus!

schrauber · 26.04.2014, 20:35

hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)

Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)

Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST 32-Bit | FRST 64-Bit

Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.

Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:

Über den Boot Manager:

Starte den Rechner neu.

Während dem Hochfahren drücke mehrmals die F8 Taste

Wähle nun Computer reparieren.

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Mit Windows CD/DVD (auch bei Windows 8 möglich):

Lege die Windows CD in dein Laufwerk.

Starte den Rechner neu und starte von der CD.

Wähle die Spracheinstellungen und klicke "Weiter".

Klicke auf Computerreparaturoptionen !

Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".

Wähle in den Reparaturoptionen: Eingabeaufforderung

Gib nun bitte notepad ein und drücke Enter.

Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.

Schließe Notepad wieder

Gib nun bitte folgenden Befehl ein.
e:\frst.exe bzw. e:\frst64.exe
Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.

Akzeptiere den Disclaimer mit Ja und klicke Untersuchen

Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

Dennis1997 · 26.04.2014, 21:14

ups hatte mich dann doch vertan, es ist ein Windows 7 64-Bit System.^^

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by SYSTEM on MININT-JP9IJ9U on 26-04-2014 22:17:44
Running from H:\
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Users\Angie\Desktop\wohngeld unterlagen\PDF24\pdf24.exe
HKU\1212\...\Policies\system: [LogonHoursAction] 2
HKU\1212\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Angie\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\Angie\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKU\Angie\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKU\Angie\...\Policies\system: [LogonHoursAction] 2
HKU\Angie\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Juli\...\Policies\system: [LogonHoursAction] 2
HKU\Juli\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q8zg8qb.lnk
ShortcutTarget: q8zg8qb.lnk -> C:\ProgramData\bq8gz8q.plz ()
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
S2 Winmgmt; C:\ProgramData\q8zg8qb.pzz [62052 2013-10-04] (Microsoft Corporation)
S3 hpqcxs08; E:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S2 hpqddsvc; E:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]

==================== Drivers (Whitelisted) ====================

S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [573952 2007-05-29] (PixArt Imaging Inc.)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-23] (Duplex Secure Ltd.)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2010-04-26] (MCCI Corporation)
S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2010-04-26] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2010-04-26] (MCCI Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 22:17 - 2014-04-26 22:17 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

2014-04-26 22:17 - 2014-04-26 22:17 - 00000000 ____D () C:\FRST
2014-04-26 11:04 - 2010-07-23 13:00 - 02011512 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 10:56 - 2012-11-08 00:26 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 10:51 - 2009-07-13 20:45 - 00014016 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 10:51 - 2009-07-13 20:45 - 00014016 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 10:44 - 2013-07-16 02:24 - 00006316 _____ () C:\Windows\setupact.log
2014-04-26 10:44 - 2010-07-23 13:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-26 10:44 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 10:41 - 2013-10-04 06:59 - 00000000 _____ () C:\ProgramData\q8zg8qb.ctrl
2014-04-26 10:41 - 2012-11-08 00:26 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 10:41 - 2012-05-30 10:01 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-04-26 10:14 - 2012-10-01 20:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 09:37 - 2013-10-04 06:59 - 95025368 ____T () C:\ProgramData\q8zg8qb.pff

Files to move or delete:
====================
C:\ProgramData\bq8gz8q.plz
C:\ProgramData\l3jz.exe
C:\ProgramData\q8zg8qb.ctrl
C:\ProgramData\q8zg8qb.pff


Some content of TEMP:
====================
C:\Users\1212\AppData\Local\Temp\AskSLib.dll
C:\Users\Angie\AppData\Local\Temp\GdiPlus.dll
C:\Users\Angie\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Angie\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Angie\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Angie\AppData\Local\Temp\phlwyqovhtuqltkjjdq.bfg
C:\Users\Guest\AppData\Local\Temp\AskSLib.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-10-03 03:35:22
Restore point made on: 2013-10-03 03:41:45
Restore point made on: 2013-10-07 05:43:27
Restore point made on: 2014-04-26 09:45:05

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3070.49 MB
Available physical RAM: 2493.92 MB
Total Pagefile: 3068.64 MB
Available Pagefile: 2487.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:58.5 GB) (Free:5.17 GB) NTFS
Drive e: (Sonstiges) (Fixed) (Total:195.31 GB) (Free:68.94 GB) NTFS
Drive f: (Programme) (Fixed) (Total:211.85 GB) (Free:3.28 GB) NTFS
Drive h: () (Removable) (Total:0.98 GB) (Free:0.97 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5C70D25A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=212 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1000 MB) (Disk ID: 004D5F6F)
Partition 1: (Active) - (Size=1000 MB) - (Type=06)


LastRegBack: 2013-10-06 04:19

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.04.2014, 18:42

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Startup: C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q8zg8qb.lnk
ShortcutTarget: q8zg8qb.lnk -> C:\ProgramData\bq8gz8q.plz ()
S2 Winmgmt; C:\ProgramData\q8zg8qb.pzz [62052 2013-10-04] (Microsoft Corporation)
C:\ProgramData\bq8gz8q.plz
C:\ProgramData\l3jz.exe
C:\ProgramData\q8zg8qb.ctrl
C:\ProgramData\q8zg8qb.pff

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Rechner normal starten.

Dennis1997 · 29.04.2014, 19:33

Inhalt der Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-04-2014 03
Ran by SYSTEM at 2014-04-29 20:32:39 Run:1
Running from H:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
Startup: C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q8zg8qb.lnk
ShortcutTarget: q8zg8qb.lnk -> C:\ProgramData\bq8gz8q.plz ()
S2 Winmgmt; C:\ProgramData\q8zg8qb.pzz [62052 2013-10-04] (Microsoft Corporation)
C:\ProgramData\bq8gz8q.plz
C:\ProgramData\l3jz.exe
C:\ProgramData\q8zg8qb.ctrl
C:\ProgramData\q8zg8qb.pff
*****************

C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q8zg8qb.lnk => Moved successfully.
C:\ProgramData\bq8gz8q.plz => Moved successfully.
Winmgmt => Service restored successfully.
"C:\ProgramData\bq8gz8q.plz" => File/Directory not found.
C:\ProgramData\l3jz.exe => Moved successfully.
C:\ProgramData\q8zg8qb.ctrl => Moved successfully.
C:\ProgramData\q8zg8qb.pff => Moved successfully.

==== End of Fixlog ====

schrauber · 30.04.2014, 23:38

Startet der Rechner normal?

Dennis1997 · 01.05.2014, 03:07

ja er startet ganz normal und man kann auch wieder auf alles zugreifen.
Wäre also damit schon der Trojaner beseitigt?

schrauber · 01.05.2014, 16:58

Nein

Ab jetzt alles im normalen Modus:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Dennis1997 · 01.05.2014, 17:47

uff..

Inhalt der FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 01
Ran by Angie (administrator) on ANGIE-PC on 01-05-2014 18:46:58
Running from C:\Users\Angie\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Users\Angie\Desktop\wohngeld unterlagen\PDF24\pdf24.exe
HKU\S-1-5-21-1634502134-1740630880-2558322754-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-1634502134-1740630880-2558322754-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKU\S-1-5-21-1634502134-1740630880-2558322754-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-15] (SUPERAntiSpyware.com)
HKU\S-1-5-21-1634502134-1740630880-2558322754-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1634502134-1740630880-2558322754-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF10B0D24AC2ACB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {1667E1A2-90A7-4AE3-8CFC-751807441660} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {1667E1A2-90A7-4AE3-8CFC-751807441660} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {8BEF45CA-1BB7-4726-9402-A45062564E4F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=560c149a-bfc0-4248-8169-e4b8609652a6&apn_sauid=366F1E09-C34A-4351-A618-091D1119278F
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - E:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll No File
Toolbar: HKCU - No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default
FF DefaultSearchEngine: Google
FF Homepage: www.google.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ICQ Sparberater - C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\Extensions\ciuvo-extension@icq.de.xpi [2012-06-14]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - E:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - E:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Extension: (YouTube) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-08]
CHR Extension: (Google-Suche) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-08]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-11-08]
CHR Extension: (Google Mail) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-08]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Angie\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-25]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Angie\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-08]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-08] (SUPERAntiSpyware.com)
S3 hpqcxs08; E:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S2 hpqddsvc; E:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]

==================== Drivers (Whitelisted) ====================

S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [573952 2007-05-29] (PixArt Imaging Inc.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-23] ()
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2010-04-27] (MCCI Corporation)
S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2010-04-27] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2010-04-27] (MCCI Corporation)
U3 apwfzq3t; C:\Windows\System32\Drivers\apwfzq3t.sys [0 ] (Microsoft Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 18:46 - 2014-05-01 18:47 - 00014074 _____ () C:\Users\Angie\Desktop\FRST.txt
2014-05-01 18:44 - 2014-05-01 18:36 - 02061824 _____ (Farbar) C:\Users\Angie\Desktop\FRST64.exe
2014-04-27 08:17 - 2014-05-01 18:46 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

2014-05-01 18:47 - 2014-05-01 18:46 - 00014074 _____ () C:\Users\Angie\Desktop\FRST.txt
2014-05-01 18:46 - 2014-04-27 08:17 - 00000000 ____D () C:\FRST
2014-05-01 18:45 - 2010-07-23 23:22 - 00655500 _____ () C:\Windows\system32\perfh007.dat
2014-05-01 18:45 - 2010-07-23 23:22 - 00130700 _____ () C:\Windows\system32\perfc007.dat
2014-05-01 18:45 - 2009-07-14 07:13 - 01507342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 18:44 - 2012-11-08 10:26 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 18:44 - 2012-05-30 20:01 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-05-01 18:44 - 2010-07-23 23:00 - 02021935 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 18:43 - 2013-07-16 12:24 - 00007256 _____ () C:\Windows\setupact.log
2014-05-01 18:41 - 2010-07-23 23:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-01 18:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 18:36 - 2014-05-01 18:44 - 02061824 _____ (Farbar) C:\Users\Angie\Desktop\FRST64.exe
2014-04-30 06:32 - 2010-07-23 23:04 - 00000000 ___RD () C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 23:56 - 2012-11-08 10:26 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 23:14 - 2012-10-02 06:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 20:43 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 20:43 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

Some content of TEMP:
====================
C:\Users\1212\AppData\Local\Temp\AskSLib.dll
C:\Users\Angie\AppData\Local\Temp\GdiPlus.dll
C:\Users\Angie\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Angie\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Angie\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Angie\AppData\Local\Temp\phlwyqovhtuqltkjjdq.bfg
C:\Users\Guest\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 22:18

==================== End Of Log ============================

--- --- ---

Inhalt der Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 01
Ran by Angie at 2014-05-01 18:48:15
Running from C:\Users\Angie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.175 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Ahead.Nero v9.4.13.2 (HKLM-x32\...\Ahead.Nero_is1) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Führerschein Lernsoftware (HKLM-x32\...\Führerschein Lernsoftware) (Version:  - WISSEN digital GmbH)
Glary Utilities 2.44.0.1450 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.44.0.1450 - Glarysoft Ltd)
Google Drive (HKLM-x32\...\{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}) (Version: 1.11.4865.2530 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java(TM) 6 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
PDF24 Creator 4.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1C49E606-8C21-4250-96DC-481117D893D9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

07-10-2013 13:43:21 Windows Backup
26-04-2014 17:45:00 Windows Backup
29-04-2014 18:47:06 Windows Backup

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {11FA7EC5-533E-4E46-80DD-3CA6A6042B14} - System32\Tasks\{B2E35768-0B94-4D06-B0A4-0B82F044EBEE} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {1CBE61EA-9F01-4AE0-BBFD-36F96E86BA4D} - System32\Tasks\{FB5C7CA5-A11E-4E58-B775-F3B38FE558FB} => Firefox.exe 
Task: {1E297463-A7BC-4137-A413-F75986D14658} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1E692BBB-9F7D-488E-8F9D-9D035756AF71} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {22945E67-E299-4A06-B3CA-F3A3532D04F6} - System32\Tasks\{42B7DEC3-E72C-4872-84C7-2487B339B927} => Firefox.exe 
Task: {2F2A0ACE-633E-42EB-B3BB-1FA8A422A520} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {314EA001-6A87-4320-8C9F-6C6739818442} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08] (Google Inc.)
Task: {4DF18E6D-2831-40C8-A575-E5608F1D790E} - System32\Tasks\{372F9F72-030D-4D39-AD10-33D4EFEB40D4} => F:\Setup.exe
Task: {5251D4D0-7121-4030-BECC-84674A446BF7} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2012-04-06] (Glarysoft Ltd)
Task: {6C3C1B05-4740-4FF2-B2C6-CD247157A5A3} - System32\Tasks\{507209FE-39C8-4ABC-B4E0-CF3B6C4C00E5} => Firefox.exe 
Task: {70CC75C7-DF91-473B-BF2B-4173C44CDB59} - System32\Tasks\{93309C8A-105F-428D-8C44-0DDFE92C7D32} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [2013-05-10] (Adobe Systems Incorporated)
Task: {83F0F9D1-84FE-451F-BCE5-BEAA13082A86} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1634502134-1740630880-2558322754-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {9BD66140-A692-4E8B-BC42-C17229E53E41} - System32\Tasks\{0BF5998F-A473-43FE-9441-469736A73B2E} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [2013-05-10] (Adobe Systems Incorporated)
Task: {ADD5B638-D4D8-4A34-B90D-0B58BF8E4DF1} - System32\Tasks\{97448F10-8F25-4CAC-96C5-3B7D4B772EE5} => Firefox.exe 
Task: {AE4EAB2A-442E-440B-A5B3-F09B84DA9262} - System32\Tasks\{C70DEDF3-494A-4A2C-AA8E-8911341A8533} => C:\Program Files (x86)\MMEDIA\VP-EYE Camera\VPEye_Capture.exe
Task: {B7300BDD-6A1B-42F0-BCD5-9F2342112FB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08] (Google Inc.)
Task: {D740810A-0ECD-44C5-974E-AEFB2D614E4A} - System32\Tasks\{72E1DB52-571F-4655-855D-0BBCC1F6DC7B} => F:\Setup.exe
Task: {EF552836-F7EC-4484-8134-D02295A86F71} - System32\Tasks\{A5558216-4A50-4A84-B6FA-244B5931E49E} => F:\Setup.exe
Task: {F9382639-5FDC-47ED-B248-C3F58B59BF4A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1634502134-1740630880-2558322754-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-17 23:26 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-23 23:06 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-01 18:44 - 2014-05-01 18:44 - 00098816 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32api.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00110080 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\pywintypes27.dll
2014-05-01 18:44 - 2014-05-01 18:44 - 00364544 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\pythoncom27.dll
2014-05-01 18:44 - 2014-05-01 18:44 - 00044032 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_socket.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 01153024 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_ssl.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00320512 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32com.shell.shell.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00711680 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_hashlib.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 01175040 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._core_.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00805888 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._gdi_.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00811008 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._windows_.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 01062400 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._controls_.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00735232 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._misc_.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00128512 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_elementtree.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00127488 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\pyexpat.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00557056 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\pysqlite2._sqlite.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00087040 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_ctypes.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00119808 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32file.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00108544 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32security.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00018432 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32event.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00038912 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32inet.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00122368 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._wizard.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00686080 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\unicodedata.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00026624 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\_multiprocessing.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00070656 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\wx._html2.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00010240 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\select.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00025600 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32pdh.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00504832 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\windows._cacheinvalidation.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00011264 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32crypt.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00035840 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32process.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00017408 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32profile.pyd
2014-05-01 18:44 - 2014-05-01 18:44 - 00022528 _____ () C:\Users\Angie\AppData\Local\Temp\_MEI25642\win32ts.pyd

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HP Software Update => E:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/06/2013 03:02:03 PM) (Source: MsiInstaller) (User: Angie-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (10/06/2013 03:01:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 10.0.9200.16686, Zeitstempel: 0x52058d43
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 10.0.9200.16686, Zeitstempel: 0x52059236
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000041a57c
ID des fehlerhaften Prozesses: 0x4b0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (10/06/2013 03:00:03 PM) (Source: MsiInstaller) (User: Angie-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (10/06/2013 02:59:05 PM) (Source: MsiInstaller) (User: Angie-PC)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (07/16/2013 00:28:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b
Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00173668
ID des fehlerhaften Prozesses: 0xed4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/16/2013 09:49:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.1106, Zeitstempel: 0x50f957dd
Name des fehlerhaften Moduls: nvtray.exe, Version: 7.17.13.1106, Zeitstempel: 0x50f957dd
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000155149
ID des fehlerhaften Prozesses: 0xaa0
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (06/27/2013 01:42:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c40f2
ID des fehlerhaften Prozesses: 0x920
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (06/12/2013 10:19:59 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Context:  Application, SystemIndex Catalog

Error: (05/12/2013 07:22:09 PM) (Source: Microsoft-Windows-Backup) (User: NT AUTHORITY)
Description: Fehler bei der um 2013-05-12T17:00:28.108913300Z gestarteten Sicherung. Fehlercode: "2155348129" (%%2155348129). Suchen Sie in den Ereignisdetails nach einer Lösung, und führen Sie die Sicherung erneut aus, nachdem das Problem behoben wurde.

Error: (04/16/2013 00:22:29 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.


Operation:
   Subscribing Writer

Context:
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {cbbf0c82-a777-4f12-9e95-a7abda34495b}


System errors:
=============
Error: (05/01/2014 06:43:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/01/2014 06:43:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/01/2014 06:41:25 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (05/01/2014 06:41:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/29/2014 09:36:19 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/29/2014 09:36:17 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/29/2014 09:36:14 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/29/2014 09:36:12 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/29/2014 08:50:22 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (04/29/2014 08:38:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office Sessions:
=========================
Error: (06/10/2012 05:05:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-09-04 09:45:05.066
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-04 09:45:04.848
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-02 13:39:53.247
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-02 13:39:53.029
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-07 11:04:31.726
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-07 11:04:31.461
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-27 14:32:45.500
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-27 14:32:45.250
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-14 08:53:29.633
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-14 08:53:29.383
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 3070.49 MB
Available physical RAM: 1963.42 MB
Total Pagefile: 6139.17 MB
Available Pagefile: 4826.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:58.5 GB) (Free:5.11 GB) NTFS
Drive d: (Sonstiges) (Fixed) (Total:195.31 GB) (Free:68.94 GB) NTFS
Drive e: (Programme) (Fixed) (Total:211.85 GB) (Free:2.15 GB) NTFS
Drive l: () (Removable) (Total:0.98 GB) (Free:0.97 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5C70D25A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=212 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 1000 MB) (Disk ID: 004D5F6F)
Partition 1: (Active) - (Size=1000 MB) - (Type=06)

==================== End Of Log ============================

schrauber · 02.05.2014, 16:39

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1004\User: Group Policy restriction detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Dennis1997 · 02.05.2014, 22:59

Inhalt der Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-05-2014 01
Ran by Angie at 2014-05-02 23:28:02 Run:2
Running from C:\Users\Angie\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1004\User: Group Policy restriction detected <======= ATTENTION
*****************

C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1005\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1634502134-1740630880-2558322754-1004\User => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====

Inhalt der Combofix.txt:

Code:

ATTFilter

ComboFix 14-04-30.01 - Angie 02.05.2014  23:34:56.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1033.18.3070.2086 [GMT 2:00]
ausgeführt von:: c:\users\Angie\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Angie\AppData\Local\Temp\_MEI27802\_ctypes.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\_elementtree.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\_hashlib.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\_multiprocessing.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\_socket.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\_ssl.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\msvcp100.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\msvcr100.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\pyexpat.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\pysqlite2._sqlite.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\python27.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\pythoncom27.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\PyWinTypes27.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\select.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\unicodedata.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32api.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32com.shell.shell.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32crypt.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32event.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32file.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32inet.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32pdh.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32process.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32profile.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32security.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\win32ts.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\windows._cacheinvalidation.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._controls_.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._core_.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._gdi_.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._html2.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._misc_.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._windows_.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wx._wizard.pyd
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxbase294u_net_vc90.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxbase294u_vc90.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxmsw294u_adv_vc90.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxmsw294u_core_vc90.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxmsw294u_html_vc90.dll
c:\users\Angie\AppData\Local\Temp\_MEI27802\wxmsw294u_webview_vc90.dll
c:\users\Angie\Documents\~WRL0004.tmp
c:\users\Angie\Documents\~WRL1569.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-02 bis 2014-05-02  ))))))))))))))))))))))))))))))
.
.
2014-05-02 21:41 . 2014-05-02 21:41	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-05-02 21:41 . 2014-05-02 21:41	--------	d-----w-	c:\users\Juli\AppData\Local\temp
2014-05-02 21:41 . 2014-05-02 21:41	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2014-05-02 21:41 . 2014-05-02 21:41	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-02 21:41 . 2014-05-02 21:41	--------	d-----w-	c:\users\1212\AppData\Local\temp
2014-04-27 06:17 . 2014-05-02 21:28	--------	d-----w-	C:\FRST
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 PAC207;PC Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-02 17:14]
.
2014-05-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-05-30 19:06]
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08 08:26]
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-08 08:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Angie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\users\Angie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
BHO-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
Toolbar-{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
Wow6432Node-HKLM-Run-PDFPrint - c:\users\Angie\Desktop\wohngeld unterlagen\PDF24\pdf24.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1 - c:\users\Angie\Desktop\wohngeld unterlagen\PDF24\unins001.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-02  23:50:23 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-02 21:50
.
Vor Suchlauf: 5.567.770.624 Bytes frei
Nach Suchlauf: 5.803.393.024 Bytes frei
.
- - End Of File - - C3CA0EEF720B4A717B8DCBA5DD585E71
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 04.05.2014, 07:28

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Dennis1997 · 14.05.2014, 19:37

Inhalt der mbam.txt:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 14.05.2014
Suchlauf-Zeit: 20:22:19
Logdatei: antimaleware log.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Angie

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 359132
Verstrichene Zeit: 1 Std, 17 Min, 33 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Inhalt der AdwCleaner[S0].txt:

Code:

ATTFilter

# AdwCleaner v3.208 - Report created 14/05/2014 at 20:27:31
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Angie - ANGIE-PC
# Running from : C:\Users\Angie\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Angie\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Guest\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Guest\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Guest\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Guest\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\ICQToolbarData
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic-de3AutoUpdaterHelper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic-de3AutoUpdaterHelper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader38341_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader38341_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_glary-utilities-portable_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_glary-utilities-portable_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (de)

[ File : C:\Users\1212\AppData\Roaming\Mozilla\Firefox\Profiles\hs2k1bs3.default\prefs.js ]


[ File : C:\Users\Angie\AppData\Roaming\Mozilla\Firefox\Profiles\wqmyku2x.default\prefs.js ]


[ File : C:\Users\Juli\AppData\Roaming\Mozilla\Firefox\Profiles\i044zcdw.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5420 octets] - [14/05/2014 20:26:57]
AdwCleaner[S0].txt - [5437 octets] - [14/05/2014 20:27:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5497 octets] ##########

Inhalt der JRT.txt:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Angie on 14.05.2014 at 20:31:53,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1667E1A2-90A7-4AE3-8CFC-751807441660}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BEF45CA-1BB7-4726-9402-A45062564E4F}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{008D809E-FDA0-461A-9417-ECA28C902246}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{00A0E14A-C7DF-48CB-B793-9E266B14A995}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{00A6B312-C369-423B-BD8F-B2C4D25A4E3D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{00E6BA69-816F-4330-85C2-4611FA063D23}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{01198736-D4E2-4E48-B77B-195078FAE974}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0126BD39-3FB5-4EE4-9370-799745D62B87}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{01CABF89-C2EA-4B07-9962-EFD75658ACDB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{01F98830-C9DF-4C82-8821-5E1462B070B0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{023A442A-080A-43F3-B005-B0A5EC3A5075}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0262692F-A192-44C6-845A-6311F2E7474B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{02647036-03ED-451E-8831-5552BC49CD0E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{029BDA04-1CC7-4FAA-A7D7-EDCD941664B1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{02A8C1A5-EB61-42F3-B985-F16874B218B2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{02CC6E37-C46C-4A06-A97F-5A23C33AFDDD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{03255B8E-83EF-420D-93F9-3CB4F2B6891E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{03C4C963-DC97-4841-8178-A7D59BDC0581}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{04648872-1D81-404D-8FFD-E1F83BDBDBC1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{04729272-E404-4088-8BF8-3E9B3F938390}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{04C0339F-5605-4103-8808-6ADC58E99DD4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{04F9FE2E-F489-4554-9F37-DF6F0472F61F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{054BEE35-AEC3-481F-9AE1-2064A66AC01E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{05F45A33-F5C8-46FC-B250-8B21EEBD26A3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0619F434-4786-4D77-A187-A94B556B0218}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{06310423-955D-4857-9E26-CD4CD0C57B0A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{06A7D5F8-3EF5-4E84-86C0-F4F529E5B378}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{07A5FEA3-367B-423E-B2CD-CD711D3D5011}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0990C1DF-CADE-4E32-BAF9-7DF2E8367D17}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{09E7F76E-A984-4D7E-AEA8-19A4832D2F86}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0A378EEF-5333-446A-AEC7-664E4FBB7069}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0AAA593D-5CB2-46AE-8D37-90AC8F5EDA51}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0AC8F71E-803E-4CD9-AB4E-38CF872F9C05}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0B0CAC01-1057-4F84-AB66-3AE9B5D9024C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0B3D7F8F-2985-4A13-88F8-9683CEC272C3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0B6A3C4A-92C7-4B88-8422-2FE0890E93C7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0CE19BC3-D727-4416-B66B-4AD4E9CDF663}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0CECA694-75F1-4994-8E47-8459147A276D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0CEF1783-F4D2-4697-A650-83D742CC1DD5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0CF35EF6-FFA4-486F-A253-603778FCD58B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0DCEE751-0DC3-4434-91AB-C25F0C5AC23F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0E70F6FF-36D6-40F1-9E00-420BF405B588}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0EEB528D-626B-4C59-9F17-07E7AD300419}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0F093F81-B9CD-4D7A-AA74-22D7FBB2FA2A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0F39A3F2-BF69-4232-AA86-821B6641F1AD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{0F68D91A-32F9-4DEF-9CBB-3BD96522EC11}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{10333ED6-4535-4B9C-89A8-ABEBF0B49090}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1084467A-80D2-4268-A79E-F17F58808893}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{10F2D60E-8601-4095-9607-BA5345453C20}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{11F11842-1645-4794-9FD0-B9CCB0340F6A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{120C94CB-8A74-43BA-A95F-D734F937D034}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{12166DB5-A55E-4C83-BB71-19B69C2EC76C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{135A08ED-3849-4E40-86B0-713A8C0CDA05}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1371E1DC-69A7-432F-8AC6-054678C529B6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{13A7824B-CB02-4EAA-92DA-171522E93BE5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{13C00F16-EDEA-4E6B-AE57-3EB2656C016F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{13CB5F3D-90A0-47DE-92BE-DA3C196E4D39}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{13EE4487-CEFA-47C9-A028-146CC3CA1632}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{15D6980B-E031-4CB8-A920-402944D9305F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{15F309B0-F846-431D-8E12-9AA4C980D1DD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1606FFCA-1FB1-4FB8-B99D-B1F20E3DC973}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{171F6EFF-326A-4EE1-B303-5A10D8061296}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{175E21BD-187F-4A08-8755-4B4B1D4EACE5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{178AD994-4F7C-412A-9652-9B924CAD16A6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{17D812D4-011C-4998-A088-7FBC439B0F18}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1902B2C8-0D6E-42A4-AA75-39BAD042491D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{192B3773-07F0-4913-87B3-E29D7B5EAB43}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{199EE4F4-9500-4981-AFD1-8B1F161F95AA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1A3B491B-6E9B-425F-9A61-F863EE61B11D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1A668F32-B2D6-41A9-8949-581DBAB0F592}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1B12CA45-9750-4754-8B2F-3AAAD040C0DC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1B1ECB2B-7FCA-4BC4-8E14-88D68721B931}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1BE6875C-C727-4529-9DF9-02AA482AA680}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1C065CE9-5147-4761-B248-A29C669E4488}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1C0F5F85-7C4D-4C3B-AB1A-EBF6C0CAF993}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1EE0E60F-A6E3-4615-A1CF-61B749756964}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1EE5D49E-BCF3-4014-9CCB-1695D96C1A65}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1F11BD74-FDD7-42D0-B75B-809E76445FA1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1F17D5C1-ED9E-4A92-AC49-173014476F4E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{1FDBC72A-AED0-46E3-AC02-1A340EC7E9FC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{20527D6F-67EE-474C-89DB-1DA392421983}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2098B7A3-B942-4B02-8F45-6BF21D084F15}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{20B3CB80-8291-46F1-9834-235F157DFFB8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{20FB3AA3-6DC7-4465-915B-CBD07354DEE8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{21B4D5D7-1988-4E35-A604-C693032C72E1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{21D30457-5F99-41E3-8229-CDE51621BEFB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{21E5406F-78B1-47E9-BEB0-9DDF41FD2682}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{22F22975-A86F-4AE6-BA1C-F7E9EE057933}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{23A5CAA2-5362-4E2B-9FA9-1B7250A5244B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2428E90A-37F1-4F21-8B9E-621373728185}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2435EC14-60D7-415A-ADB8-472436C36458}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{249641F1-5622-4971-8B81-9E2229528219}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{257DA205-3572-487C-9181-2F9F50008C61}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2582A275-54AE-476D-A281-AB79940D4774}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{25AB82B3-9ABF-4AF4-B1B0-5BE73FAC6E21}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{25B0B67E-292D-4E0E-965C-0579A7875F3B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{25F5A8CF-F2BF-4FB3-B8FB-EF6C29EC89C7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{27039B5B-2A4C-4947-9F85-456407489646}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{27B4DA25-7BE3-471F-B0DD-6DE2A2582412}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{281975AF-153D-4920-9ADF-FD41780598CB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2845AB1F-2582-438C-A886-36BEB542CA1D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{292A76A8-3468-478B-83C8-6C1AAEEE0ED9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{29302CEE-2365-430D-8270-9834FD50ED45}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{295F1D67-C2B1-41DC-9003-58E4323E07EE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{29B1F955-D5DA-4964-8F90-84B17F7FA820}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2A3AD73B-1B33-4DAD-992A-57D655820E86}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2B6107C3-1151-4E48-88E7-A77AD64F0A06}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2BF8FFFB-F5A3-4305-B003-1662520F5C35}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2C30FF73-E566-46C2-A400-EADB3DC6FA43}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2C53613F-D70C-452E-AE0D-6EFB0AC44221}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2D5C22C1-B2E8-4DB2-B675-6AB15C6C1DC7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2D76D8C4-88EB-4007-BBCD-BDF8D4F9286F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2DDAB66C-D9C6-4369-8627-8F61A6AEF276}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2E304517-CF63-4C6E-973A-FC5DE723FB3A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2E8B0B6C-BA6C-434E-9541-B63EA1E20557}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2F343348-9852-4383-BA4F-E3CCC0C9E1B9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2F437BF0-83E8-4E0D-BD5E-321F6E2E478A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{2F58C312-2188-455F-AF9D-137535D10788}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{30F7FD29-CBAD-45B7-A662-54D605A1C050}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3100A44C-63B3-4643-87E0-189C665A30DE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{318693AF-2FDA-46F7-9E57-4ADCE3A1AAE1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{318CFABB-87ED-4577-A26E-446420E0D337}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{33580D53-4F9E-4028-8213-B7B9179E9B21}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{33FC9302-56DF-4B52-B9F2-9CA77AF671A9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3425F284-22D7-47CB-9AEB-1BA2BA2EB162}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3458ADC6-4A21-49BC-A4DC-96EB6762B87A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{34843FC2-22C2-4F51-972B-B11CFC3E4EB4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{34BD827C-CEC7-4ABA-A77C-C8463488062B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{352993C6-8809-4051-AACD-7CAD4996A6D9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{35989539-10EE-4F98-A5AA-2D2651626AAA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{36AD7EFF-C4EF-4253-94F5-F9D64109A9C1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{36D42089-5EEB-4288-BF4D-5C083A8A4092}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{36DE5351-6033-422A-A0C1-DB78BF0FABF0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{37B2A223-5FF1-4AE8-868B-EDC3927B4DF1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{38012419-FD22-4E45-A5AB-908632FDBBCB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{38F36812-3A08-4157-8477-2EE9FB678922}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{391DC24D-41C3-4CBA-BFB7-65179D5890EA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{39480CC1-B78F-48E4-9EF9-D7F13C1703B3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3A703BC5-FB86-4D0B-9B38-4B5E29D234BD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3AD154E1-9882-4F9F-A144-F102A5E50FA2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3CA829B4-EE88-4D0C-8723-5D8607E83785}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3DE1334F-C866-40E9-853C-F9F05EEE03BB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3DE2C061-B216-4720-9380-4C819D2A43E3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3DE69A08-F9FC-4C34-B8E3-30A3875CE517}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3E06CA9C-DBE5-456B-BC5E-0BF2C6E1D668}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3EB09078-5932-470E-9347-3C521E0E797B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3EC2B4BA-441A-4E0E-ABD4-636B8B7A8189}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3F10286C-D1E8-458E-81B8-5F506B0AB2E2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3FD3BBB7-2DE4-4C63-A591-5990B80A9C69}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{3FE13F16-09F5-41F3-A292-76A50AE1CF52}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{40A4E205-0A1B-444A-9310-DB2F035CDAD2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{416955F8-BF40-4EEC-B430-886D554B908E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{417A2051-6C19-408F-84DD-62F787572C41}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{41CD7432-B2F8-42EF-8BEF-F3D8AA15E043}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{41D79459-8D2F-4A32-ACE4-D83E9B841890}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{41ED5CFA-0EF5-4899-ABD8-F15206912889}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{41F72169-18A8-44C7-ACA6-CD3786B6EE0F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4416B855-7126-46D4-AB1A-5D67E73A3545}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{44174000-A660-4D02-868C-06AC7AD1B2E4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{47560CC0-65ED-4625-B0EB-D6D880CF6AA2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4770C030-75B1-4700-BE88-0359E13555FE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{47A1D6FD-A6CC-4CE0-B30E-0744221C7AEA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{47A36253-8246-4A22-B8F7-E55C8027C714}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{487739D6-ACF5-410B-892C-D084ACBAFA8F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{487E0F91-1E6A-40E3-875E-4FBAE89304A8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{489E953F-FB27-4150-B0A3-A60A5087322B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{48C5E665-547D-4250-BF4B-E677DE8DD022}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{48E01AF0-2715-4081-8CFD-46B1EB763028}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4B5739D5-D23C-4FBF-9F7B-324CB4C497BA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4BE4E1C8-0713-4FAA-9A4A-235C80A8879B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4BED5777-15BA-4753-8B0F-E065A431B74E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4BF1D798-F9BE-4D4E-B8B3-5EE53CA78DBA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4BF20223-FEB4-479E-B1C7-0039B78BB905}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4C4E9A54-C114-4171-8F7C-9684A9F81D1C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4C9298F6-8E82-4CF2-97CD-F75E8130688E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4C9AC3F5-2E88-4064-A526-6A8D84254447}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4D1BAA81-84DC-4471-A0CF-4856DCAC08C3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4DAA2E6B-429F-4BBC-909B-4D99A235FAEB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4F12BDC3-F535-4346-8D4A-ED51F92D190D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{4FD714D1-468E-49F3-8907-78A27E6A04DB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5031B1F1-BDB9-4585-8A45-3D601E58C6D8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5138CF4A-7015-4C40-A887-15D4F349DB05}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{533D3132-93C8-4B7E-BDF8-B859A1BB06D6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5387BC9D-DD98-4A06-BE84-BAA9FFE80DC1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{53B716D6-FC07-4B42-A99D-D55DA737AE70}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{554997CC-C1C8-41CB-885D-D8B887B43227}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{55D98874-79DD-4E81-A98C-5381F5B89F64}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{574610B2-7B86-4CFA-9F3E-75686AED4BD8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5796B72A-5056-454A-B617-FBF4C0A9E9D8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{579FCD24-274C-4E09-B805-43D518553140}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5B83EF87-6DFB-49F8-AADB-0C548FEAA158}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5BFBC49F-4284-4428-912B-38D00D1ABD51}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5C4A6A4E-EA00-4A2D-BB22-BA6BA1561953}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5C6EE7E1-2B0C-406D-A19D-939889159306}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5C72DE38-E083-4CA1-AB95-089BCEF5A0F1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5C8A86B0-DBAF-4304-BD7E-5F41AECA013D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5CB62109-A578-407A-8470-00943C3097C9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5CD0FAD9-90BC-4AB8-9834-A85D9D1FC863}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5DC438F1-936E-468D-9F9E-6FD496700F9C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5E520567-9CEE-45B0-AEE1-AF0119B50981}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5E60C9D0-B75D-4FAA-96C8-327C874A16D0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5ECA5E96-DC5A-44DC-8E8A-4354C908F585}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5ED68354-252F-468D-8A6B-14C9A90A48C3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5EE33120-6876-46C8-830F-434755694384}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5FCE74E7-99B0-41E4-BED8-BCB5A2F9E120}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5FDF4564-2BC5-4607-8F06-A79B58E3A339}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5FE8CBEF-B7CE-4CEC-9B7C-1E682B06AA7C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{5FFFECFF-5651-4460-953A-86861048F727}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{60ACAEF9-ADC4-4FA8-BC25-C266EE32FCF8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6146ADA4-E2B8-43D1-8623-5F2B081966D3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{62435A3F-1B7A-47CC-9CAC-1CFEC9C9E2ED}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{62884F12-EAC6-4CAA-B378-BF2120F9A9F9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{62BAFEAC-9C73-4682-B9CE-8D93FEBC62AA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{62CE6263-303B-48DD-8FD4-BCB1A373E39B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{62E22D5D-E1FF-49D1-B4D3-EE3FD12447A3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{634BE69F-ECA5-4809-92A5-73704E0682BC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6385564B-4477-40E3-BCC0-7B09F10DEF9C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{63A40437-1E5D-47EC-A4CA-399518868C55}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{63BC489D-5BA3-4E3F-B146-D9ABE31F80E0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{642FB3FB-E568-4E42-8036-F333D4645B82}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{64585F7A-28EF-48F1-B34D-C6ABCD6F63C7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{646A0C82-1107-44AC-94A4-E7D6A8A26C4E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{64807E98-C284-46E7-AF5D-4C70CCFCADEF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{65841E8B-94B8-4566-8C09-79EB9AFFE886}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6609FB3A-043E-4C41-B5DA-68237D54BF9E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{66918404-40E4-4393-B930-D35BC93A0241}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{66B27C1D-D829-432B-B659-3AECCED36DCC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6726DC49-6315-4A46-884A-EEE7EC884767}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{67551CE7-8FBF-4D64-8333-4D3882DFB522}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{67875919-2F0D-4E99-91A2-92D8D9F2DCBA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{67DF8F1F-AB5F-46B5-A00B-2E07ACF0EC81}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6819A10E-9522-41BD-9E89-8101448D2364}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6821FBC9-B0E0-478E-BAD0-73A24DE9235F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6826930F-243A-4183-A3AE-0C270502990E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{68742260-1AE3-40D5-9BF1-A71F70456D28}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{699AF186-7AEE-4E29-84C0-AEC11F93D3BA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6A5C5B4E-BE6E-4207-B893-66A5C78471F1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6A72259A-5BB0-4D40-9C38-D370FC6C4F6B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6AF43810-8928-413B-95C5-A847AAC5AC18}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6B905CBC-1531-45A8-B7D7-735547265604}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6BACC359-7DC1-454E-9821-3DB15E7CAD6F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6BCC4E4A-D35B-47D4-9AE3-00F537CDC32A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6BEC25A8-516F-4ABA-B46A-FEA8A71B3079}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6D188848-701D-42FF-80EF-23F1D1B9E960}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6D1B9DB5-FAE7-4054-8F7D-1B2E984920BE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6D4E41CB-6F0C-4783-A35A-7977ADB1B3FC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6D821F01-9CDD-4119-A47F-E7FEDF7354AD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6DC08841-D52F-4DBD-A526-B3D8DFF39A3A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6E10EDF5-78E9-4ADB-B483-1724BDC7704C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6E8C5376-176C-40AF-A496-BC1B3B03DF67}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{6ECF7E2D-7A32-4A12-97FF-20E968FB97CC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{70918D93-A33B-4EF6-B6E2-6DA569D18B9C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{717FC27E-EF99-40C5-BA80-5F764604FB57}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{71AD8447-4D28-4D56-ACC1-025F0BC520B0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{728B27B0-003E-4A5C-90B8-64CB5C9AA2D4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{732ACC13-DB77-41CB-B53F-DCC16845D94F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{740E0C31-8182-421F-96FF-8900D0B09C04}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{74C5FC81-122E-4D90-B40E-4F5E475679A1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{752AF958-667B-49C0-9CF3-C82081AEEB62}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{755C191A-0024-4AEB-8750-C538D4CE1935}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{758E2BA3-20FF-4FAB-A043-407D4D85EABB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{758FD279-16B1-4DCB-8349-D4D36C45580C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{75FD8CCA-2893-4933-B188-87CE50B64EB2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{76998F90-EAF9-47A3-86F4-806961ACC9DB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7733EA2D-7203-45B1-A14E-3A9CD949B02B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{77B64646-1E4B-4C08-8810-6B18819F3C79}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{77EFE185-1639-4913-AA36-5DAC5DABCD4D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{79850B52-DF8E-479F-858A-3C744E1DF689}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{79CB8C50-3048-4D2B-BBED-6BC73892341D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{79D8B3FB-6D4D-4A95-A6CB-FB82D221323C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{79F750AC-3C96-4B0F-9D21-E7EDD5DC55FB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7A921F2D-B223-4BAE-B9E2-A3843C3E8B32}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7AA4A617-9EF4-45B8-B135-61A0892AE385}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7AB18606-48BF-4A41-9C52-C85A14A6033F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7AE059F3-4B16-457F-9297-4E4A211A4512}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7B3EDA8C-0393-4704-B46C-542472F5C8C6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7C9624F2-7F12-46E5-8573-DB60ADA78BD5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7CA28CDC-4094-4AE3-911A-E4431FFE2191}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7D498FEE-884E-4F9F-B48B-9D1BC96BC0DA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7FC028CD-AB93-4182-93C4-8FF3BFC27019}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{7FD718A7-3F54-441B-BA09-68922D84AFFD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{80F846E1-3E86-40E9-846F-BD4056ECD298}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{812ABAE3-61C9-4234-BDE9-CFFEAAE3C2C9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{81EDF3D7-286D-4328-B56E-4F828E816298}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{83AEF781-8CC0-4BA3-B282-448E328BF544}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{83B4A527-9821-4F44-ABF0-8DE2FC058A72}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{83D1B9B8-3974-45BA-9843-ABA5CB0B5761}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{83DAFADA-C596-41DD-BBE8-4EA75A42246A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{842B573A-631E-4221-AE13-5CE8DECD4D3E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{84A8E7D7-A85B-4DCD-A30F-24C6C6427FD0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{85132773-BB03-489F-93E6-07305B36846F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{859B6315-D928-4B2C-AA2B-776D291EAF1C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{85AE8201-2014-4CF5-B3C9-3B2439903F05}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{860D1DC3-B8F7-474A-820B-801CB359BEE1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{86493B84-11C5-41AF-8E95-75AB768E43AC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{87106DA5-526A-4781-A40C-82DD996904D0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{871CB5AF-36C0-4B27-8BA8-B8695DE99ADF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8743941B-3BC6-47AE-B766-1DFA5B75F4B7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{87E40BAF-FF11-4E16-8194-1BC3F48598A6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{88BEC676-670D-4E55-A054-65929FBE20EC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{88E50BC6-38A0-4C40-A49A-EB44DC17A93B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{89378D9A-3039-4589-A230-AFAEE8ED0216}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8A38FA8D-EAE9-41E7-8E08-D3F0589EA544}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8B09E2C5-91B7-41A6-932E-53D763D4F914}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8BB968C9-B0BA-4FF3-9826-73FFA87A7E00}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8C2881C2-205F-4554-8F95-44E42AB1F11E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8D1A97AE-9DDE-4A33-B478-276C73C5B1AF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8D72548D-F345-4DA9-B3FE-B6BF2619B4F8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8E1CB85A-C978-4140-9270-B61D0B4C7BAC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8E2455F5-E286-4C9A-9009-31D6A0E7762A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8E4FC725-E5B7-4DCE-9D13-0D2862652B07}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8F61295D-2054-4669-BD3E-E34A205A9477}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{8F62D0AA-E6BA-4053-ABFA-D7857B02E1B5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{90031949-F3A7-42EE-AAAD-8552BB34B68D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9005AF4F-888D-4912-B709-BEFB548422B8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{904CDD34-7941-45AD-B155-91D7D9483B40}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9075D4CA-AF9F-4DAF-A83E-AE317BE5CFE0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{90CEE3D7-0054-48FC-90F7-C4C8EFC63063}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{918BA4CC-B7D8-4359-ADA5-3D15BA077DF0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{918BD6F5-483A-4F1F-B232-BF4CF5D5883E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{918DE338-FDA6-4F42-A94C-943C32246ACA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{91C7F183-B8F8-4981-9DC9-DF17D83D84DE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{929FF235-F6E1-41CC-AD8D-44915AA41035}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{930F49C7-EBCA-43B6-9CB9-471B90750B34}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{93311555-52D0-44D8-B027-8EAC0B847C03}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{94405246-0EC7-4518-9288-A1E50FE8AEC2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{948704CC-AD34-48D8-9827-28268742225A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9578599A-7D6B-4545-A120-3CA453F1FD8B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{95D67193-3A3D-47A4-B523-07EB321EA60A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{95E65FE3-4FF8-4F84-9853-D1F2E5CBE6A6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{96647551-ACB8-4703-87CD-06EE9F6DD0F0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{96B191CC-036D-421F-95FF-21EE3463C622}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{96B9EDAF-E2A2-4A81-93AF-835D0060C00D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{96EA8216-7570-4E1B-A28B-340CEB3750B3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9762F3B3-5177-4707-A650-C56EEF79CDB0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{97A052D2-FB85-4FA1-A5A8-139E6157F3F1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{97A46210-C948-4650-AEBE-ACF07B024A28}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{98774679-8CBB-444A-8CA8-82BE7C708DDD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{98C0B247-20DD-4933-9A39-943E1064D3EF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{99337EEB-1DB7-4B36-AA43-DE7F4CC640FC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{996E5B77-37C9-4F5D-B08A-994D9200153C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{99AD649E-A45D-4BA6-8B88-53DF48C649CC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9A625372-A8FA-4614-B87B-B876FC0D079E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9AA251F4-7686-4B4D-9CC6-0B18A109A5FC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9B9A7D57-1DBF-4675-9BA1-8893E4F654F2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9D2B71AD-A774-4602-8852-4178C488FF6C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9DBF2F19-0588-47A6-A841-F2090BAC5948}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9DCD4FC8-9A8F-45EE-9DA1-EFDD8712F19B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9E1B7F85-2DB2-42A2-B378-52396A1F5BC4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9EAA952A-B00A-4BCC-A04D-F47097A4264A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9F0F42A0-7A75-4450-855F-DCF0E4D0160D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{9F37B12C-6BD6-46A9-A387-3EA436987269}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A08EF666-B1A3-469A-8763-46A75E5FCD58}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A0CCCC89-919C-4D1C-98C3-BA255AAB54DF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A1CAB05F-E80D-4685-B828-723999B0CB36}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A2781529-6DAF-4997-A632-7DDF615430C5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A372019E-0E62-4F39-92E8-44683478D08A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A437901F-E6CD-454F-AF63-F1BE9884A758}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A47E7BFF-AE01-4CA2-88F3-F63ACD3C0A24}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A48B6482-65A1-4158-A3A4-140C9A79493B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A499188F-4F5F-4B36-BB67-E741DC8176CE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A4AA6F3D-0A08-4FDE-86BD-983A8CD99BA1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A52C24CE-E348-468B-A4DC-84ED892767DB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A5443179-5105-4563-B89E-708C94021B51}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A551462D-EBB1-46D6-BE72-55FC5E51BF1C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A5CFE7DD-B1E7-4F8D-9DB4-78FA39BD4842}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A6402D48-4272-4188-B1C8-4084E92FF696}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A7B49B4B-453D-4B66-A68E-C6C2DBC6240F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A860BA4B-CDB3-4367-B714-B2E698D413A3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A878579A-1D96-4586-92AA-72F0ACA24749}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A953349C-544A-4F3D-93B4-6FB2CD12D30E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{A9A5AA3A-D55F-4F3E-9F10-45F72CFB5E3A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AB3E67AC-480E-4F9A-B93B-0B104C900552}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AB5EF0CD-2967-4741-9B42-4B281A7D1860}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{ACB1D288-29BD-467C-96C8-33B7D2A0E6B8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AD18078F-20C6-41B7-ACA1-4F0A1BF32CA6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AEA12F4E-EEE2-4C1B-98ED-5FB4EE6AB162}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AF3ED3FC-2B21-4090-9A16-0C7930A73023}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AF62312C-4CC7-45B4-AF26-16EDEDB9F19B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{AF878692-338E-44EA-9F3C-7141D3A649FD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B01D81B8-C4E3-42BF-82B7-2C61FFF9C4E7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B0AE55A9-1D2F-4145-B22B-EFCC4A4F2DC8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B14AA621-2041-44AE-902C-56C81E668402}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B23E7840-D83E-43FC-947E-46A1A58A7AD0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B27DD0E0-987D-4FE6-B202-02581B0BDA8E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B28B76D3-2565-4CE2-B9D8-C402C734C848}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B3201C38-123A-4C6F-8AAF-3CE0C3EE1888}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B323156C-C4EE-479F-83ED-65560CDC6F76}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B3C85960-43A9-48D0-8A4E-15E7649294B1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B4025031-5327-45A0-80AB-FF04C3872434}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B54234FC-2319-4D2D-9617-D3FA9FAE91DA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B5513AE2-8B6C-4FE7-83BE-18FB9182B667}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B5FFEFA9-05F9-416C-8C4D-5AF4CA0A0D58}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B6027E8F-5739-45C3-89D8-2D1F2E073964}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B64732E3-47B5-42DC-AB01-F8C723196374}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B68651A6-624E-4062-8FB7-3A4409501024}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B6A77AE7-2355-4918-BC7C-A149B9B89E6A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B7222C03-CD06-431E-AD71-8A5C65AFC82F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B77CC3D8-27B7-4CCB-82C7-07A005B520EA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B7B87FAB-8A20-48D5-A8BD-F115E577457C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B7C99C39-F0DB-4AC8-99DA-BE3B33E21A15}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B8116264-3B64-41E1-B8AD-6B7A3222BD39}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{B9B1088D-CCBD-4B07-9E14-CE5DA7130F4C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BAD0145E-7B2A-42BD-9D67-5C31407ADD79}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BAD732B9-2839-4B6B-B550-A6C2A549ED78}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BB91544F-9449-4902-8183-AAA3CB49A7A8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BB9CBAE8-D9E7-457F-9BB1-53FE2DC5B0B5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BBB2427D-8786-45DE-8528-4B5F35E9E384}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BC21DFB3-3490-4EC2-9464-124A58A394A5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BC96DE1A-1CA0-4B09-B568-3BF377EA89E5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BD169F96-FFD3-4584-AFD0-37B18FB87CEA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BEFC63F9-4F3E-45AC-A989-40614FC51F11}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BFB98BEA-148F-432B-A3D0-4828349AC9B4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{BFCE688C-5F29-4413-BD44-BD8B4C8A0B8B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C031D3EB-57ED-44BB-94BA-B2A8EAC44B66}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C07ADDE9-DF7E-43B2-8020-B70A4EB3A44A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C0A0986C-ABBD-4A17-A3A1-935C0E6FF27C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C100AECF-B904-4438-96AD-76C965BE57E3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C1C179C4-3AB3-45EC-8FC6-E73F5243D2DD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C22D184F-B882-44D6-B2F6-1C55742FE142}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C2DA89B1-1EAF-4576-BFFA-0DC583E3373B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C2F84939-2259-40D1-BB81-907B63A0B9C8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C3255019-7B65-4750-9814-44DABB7E45F5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C35961EA-54BA-4FD8-B09E-23479D16869A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C5217693-CD17-4078-ABE8-7897F16B56DC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C53D17AE-3D8C-421F-9C0E-7F37EFC898BD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C5C07440-C1F5-433C-9BDB-6C41EA899338}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C5EEEF02-C882-4485-A2B2-EAD13F3CC53F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C5EF9308-B6DE-47EF-88ED-84B10FFFECC6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C649AD49-D210-4AB3-B7E6-37B20A825110}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C678D592-27CB-467B-AE67-C395793F40B7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C6B0BC8B-1AC4-4B50-A00B-E96AB16610E3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C6EC7C4D-4AE3-4806-9D6E-2B5DA513BFE6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C786C99E-2D88-402B-A9B0-A8D43723D5C4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C8611660-E0A8-461E-B66C-AB8C5DD16379}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C8DD401B-F119-4266-830E-65AEAB809155}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{C97B82E1-D3B8-4609-A532-6957E3D38BAD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CA65C895-8C00-47BF-9062-9004171675B1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CC1F75E7-8A9F-41F4-BB84-9D71D33B7E3D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CD44D1FD-2F4C-4542-AC36-973E3EEFF095}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CD5984F1-CC53-4987-96D1-41874303E8E3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CEE34BD8-E23C-47C4-A6BD-8FBBB029311B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CF303066-6B0B-4DBC-A0FE-A1D89A65C3BF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CF3CF251-003C-4EED-B100-3E8FC1D50046}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{CFBD9185-E9AF-4A1E-BBF7-1A595DD44C63}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D00082EF-EF6C-4D86-B687-C3A09CDA8E34}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D00C939E-772B-4533-8D14-BF346D84F122}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D03BD80D-2DAA-4515-BC38-4201930DD94C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D04393F9-A0F2-4E09-9560-64485BB311E8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D0F07A44-423C-4A4E-B446-634650DE4EF9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D12FBF0A-99A3-4AD1-A382-95C42CB0636A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D268BE6F-4F78-4651-92FB-7BD223C2FA7C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D2871468-7C7C-4FA1-9F3C-90E40BAFDEBD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D3462A74-1167-4C52-9FD7-CBF12A52DCCC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D3599657-C9AE-46B7-B395-E4CD2B7285FF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D3D246AB-159D-418B-96C7-25A12723791F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D431C196-5688-4DB8-93F1-EF9916B9EC13}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D447402C-3DB1-4760-A1B6-7D4058165524}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D50297BF-A825-4BB3-A34A-9F9248159436}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D5388F5C-2B87-4903-B7E6-0755F342CC89}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D541CFB6-6139-409C-8181-5A214094BAD0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D6450FE4-ADDF-4FB7-A6E4-54E0FFBEB20C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D83BC8AD-CD91-4F55-A651-7B2FB3464C25}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D88EE2D9-FF85-4871-9C56-8FF5EA06E5C2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D8C4A030-8B38-4F0F-BFE3-53601B5B0B4B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D90A1883-1F5E-44EC-95E5-DB0691B62AE1}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{D9D784B6-46AF-4DE6-AF22-F9F5E5C29814}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DA920AE1-23B2-442B-B009-7609EC46AE3E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DADF52A4-09AC-4083-9363-E33C76120D04}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DB50EB20-03B3-4CCC-9505-F35A85C1BC66}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DB65E53B-E204-49FE-A768-05EBC5590ABF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DC004B46-28B2-4020-BB46-202176A6BCA7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DC7B3CE7-EA70-434A-8EDC-F7F41FEAE9E3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DD7639A4-CD1B-4FBA-A584-08CBBD7F2DF5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DDD80E49-E372-4881-BB33-BC416774B36A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{DF803B7D-E62B-4B65-A42C-3EC1167A1E87}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E1762BE0-AADA-4860-94B4-87BAC126F0B2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E27711E4-C89D-4296-B385-B7CF238ADA3B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E330B4EE-86FA-42D0-82FA-08AC7D62DA95}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E43989AF-009A-435C-8AF2-74DB3FA39FA3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E46F027D-A86B-4CB4-804D-E42B4C0DA773}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E4A9FF16-2EDA-470E-9B1A-5CD7BCE1885F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E4DED604-8040-4EDE-AEDA-CD97E19F7EA0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E4DF4E9F-D48C-460B-8FEA-47A9B49C7963}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E4E05007-7BB7-40D0-A13C-76A6017994D7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E4FFF6B3-38BC-4232-BEA2-534960D3882E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E51957E2-527A-4BC0-A15E-AA368EE6184B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E553B9A8-C087-40B6-B925-2D5BE64083C3}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E5FE99CD-55B6-4428-989C-840AAC87266C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E6C15341-609B-4476-9B5E-24B198802BF4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E763D1D8-A616-4855-B703-86DA3AC295F5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E7AE5E9D-5EFB-4325-B6E6-C645FC3BCA90}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E87F1ECA-94D3-40E8-8AC1-3180C1AA4BD4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E889FBD9-63C1-4027-A9D9-4C3C9CF15A0C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E8B84D4D-1561-4717-B485-501205882C30}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E96DA89D-6F36-407D-8915-C649619155F8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E9835781-53B0-4DD0-A174-3AC104F9F9A7}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E9967B68-B122-471D-87CE-362634E12B7D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{E9D3F7BA-2978-4E6A-93EF-AD9C81538E99}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EA026A98-AAE6-4808-AD49-DA35CC24C07B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EAEE63DA-10BF-4D13-B399-A2B0A990E0D6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EB655AAC-4CEE-4858-95BF-05B1BC8FCED2}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EBD32319-7D36-470D-BCDE-766EFB759BAD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EC251315-B1DC-47F4-A0CA-8C71C0221CCF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EC86B535-0E23-4E43-8C97-07AB95581565}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{ED47BE06-4CD6-478F-AD04-7BE470A1985E}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EE24D050-FB73-4BBC-BE95-B46004BABC20}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EE65475E-8EED-4443-8D36-689DCAB3549C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EED062E0-4F8C-4D37-A032-A7D8122474AF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EF2889EC-DF6D-4D2B-A984-868AE9C62CE0}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EF49D6BD-3C37-4CCA-BF82-7AF9C9A71E5F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{EFF51186-E89C-4EA1-8799-048214E2A381}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F09A1146-EB80-43D7-9777-F4DDFDCF27DF}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F0B7EBD5-F7A8-4185-B4BE-99B2088697C6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F0E1917D-DDBF-4932-9C13-0768DFBF249F}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F14A8D6F-A07B-43D9-AD47-5792B5986362}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F195E489-BF4E-4D80-B9BC-AC8E1B1489AE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F1DA97FB-AEA3-46A1-8491-DBA7232320E5}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F2389A04-13D4-4B16-8F36-2D35376927BD}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F2BFCFA9-2628-4262-8D5A-2AB6B8CFEAAA}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F2F9DCF3-3061-49C7-AAE0-ED3E2A8305F4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F38FC3CF-975C-4193-A980-3F4BF3D6D5C4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F3AB4D66-60BF-46BA-8852-AD895450A941}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F3D1BCAE-E3FE-409B-9F1B-AE8C8D99ACA6}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F42BD395-F0B3-4E58-AEF4-7DDCA22B1793}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F4955D30-089F-4ACD-BBD8-14A889515625}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F4F8FFC3-4AD0-4033-922B-D157038A497C}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F62EEB7E-30E9-4671-BCF3-D6D6156BBE5B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F6BBD604-9905-483E-9E84-6B6CC506E0FC}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F71CFABE-735F-4336-9736-29144E6A6C5A}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F8E4A98D-743D-4D7B-9F83-E5F40EA40C96}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F98FCF8F-5D77-4FE8-968B-62121BE24010}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{F9DE53F9-C09D-4BAE-A784-3419D38284B4}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FB03E31D-8AA1-4C21-B66D-BFC3510969BB}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FB1B8D44-DD2A-4436-A7C7-E4C46A9350DE}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FB24B7C2-9033-4DDD-8E99-3990BA1CC96D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FB7692CB-E7F4-425A-92DD-2A845D19112B}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FCCC67C4-2B4B-4BE9-893A-FD0AAD774F73}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FD1A7817-FA2E-429A-A3CA-2DE0CCA0FA71}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FD7D7570-B4E1-4C02-9FF9-87937F1D2B6D}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FDE49AD3-ECEC-4255-95E3-E767181796C9}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FE1D6BA1-E8EF-411E-881A-687FD04616C8}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FF8974B9-0755-451D-9464-D0C9629E3654}
Successfully deleted: [Empty Folder] C:\Users\Angie\appdata\local\{FFCB747D-4614-4E02-82C3-6E649FC2508C}



~~~ FireFox

Emptied folder: C:\Users\Angie\AppData\Roaming\mozilla\firefox\profiles\wqmyku2x.default\minidumps [137 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.05.2014 at 20:38:50,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 15.05.2014, 12:41

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

30.04.2014, 23:38	#6
schrauber /// the machine /// TB-Ausbilder	Rechner mit dem GVU 2.12 Trojaner befallen! Startet der Rechner normal? __________________ --> Rechner mit dem GVU 2.12 Trojaner befallen!

Rechner mit dem GVU 2.12 Trojaner befallen!

Plagegeister aller Art und deren Bekämpfung: Rechner mit dem GVU 2.12 Trojaner befallen!