Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam (https://www.trojaner-board.de/136453-antivir-tr-jorik-bublik-cq-freenet-de-spam.html)

KuniP 12.06.2013 10:55
Antivir: 'TR/Jorik.Bublik.cq' freenet.de Spam
 
Hallo,

meine Mutter bekam eine Mail von "Freenet", mit zip Anhang.
Betreff:
"Fw_ Ihre DSL-Rechnung der freenet Breitband GmbH - Rechnungsnummer 53865320"
Im Zip File war eine Exe namens "Ihre Rechnung.zip".

Die Datei habe ich wie hier beschrieben:
http://www.trojaner-board.de/136354-...schaltung.html

an virus@trojaner-board.de geschickt. Und Markus kontaktiert per Mail.

Meine Mutter hat versucht die Exe auszuführen :-(
Avira hat laut Ereignislog den Zugriff verweigert.

Wie muss ich vorgehen, um sicher zu gehen?


Danke

schrauber 12.06.2013 11:13
Hi,

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

KuniP 12.06.2013 12:33
Extras
Code:
OTL Extras logfile created on: 12.06.2013 13:05:28 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\UP\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,50 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,57% Memory free
4,99 Gb Paging File | 3,63 Gb Available in Paging File | 72,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,87 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
 
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B598A0-FED6-49FC-894E-3A65D06775C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A8F6D4F-AA61-4E4B-A4B6-E2CDDE9F6D45}" = rport=139 | protocol=6 | dir=out | app=system |
"{14A3D595-7DF8-452D-89FD-B9FC89E150A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16230073-52E9-44C0-BF23-9B752EA80E72}" = lport=137 | protocol=17 | dir=in | app=system |
"{36BD00FA-7A87-4492-AB23-23F6FAD154D6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3716BAF1-D37A-4979-AEAB-8B605AB65BF3}" = lport=3389 | protocol=6 | dir=in | app=system |
"{372EF30E-C0F9-4251-991B-A29B23D98436}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45A94CA0-0AC1-42DC-BA2B-EF87CC0D07E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A7F40A3-AAAF-4FAD-A45A-1B5628DC2571}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EEF8DA1-841D-4495-91E8-7EB085784C0F}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{63258CC0-832C-4AB7-A7D2-50D2F2BCC080}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68AE022E-CA35-4B01-868B-D2150703E790}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863A44E2-22F0-4DF6-919C-6C2CA1CD34C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8656AD80-0578-440A-B772-D2509EFD2DC2}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C343E14-CF79-4D15-A243-AFFA698249BE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8FD6EF72-21B7-4E0D-A971-CB1F6FAA2A5E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94C4491A-442E-427F-B597-CB410736009D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B696B67-A6E2-4A7D-9D04-D4B1B23CFF05}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A24533D4-90D1-4CF2-8542-40DC44576720}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A98271EA-6280-40B3-A256-BDFB4CD67AF2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B124F087-60B4-4559-8D31-B6472931001E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B12C3F56-5206-4EE9-A754-7224D08A0986}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7A0453E-0244-44E0-BEAC-2A29CDF646DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8DB6202-A501-441D-B8AD-7CDF3197D201}" = rport=445 | protocol=6 | dir=out | app=system |
"{BC3BC357-26C7-4EF5-AC16-4F543DBEC606}" = lport=138 | protocol=17 | dir=in | app=system |
"{DBC6B725-70D0-4FA9-8146-EF492DCF885B}" = rport=138 | protocol=17 | dir=out | app=system |
"{F2113536-7060-45CA-B437-EB5775A303C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD9F59EC-C536-4BBC-B1A8-B8FE46F44487}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06097CEE-C0D7-4993-91F6-046F49F46B10}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{0ABE0379-697F-43BD-B568-341514D34EA7}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{0FDBBB99-6991-4B25-BDB0-002982CD7F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22A9353B-A1A1-41AC-B63B-76C22AFBBCAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{250D6FA2-4DB7-49FD-A365-E1246E9B563F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F7591B7-5336-4AC9-83A5-E54357846011}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{331E0B20-26F5-4EE8-9EBD-B57548857648}" = protocol=6 | dir=out | app=system |
"{3A576EA8-71D1-4C44-89F7-4E0E3C7A993A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BB4C5B3-364F-400D-B5B9-F15000A99194}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3EB61444-7A3F-49BA-97BB-CDE123236518}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3FEF6BAF-9746-4458-BEF0-8A9A7DC93221}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41943D30-A712-485E-BB37-70066E57F17D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{571BA441-9B02-4544-A10D-137C34A3B436}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5B77DB1F-C866-4741-A097-5A049F6773B5}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{6CEB4F73-5BF9-45BE-A8BB-10D17452D259}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{71A84D4F-0B2D-417A-8232-FB79BB852E48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7716839E-9634-40B4-8429-B9E030C5F11F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{840916D8-F5EC-4465-8653-05698E2C7163}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85CEBB8C-10C4-4BCC-86DB-7FA32EAF5F74}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{8D07BD8B-2D26-43EB-923C-C05A0C13E6BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91CD68C6-0A16-4B46-956F-3A9B21A94B5C}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"{9393AED4-C0E1-4B0B-B5CC-ABE673B7CDBE}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{9B5CF10C-AACA-4266-8C56-89F5D715F779}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EA5C179-E75D-4C80-ABF7-FD3E22A65E02}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C2B7F119-34EB-4BA1-B963-4A6E9BC5E663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C998B17E-9358-4853-ACBC-3491ED27C966}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D1665D45-A4DB-4A5F-AAE5-1697BE4AC23B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D467D9BA-B5E7-43A6-896E-FB3003431623}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E0AD0BB6-CB5C-4346-A83D-5A06440B56A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F08E0C64-58B7-465C-A8BB-690B1FB9CA1A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{F6ACE780-7335-4CDA-90CF-8A7FD4D9B166}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"TCP Query User{B92153E0-DAF4-40B9-AD7C-9EAC0CCD03A5}C:\program files\jfritz\jfritz.exe" = protocol=6 | dir=in | app=c:\program files\jfritz\jfritz.exe |
"UDP Query User{D0D9DCB7-6EE4-4723-BAAA-B7FA2EBC723F}C:\program files\jfritz\jfritz.exe" = protocol=17 | dir=in | app=c:\program files\jfritz\jfritz.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022D2599-2316-4927-89F1-9188894CEB02}" = StarMoney
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}" = AMD Catalyst Install Manager
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{66CDB4B8-10A9-4D47-A948-D2564035AB3E}" = StarMoney 7.0
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B594A3F-FDF9-74A0-B3F6-C2E7B6AA339F}" = AMD Media Foundation Decoders
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98D77F94-61D8-0C3A-85E9-E588471956EB}" = AMD Accelerated Video Transcoding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6273C55-5524-4587-A655-D106125E7A41}" = CashMaster V1.40.021
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF595A9D-325A-0B86-4BFA-F2D90553A9FC}" = AMD Drag and Drop Transcoding
"{AF5B3ED5-70D3-48CF-A00F-FC29F5261A37}_is1" = JFritz 0.7.4.1.32
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1A70A4D-549B-4C56-9C00-EF55A22E52B6}" = StarMoney
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CBFDA5B8-3190-3CC6-A4B7-D27B3B48D72C}" = AMD Steady Video Plug-In
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DBE146EB-0898-4CDC-AABA-DCCA86659633}" = StarMoney 8.0
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2250DN
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{EA6451EA-DCCA-21BC-3BFE-018E1C43F0F4}" = AMD Fuel
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F314861D-F02B-07F6-612E-C51B1DA80EA4}" = ccc-utility
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Foxit Reader_is1" = Foxit Reader 5.0
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TeamViewer 7" = TeamViewer 7
"WeatherBlinkbar Uninstall" = WeatherBlink Toolbar
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.05.2013 02:49:48 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:49:48.752]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:51:01 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:51:01.756]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:52:18 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:52:18.014]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:53:31 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:53:31.022]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:54:42 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:54:42.059]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:55:54 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:55:54.522]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:57:07 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:57:07.514]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:58:18 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:58:18.510]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 02:59:30 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 08:59:30.520]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 03:00:41 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 09:00:41.687]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
Error - 14.05.2013 03:01:52 | Computer Name = UP-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/05/14 09:01:52.511]: [00001248]: SendSKeySettingToDevice::
 Snmp Load Error[-1] To[192.168.178.27] 
 
[ System Events ]
Error - 06.04.2013 02:56:51 | Computer Name = UP-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Audio" ist vom Dienst "Windows-Audio-Endpunkterstellung"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1053
 
Error - 06.04.2013 02:56:52 | Computer Name = UP-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Aufgabenplanung" ist vom Dienst "Windows-Ereignisprotokoll"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1053
 
Error - 11.04.2013 13:54:32 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 25.04.2013 14:36:06 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 16.05.2013 13:28:31 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 17.05.2013 12:41:38 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 18.05.2013 08:52:24 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 21.05.2013 12:22:05 | Computer Name = UP-PC | Source = DCOM | ID = 10010
Description =
 
Error - 21.05.2013 12:26:01 | Computer Name = UP-PC | Source = WMPNetworkSvc | ID = 866300
Description =
 
Error - 21.05.2013 12:32:21 | Computer Name = UP-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?05.?2013 um 18:30:08 unerwartet heruntergefahren.
 
 
< End of report >
OTL
Code:
OTL logfile created on: 12.06.2013 13:05:28 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\UP\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,50 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 65,57% Memory free
4,99 Gb Paging File | 3,63 Gb Available in Paging File | 72,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,87 Gb Free Space | 70,59% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
 
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\UP\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\WeatherBlink\bar\1.bin\gcSrchMn.exe (MindSpark)
PRC - C:\Programme\WeatherBlink\bar\1.bin\gcbarsvc.exe (COMPANYVERS_NAME)
PRC - C:\Programme\WeatherBlink\bar\1.bin\gcbrmon.exe (VER_COMPANY_NAME)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Programme\JFritz\jfritz.exe ()
PRC - C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Java\jre7\launch4j-tmp\jfritz.exe (Oracle Corporation)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\Programme\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe ()
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\ICS\CashM\cashm.exe (ICS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll ()
MOD - C:\Programme\JFritz\jfritz.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Windows\System32\CBNDLL.DLL ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Programme\ICS\CashM\zlib.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WeatherBlinkService) -- C:\Programme\WeatherBlink\bar\1.bin\gcbarsvc.exe (COMPANYVERS_NAME)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (OxSer) -- system32\DRIVERS\OxSer.sys File not found
DRV - (OxMf) -- system32\DRIVERS\OxMf.sys File not found
DRV - (amdiox86) -- system32\DRIVERS\amdiox86.sys File not found
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (CBN) -- C:\Windows\System32\drivers\CBN.SYS (MARX Datentechnik GmbH )
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (OxPPort) -- C:\Windows\System32\drivers\OxPPort.sys (OEM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 58 A5 0A 88 66 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{B699BE7C-8F35-4AD3-84EB-BE0492995952}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=4b844f41-b7cf-476c-996f-06083e5b50c2&apn_sauid=8979E394-BFA6-475E-933A-22C49F7851CB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "My Web Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "My Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
FF - user.js..keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor="
FF - user.js..extensions.toolbar.mindspark._gcMembers_.last.keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WeatherBlink.com/Plugin: C:\Program Files\WeatherBlink\bar\1.bin\NPgcStub.dll (MindSpark)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files\WeatherBlink\bar\1.bin [2013.04.11 12:15:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.06.19 21:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Extensions
[2013.04.11 12:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions
[2013.04.11 12:15:21 | 000,000,000 | ---D | M] (WeatherBlink) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\gcffxtbr@WeatherBlink.com
[2012.08.17 10:54:48 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\toolbar@ask.com
[2012.08.17 10:54:48 | 000,002,344 | ---- | M] () -- C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\searchplugins\askcom.xml
[2013.04.11 12:15:27 | 000,009,635 | ---- | M] () -- C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\searchplugins\my-web-search.xml
[2013.05.25 12:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.25 12:13:58 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Search Assistant BHO) - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Programme\WeatherBlink\bar\1.bin\gcSrcAs.dll (MindSpark)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Toolbar BHO) - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\Programme\WeatherBlink\bar\1.bin\gcbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (WeatherBlink) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Programme\WeatherBlink\bar\1.bin\gcbar.dll (MindSpark)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WeatherBlink Browser Plugin Loader] C:\Programme\WeatherBlink\bar\1.bin\gcbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [WeatherBlink Search Scope Monitor] C:\Programme\WeatherBlink\bar\1.bin\gcSrchMn.exe (MindSpark)
O4 - Startup: C:\Users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CashMaster starten.lnk = C:\Programme\ICS\CashM\cashm.exe (ICS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21BD6CFD-04ED-444C-9D38-C3D31A2B486A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E89008DF-4221-49A6-B68C-2235D22BF181}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 10:59:23 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{EDC0E4DB-C4F5-44D6-A40C-6AE9DA7E4D8D}
[2013.06.11 09:50:17 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{F3C5156A-CD98-4F77-AD61-707469E4628A}
[2013.06.08 09:54:13 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{4B0557E9-2A50-4343-BA58-25659E78729D}
[2013.06.07 10:45:37 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{464466BF-CBE0-44F7-B48A-2FED7387A2ED}
[2013.06.06 09:11:16 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{88F1A6E4-FA5A-4AB1-993C-806BB37E8B3E}
[2013.06.04 09:58:05 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{A8363911-1BC3-401D-88CF-A1C54F81DFC2}
[2013.05.31 09:07:45 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{ADDBC9E0-6281-4F55-96F0-10E16F7934BB}
[2013.05.29 08:50:59 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{29705585-BB3F-4372-876C-F7AC2F8574AF}
[2013.05.28 09:08:20 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{0BEF41C7-DDEC-4279-A12F-FB6BECFA3B23}
[2013.05.25 12:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 11:11:37 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{1204A2E7-1905-45DF-8F3E-313DE2413325}
[2013.05.25 10:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.25 10:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2013.05.25 10:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2013.05.25 10:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.05.25 10:48:27 | 000,000,000 | ---D | C] -- C:\AMD
[2013.05.24 18:38:24 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{26FCB528-0AA1-4A43-B845-54EAD6F2D8E9}
[2013.05.23 10:13:53 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{A9B29610-9F63-4C2B-AF6C-F2C4ABF3E9AE}
[2013.05.22 12:56:56 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{B2EF20AE-B618-43DE-ABE6-77ECA5F88BD0}
[2013.05.21 11:30:41 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{743C10E7-51C6-4864-BF37-760861A6982B}
[2013.05.17 09:16:16 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{7CE95E56-4ECD-41B2-821E-4F254C7DD535}
[2013.05.16 19:26:29 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{26B47367-8F47-4B7F-9334-875B2598338A}
[2013.05.15 18:19:00 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 18:18:58 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 18:18:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 18:18:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.15 18:18:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 18:18:56 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 18:18:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.15 18:18:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.15 18:18:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.15 18:18:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.15 11:05:12 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{DBFE50AD-FCAB-4063-9F8E-47AF7289286E}
[2013.05.15 09:03:00 | 000,077,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_AuthenticAMD.dll
[2013.05.15 09:02:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 09:02:58 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 09:02:51 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 09:02:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.15 09:02:44 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.14 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\UP\AppData\Local\{0296B5A4-6D4A-44D5-BC14-547D3369113A}
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 12:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 11:22:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.12 11:22:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.06.12 09:03:05 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 09:03:05 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 08:54:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 08:54:10 | 2010,619,904 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.01 08:46:49 | 000,658,988 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.01 08:46:49 | 000,620,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.01 08:46:49 | 000,132,558 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.01 08:46:49 | 000,108,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.28 17:24:00 | 000,012,579 | ---- | M] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg
[2013.05.22 14:31:38 | 000,019,097 | ---- | M] () -- C:\Users\UP\Desktop\DIN-Formate.gif
[2013.05.16 08:50:04 | 000,296,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.05.28 17:23:59 | 000,012,579 | ---- | C] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg
[2013.05.22 14:31:37 | 000,019,097 | ---- | C] () -- C:\Users\UP\Desktop\DIN-Formate.gif
[2013.03.29 04:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2013.03.29 03:24:06 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.03.29 03:24:06 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.03.12 07:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.03.04 20:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013.02.01 02:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.11.22 17:14:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2012.10.11 15:23:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.01.06 16:08:40 | 000,000,000 | ---- | C] () -- C:\Users\UP\AppData\Roaming\JFritz.lock
[2012.01.06 15:40:26 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat
[2012.01.06 15:40:20 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.01.06 15:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.06.20 20:50:42 | 000,001,068 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.06.20 20:50:42 | 000,000,153 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.06.20 20:50:22 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.06.20 20:50:22 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.06.20 20:49:32 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011.06.20 20:49:25 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.06.20 20:27:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011.06.20 20:27:38 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2011.06.20 20:27:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2011.06.19 21:42:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.19 21:18:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.19 21:08:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 861 bytes -> C:\Users\UP\Documents\theo.eml:OECustomProperty

< End of report >

schrauber 12.06.2013 15:21
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

KuniP 13.06.2013 08:01
Combofix.txt

Code:
ComboFix 13-06-08.02 - UP 12.06.2013  16:41:02.1.2 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.2557.1525 [GMT 2:00]
ausgeführt von:: c:\users\UP\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\WeatherBlink
c:\program files\WeatherBlink\bar\1.bin\BOOTSTRAP.JS
c:\program files\WeatherBlink\bar\1.bin\CHROME.MANIFEST
c:\program files\WeatherBlink\bar\1.bin\chrome\gcffxtbr.jar
c:\program files\WeatherBlink\bar\1.bin\CREXT.DLL
c:\program files\WeatherBlink\bar\1.bin\CrExtPgc.exe
c:\program files\WeatherBlink\bar\1.bin\gcauxstb.dll
c:\program files\WeatherBlink\bar\1.bin\gcbar.dll
c:\program files\WeatherBlink\bar\1.bin\gcbarsvc.exe
c:\program files\WeatherBlink\bar\1.bin\gcbprtct.dll
c:\program files\WeatherBlink\bar\1.bin\gcbrmon.exe
c:\program files\WeatherBlink\bar\1.bin\gcbrstub.dll
c:\program files\WeatherBlink\bar\1.bin\gcdatact.dll
c:\program files\WeatherBlink\bar\1.bin\gcdlghk.dll
c:\program files\WeatherBlink\bar\1.bin\gcdyn.dll
c:\program files\WeatherBlink\bar\1.bin\gcfeedmg.dll
c:\program files\WeatherBlink\bar\1.bin\gchighin.exe
c:\program files\WeatherBlink\bar\1.bin\gchkstub.dll
c:\program files\WeatherBlink\bar\1.bin\gchtmlmu.dll
c:\program files\WeatherBlink\bar\1.bin\gchttpct.dll
c:\program files\WeatherBlink\bar\1.bin\gcidle.dll
c:\program files\WeatherBlink\bar\1.bin\gcieovr.dll
c:\program files\WeatherBlink\bar\1.bin\gcimpipe.exe
c:\program files\WeatherBlink\bar\1.bin\gcmedint.exe
c:\program files\WeatherBlink\bar\1.bin\gcmlbtn.dll
c:\program files\WeatherBlink\bar\1.bin\gcmsg.dll
c:\program files\WeatherBlink\bar\1.bin\gcPlugin.dll
c:\program files\WeatherBlink\bar\1.bin\gcradio.dll
c:\program files\WeatherBlink\bar\1.bin\gcregfft.dll
c:\program files\WeatherBlink\bar\1.bin\gcreghk.dll
c:\program files\WeatherBlink\bar\1.bin\gcregiet.dll
c:\program files\WeatherBlink\bar\1.bin\gcscript.dll
c:\program files\WeatherBlink\bar\1.bin\gcskin.dll
c:\program files\WeatherBlink\bar\1.bin\gcsknlcr.dll
c:\program files\WeatherBlink\bar\1.bin\gcskplay.exe
c:\program files\WeatherBlink\bar\1.bin\gcSrcAs.dll
c:\program files\WeatherBlink\bar\1.bin\gcSrchMn.exe
c:\program files\WeatherBlink\bar\1.bin\gctpinst.dll
c:\program files\WeatherBlink\bar\1.bin\gcuabtn.dll
c:\program files\WeatherBlink\bar\1.bin\INSTALL.RDF
c:\program files\WeatherBlink\bar\1.bin\installKeys.js
c:\program files\WeatherBlink\bar\1.bin\LOGO.BMP
c:\program files\WeatherBlink\bar\1.bin\NPgcStub.dll
c:\program files\WeatherBlink\bar\1.bin\T8EXTEX.DLL
c:\program files\WeatherBlink\bar\1.bin\T8EXTPEX.DLL
c:\program files\WeatherBlink\bar\1.bin\T8HTML.DLL
c:\program files\WeatherBlink\bar\1.bin\T8RES.DLL
c:\program files\WeatherBlink\bar\1.bin\T8TICKER.DLL
c:\program files\WeatherBlink\bar\gen1\COMMON.T8S
c:\program files\WeatherBlink\bar\IE9Mesg\COMMON.T8S
c:\program files\WeatherBlink\bar\Message\COMMON.T8S
c:\program files\WeatherBlink\bar\Settings\s_pid.dat
c:\windows\system32\Temp
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WeatherBlinkService
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))
.
.
2013-06-12 15:23 . 2013-06-12 15:23        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-05-25 08:55 . 2013-05-25 08:55        --------        d-----w-        c:\programdata\ATI
2013-05-25 08:55 . 2013-05-25 08:55        --------        d-----w-        c:\program files\AMD AVT
2013-05-25 08:55 . 2013-05-25 08:55        --------        d-----w-        c:\program files\AMD
2013-05-25 08:48 . 2013-05-25 08:48        --------        d-----w-        C:\AMD
2013-05-15 16:19 . 2013-04-05 04:29        2706432        ----a-w-        c:\windows\system32\mshtml.tlb
2013-05-15 07:03 . 2013-04-01 05:10        77144        ----a-w-        c:\windows\system32\mcupdate_AuthenticAMD.dll
2013-05-15 07:02 . 2013-03-19 04:53        186368        ----a-w-        c:\windows\system32\wwansvc.dll
2013-05-15 07:02 . 2013-03-19 03:33        40960        ----a-w-        c:\windows\system32\wwanprotdim.dll
2013-05-15 07:02 . 2013-04-10 03:14        2347520        ----a-w-        c:\windows\system32\win32k.sys
2013-05-15 07:02 . 2013-04-10 05:18        728424        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 07:02 . 2013-04-10 05:18        218984        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 07:02 . 2013-02-27 05:05        101720        ----a-w-        c:\windows\system32\consent.exe
2013-05-15 07:02 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\system32\authui.dll
2013-05-15 07:02 . 2013-02-27 04:49        47104        ----a-w-        c:\windows\system32\appinfo.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 09:22 . 2012-09-13 09:59        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 09:22 . 2012-09-13 09:59        692104        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-05-14 06:48 . 2011-09-08 09:14        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 04:45 . 2013-05-15 07:02        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 07:02        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 07:14        1211752        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-03 06:59 . 2013-04-03 06:59        745472        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-03 06:59 . 2013-04-03 06:59        185344        ----a-w-        c:\windows\system32\elshyph.dll
2013-04-03 06:59 . 2013-04-03 06:59        158720        ----a-w-        c:\windows\system32\msls31.dll
2013-04-03 06:59 . 2013-04-03 06:59        150528        ----a-w-        c:\windows\system32\iexpress.exe
2013-04-03 06:59 . 2013-04-03 06:59        138752        ----a-w-        c:\windows\system32\wextract.exe
2013-04-03 06:59 . 2013-04-03 06:59        73728        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-04-03 06:59 . 2013-04-03 06:59        523264        ----a-w-        c:\windows\system32\vbscript.dll
2013-04-03 06:59 . 2013-04-03 06:59        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-04-03 06:59 . 2013-04-03 06:59        38400        ----a-w-        c:\windows\system32\imgutil.dll
2013-04-03 06:59 . 2013-04-03 06:59        137216        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-04-03 06:59 . 2013-04-03 06:59        12800        ----a-w-        c:\windows\system32\mshta.exe
2013-04-03 06:59 . 2013-04-03 06:59        110592        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-04-03 06:59 . 2013-04-03 06:59        719360        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-04-03 06:59 . 2013-04-03 06:59        61952        ----a-w-        c:\windows\system32\tdc.ocx
2013-04-03 06:59 . 2013-04-03 06:59        361984        ----a-w-        c:\windows\system32\html.iec
2013-04-03 06:59 . 2013-04-03 06:59        23040        ----a-w-        c:\windows\system32\licmgr10.dll
2013-04-03 06:59 . 2013-04-03 06:59        1441280        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-03-29 02:37 . 2013-03-29 02:37        71704        ----a-w-        c:\windows\system32\atimpc32.dll
2013-03-29 02:37 . 2013-03-29 02:37        71704        ----a-w-        c:\windows\system32\amdpcom32.dll
2013-03-29 02:37 . 2011-05-25 02:24        118584        ----a-w-        c:\windows\system32\atiuxpag.dll
2013-03-29 02:37 . 2011-05-25 02:24        92304        ----a-w-        c:\windows\system32\atiu9pag.dll
2013-03-29 02:37 . 2011-05-25 03:07        970912        ----a-w-        c:\windows\system32\aticfx32.dll
2013-03-29 02:36 . 2011-05-25 02:58        7233336        ----a-w-        c:\windows\system32\atidxx32.dll
2013-03-29 02:36 . 2011-05-25 02:50        4450264        ----a-w-        c:\windows\system32\atiumdva.dll
2013-03-29 02:36 . 2011-05-25 02:39        5944264        ----a-w-        c:\windows\system32\atiumdag.dll
2013-03-29 02:33 . 2013-03-29 02:33        9986048        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2013-03-29 02:13 . 2013-03-29 02:13        180224        ----a-w-        c:\windows\system32\clinfo.exe
2013-03-29 02:13 . 2013-03-29 02:13        798734        ----a-w-        c:\windows\system32\amdocl_ld32.exe
2013-03-29 02:13 . 2013-03-29 02:13        995342        ----a-w-        c:\windows\system32\amdocl_as32.exe
2013-03-29 02:13 . 2013-03-29 02:13        65536        ----a-w-        c:\windows\system32\OpenVideo.dll
2013-03-29 02:12 . 2013-03-29 02:12        56320        ----a-w-        c:\windows\system32\OVDecode.dll
2013-03-29 02:10 . 2013-03-29 02:10        23810560        ----a-w-        c:\windows\system32\amdocl.dll
2013-03-29 02:09 . 2013-03-29 02:09        50176        ----a-w-        c:\windows\system32\OpenCL.dll
2013-03-29 02:00 . 2013-03-29 02:00        62976        ----a-w-        c:\windows\system32\coinst_12.104.dll
2013-03-29 01:57 . 2013-03-29 01:57        163840        ----a-w-        c:\windows\system32\atiapfxx.exe
2013-03-29 01:55 . 2013-03-29 01:55        46080        ----a-w-        c:\windows\system32\aticalrt.dll
2013-03-29 01:55 . 2013-03-29 01:55        44032        ----a-w-        c:\windows\system32\aticalcl.dll
2013-03-29 01:51 . 2013-03-29 01:51        13703168        ----a-w-        c:\windows\system32\aticaldd.dll
2013-03-29 01:48 . 2013-03-29 01:48        19870720        ----a-w-        c:\windows\system32\atioglxx.dll
2013-03-29 01:35 . 2013-03-29 01:35        442368        ----a-w-        c:\windows\system32\atidemgy.dll
2013-03-29 01:34 . 2013-03-29 01:34        492544        ----a-w-        c:\windows\system32\atieclxx.exe
2013-03-29 01:34 . 2013-03-29 01:34        219136        ----a-w-        c:\windows\system32\atiesrxx.exe
2013-03-29 01:32 . 2013-03-29 01:32        163840        ----a-w-        c:\windows\system32\atitmmxx.dll
2013-03-29 01:32 . 2013-03-29 01:32        25600        ----a-w-        c:\windows\system32\atimuixx.dll
2013-03-29 01:32 . 2013-03-29 01:32        43520        ----a-w-        c:\windows\system32\ati2edxx.dll
2013-03-29 01:10 . 2013-03-29 01:10        430080        ----a-w-        c:\windows\system32\atiadlxx.dll
2013-03-29 01:10 . 2013-03-29 01:10        14848        ----a-w-        c:\windows\system32\atiglpxx.dll
2013-03-29 01:09 . 2013-03-29 01:09        34816        ----a-w-        c:\windows\system32\atigktxx.dll
2013-03-29 01:08 . 2013-03-29 01:08        463872        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2013-03-29 01:07 . 2013-03-29 01:07        53248        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2013-03-19 05:04 . 2013-04-10 15:48        3968856        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 15:48        3913560        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 15:48        38912        ----a-w-        c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 15:48        69632        ----a-w-        c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-05-03 10082920]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-16 348664]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
c:\users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CashMaster starten.lnk - c:\program files\ICS\CashM\cashm.exe [2003-7-18 1970176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
JFritz.lnk - c:\program files\JFritz\jfritz.exe [2012-1-6 202752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 StarMoney 7.0 OnlineUpdate;StarMoney 7.0 OnlineUpdate;c:\program files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [2011-11-08 554160]
R2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [2012-12-21 699680]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 netr28u;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 63872]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 141952]
R3 OxMf;OxMf;c:\windows\system32\DRIVERS\OxMf.sys [x]
R3 OxSer;OxSer;c:\windows\system32\DRIVERS\OxSer.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
S1 OxPPort;OxPPort;c:\windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-03-29 219136]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-03-28 291840]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-01 465360]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-02-14 79872]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-03-21 362600]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 09:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A
/* Do Not Edit - START: _gcMembers_ */
// created Thu Apr 11 2013 12:15 GMT+0200
pref(extensions.toolbar.mindspark._gcMembers_.defaults.exist,true);
pref(keyword.URL,hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=);
pref(extensions.toolbar.mindspark._gcMembers_.last.keyword.URL,hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&n=77fc91d8&ind=2013041112&p2=^XN^xdm101^S05015^de&si=CN7G5e2wwrYCFUNP3godQUsA1A&searchfor=);
/* Do Not Edit - END: _gcMembers_ */
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-WeatherBlink Search Scope Monitor - c:\progra~1\WEATHE~2\bar\1.bin\gcsrchmn.exe
HKLM-Run-WeatherBlink Browser Plugin Loader - c:\progra~1\WEATHE~2\bar\1.bin\gcbrmon.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4225751292-1800472845-3731939530-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4225751292-1800472845-3731939530-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Java\jre7\launch4j-tmp\jfritz.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\Brother\Brmfcmon\BrMfimon.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\UI0Detect.exe
c:\program files\TeamViewer\Version7\TeamViewer.exe
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-12  17:37:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-12 15:37
.
Vor Suchlauf: 8 Verzeichnis(se), 75.168.301.056 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 75.003.019.264 Bytes frei
.
- - End Of File - - 6F6318CE64F1C98791985FC9A2F9832E
A36C5E4F47E84449FF07ED3517B43A31

schrauber 13.06.2013 08:14
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches OTL log bitte. Noch Probleme? :)

KuniP 13.06.2013 10:58
Code:
# AdwCleaner v2.303 - Datei am 13/06/2013 um 09:27:27 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : UP - UP-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\UP\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\searchplugins\my-web-search.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\UP\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D0E499F53381f84992C7A212CF1D8F5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16576

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^XN^xdm101^S05015^de&ptb=C3A1324B-E08B-411B-A282-57C6420D4166&si=CN7G5e2wwrYCFUNP3godQUsA1A --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\prefs.js

C:\Users\UP\AppData\Roaming\Mozilla\Firefox\Profiles\qets9qo8.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "My Web Search");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "My Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=C3A1324B-E08B-411[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gelöscht : user_pref("extensions.mywebsearch.prevDefaultEngine", "Ask.com");
Gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Gelöscht : user_pref("extensions.mywebsearch.prevKwdURL", "");
Gelöscht : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Gelöscht : user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

*************************

AdwCleaner[S1].txt - [8704 octets] - [13/06/2013 09:27:27]

########## EOF - C:\AdwCleaner[S1].txt - [8764 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by UP on 13.06.2013 at  9:38:51,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B699BE7C-8F35-4AD3-84EB-BE0492995952}



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-2A8F922D.pf



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{000DAE9A-96B5-49D0-9835-9CCA4B30C13E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0054C98F-8ABD-4ED9-BB01-5FCE5CB2EEE1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{008404AC-088D-48B6-BA79-21445932E7E6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0094B215-6467-4CE3-9E6E-CE3CFB34C216}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{010DA909-84B1-4DE5-B522-7A715522E321}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{014867CD-921C-4DF5-B078-2A7D073015D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{015F0465-D82E-43DD-9863-2D6484FEFEE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{01627A1F-C06D-4BB7-8F6B-4DA9A354E4B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{01F65242-BC68-4644-B45A-DEE148FFCE52}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{021562B9-B77C-4EF2-9B5B-699374231AD7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{023E035E-005B-4CB8-B2FA-A2A3BD2B0578}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{025BCB3E-9E9F-4A97-A4E1-15B6FBCB4B2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{027F21D0-B2CD-40F5-8F68-4C2816339A6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0296B5A4-6D4A-44D5-BC14-547D3369113A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{03942E1D-103C-475B-9BAB-B8583EFFBB25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{03D20F55-8B4B-4B26-AEFC-D6AFF29217A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04B18A5B-05CC-4237-AA4F-31423504DA41}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04C19A8F-B746-4D90-A284-769603C7A91D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{04C77FB4-C2E4-4604-8746-DA261A45ECCB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05677015-77CC-46B1-9445-283F6E1EFDE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05771F1C-8EE5-494A-BA01-E0856B949C05}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05B3CB36-097C-403A-9C53-9087F9D0EC7A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{05E18039-ADE1-4C30-B031-BDF6AE837EF5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{06A57D32-0F0C-47E5-BE3B-4BADB67FB198}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07199FAA-F857-4901-9ECE-08F326B3270A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07CAF77A-8B87-4FCD-B493-3B8F2DE27E07}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{07DA663B-7AE7-4A2B-AA51-6AD224367CCC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{089689BA-C1F0-45C1-96F8-F2A0105879D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{08C345FC-CE42-4D0B-BCC1-688F450EB161}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{09AC8C15-0B55-41CE-8B88-736722E92B96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{09BC09DF-7B58-497D-9818-0C2CFD950DE9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0BEF41C7-DDEC-4279-A12F-FB6BECFA3B23}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0BFF76C1-6647-4C19-9926-439D77237383}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0C284788-D4DF-4AEF-973F-05186DBA2738}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0D6E587E-EF3E-452E-B5F0-22005B43C374}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0E394910-0C3E-43DB-84E3-66C1623E50C1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0E8D6226-1BC7-4DF7-B104-873B6ED7F306}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F06110C-5640-4C51-A726-F9CD0D70180A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F68B560-ABF3-4328-91F6-8660D92884CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0F6C4F11-9799-4B82-8C21-955D5949B0E4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FB53E6E-AAF0-4EBA-90A4-04A86FA33FA6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FBB98AF-D758-402E-BCBE-33074503931B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{0FFCAACD-9EE1-4C53-B5CC-8846A9404DE2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{102E5097-F3F9-4D18-A39B-362FFFB15C87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{10C64545-1C24-4B80-8F9B-471F458C0065}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{114AEE97-43DA-4BF0-935F-98F6C1FC2720}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{11E33C4D-6252-4B72-9583-5FF0CE8A3556}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1204A2E7-1905-45DF-8F3E-313DE2413325}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1209589C-E942-43E0-8281-BCB91722DEE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{122AFC3C-665E-469A-9178-6D938E4DF337}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{122B6814-F165-4969-B672-D9FD8DFF7CA2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{12427ED9-60E6-42D3-AE3B-6415037CC3FB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{12C42477-E9B7-46CC-BFAC-00923F092BF7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1372D2C5-4410-49F8-96A6-1F56D22107AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13843A2E-76DB-40E0-BF52-2CE76F70AEFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13AA76D8-F0A5-45CA-8BA7-DBEC65A68819}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{13E9748F-A67C-4689-BE04-6A6A09624614}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{14840E43-4262-49AD-A73C-E6793EDF4599}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{149BF9A8-0A96-46A1-ABDD-CCBC49660AB4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{14D352B5-D446-4C8D-BB13-6836E40051B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{154AAE0D-55AB-47EE-8B26-7F4B23158EFA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16274537-D552-4B18-BDC3-6D022B68522E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1645EE66-A5FC-4B9F-A4B4-5385C8B6CFB3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16467E81-C18C-4B4E-B6B3-D261EF3F1739}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16841B18-A24E-4E9E-9F6D-0FF53A14092F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{16A2116B-0502-4897-B0B6-E3D03351DA3C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1701EEBD-C5F6-469E-9F7E-9A6FE9EE49A1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{176FF57A-F4E6-4C95-AF35-7ABD231E76A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{17A26101-2D34-4E1B-A7BF-76BE1F599E3A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{17DCBF1F-6ADE-4C7D-821F-98D6661A301C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{19D9C617-AA81-4070-B2DF-7EAE0AFE11EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1A8007F0-76AD-4A92-9822-D211493281C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1B38F586-147B-4926-8364-FB4408960CFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1BD9D889-1131-491D-8C90-25A9B9E415C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1BF51290-3A74-43A4-A7AA-7B4FD8D02423}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1C7311BE-EB0D-4E35-8793-A15E1D8056DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1CF02746-3DC0-4995-863A-1F5473639BCC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1CFDF182-478E-4AEF-BB42-A1AEDD3EDAAA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1D4D7CB0-31F0-423F-BF05-CE1151BE1FF8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1D63D913-0BAD-4790-AB79-4E891FE166F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1DD02981-4E0C-428F-B2C7-FBACA336F679}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EBAE431-321C-49C6-AB30-70BB29188E8B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EC9B2A5-C81B-4300-B3D4-9E0B6C30A01E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1EE266AE-0905-4C7D-B557-33AB69A31630}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F307B30-E534-4AC1-B01C-2224E3306791}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F4C020B-DBCE-41F9-977D-33FBAA666E0C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F4EC95D-694A-44E9-927A-97509A8EE6F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F877729-703A-470C-9D50-3197394BA550}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1F87C008-0BBE-435E-AE34-D27467C48F6E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{1FD4ADA4-2643-467B-ABC8-596D5D6AD966}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{20930A58-8F03-452D-91EE-A2CCBF9753F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2099096A-2016-49AC-91E6-AC2A815A8293}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2151E76A-0464-4294-8021-71353FE4D912}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2158F68D-C1BD-4BA8-AF10-EC5BD58F9961}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2179B435-0FB7-4055-894D-724DA1128563}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21A414F2-4505-4AC6-B0B4-6EA3EB1E1549}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21CFB2F0-25E0-4196-8A4E-1BF4FFCB9D0B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{21D93F53-257D-4B3B-A642-2DBF418326B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2216986A-8C09-425E-8428-AA03A2305F0B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2299BD47-257F-4735-B2D7-F31BA2CD5356}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{233A0F66-3E94-4679-8671-B7A259F1D5AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23B69A01-8A19-45DB-8A52-724CC317C45D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23CDF2F3-2E60-40E2-8711-16643EFDC551}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{23D48D28-17E5-4361-8560-F56F5E5F6FE9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{242DEE9F-36C6-4EA4-B316-A6F006937936}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2454273A-FC67-4822-9452-E96F2E2079EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{24E5673D-75E5-4CEC-8D14-E8FE4D1A7526}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2518D2D6-1756-4EDC-A651-F844D15A5C15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25DFED60-993C-477D-B1D3-19B0613A96F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25EA4369-B3B0-44F0-AF63-95A69D41A10A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{25FE07C1-EF80-4849-9310-593725A3F65B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26B47367-8F47-4B7F-9334-875B2598338A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26C1A9FF-ECD3-484A-A1AF-537891E2F454}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26E5FECD-9E6C-49A9-8825-C2F9936D6F01}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{26FCB528-0AA1-4A43-B845-54EAD6F2D8E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{270A2DF6-3BF7-459A-9CFB-F1CAE6500617}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27464840-EA54-42BA-9A64-85E8AA35BD93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2755625E-8ECB-4C38-B29E-361E0FBA1E4C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27A5D3E6-D045-42D8-8530-9F5001A77295}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{27BA5E6A-6B6D-403A-AA21-DB1565B34BCF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2892C4E2-246B-413D-8FF4-5EFF3F075DC5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{28A4BBF7-770C-4394-AA06-2BB3914A5A4E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{29705585-BB3F-4372-876C-F7AC2F8574AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2A4CA49C-3F71-4EE2-9C3A-82336B97FF78}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2A88F1D1-2F22-467E-8607-8E830C73A9E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2AAE5B4C-424B-4521-A149-45A4C5926511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2B505348-90C3-4A56-86BB-B92F2D1C8B45}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2BFEAD28-BB2A-4A68-AD63-1AB43A18F461}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2C29835C-AA60-4727-9D75-07B938946920}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2C960227-8561-487A-87D5-D1636C149D44}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CB44102-F07F-4168-AE59-0B2A1ECB9244}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CC9C40D-8917-4C52-AD24-52D323C932C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2CEFB04E-5108-4B6A-9B3A-A7FEBE3AC800}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2D7AF252-865D-4BF8-8527-FD790C5092CE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2D7BBC96-578A-45FC-B70A-70C8AB8F0506}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2E50F675-C557-4A75-B72B-2BB50723EA13}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2E560C0D-3295-42BD-AD95-3AA001CD40E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2F0425A5-1532-48B0-9DF6-060B5EA7951D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{2FD4CF3F-C88F-4BF0-BB87-6614923123F3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30299CF1-5B58-4662-B420-C7D70A0F941B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30353B3D-6EC8-4E53-BE7A-386256A1DF32}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30BD07C6-3341-48B4-B904-7958988D4EFF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{30D1259B-0856-4D97-9B14-9F8DC736026C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{314E63DE-DCAD-4B76-A377-F8463882E526}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{32451A3C-200D-4222-BA25-71D681607205}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{325B7D8B-2C56-4169-A980-7371E5FFC9E2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{327FD21E-D655-4E60-93AF-F4C809E4C950}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{33716008-44D1-497B-A70E-C82A015130A9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{342E3478-9483-4FB6-A0DA-95F79D158764}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{344AD720-0820-4A40-93CE-D1FA9F0BC3A3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{354690D8-F93A-4CFD-9D23-1E3D255DAA4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{362285F0-9561-4516-B962-17D4CFBA4ED5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3624A990-E2EA-47D4-B47C-5F3B4D1CA3AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{36B4DA97-CB49-4D44-9221-3852CCF568B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{36ECA919-5C9D-426B-92DE-EF2AEC4EE1EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{37570763-64F4-40E2-BBC4-80AD0359108A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{383F2A42-AB87-45B1-9C89-A2980FED731B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{38B31952-0C21-4B5B-B6B8-EF309C9847F2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{38E625CA-F559-48E7-B218-009E010CAFD5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3948EEE5-41F3-43E5-8C15-6CE848D3FD74}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{394A6ED7-1610-442C-8080-D803B4236746}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{39D3CAB4-B2D9-45EA-97F3-A4BA6E4B5D37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{39FA15A4-2107-486C-8AE2-A90D97A5B315}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3A4FFA4D-43F9-45D7-945E-066945FA8B6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3ACB42AD-FE91-4694-B416-FA765491FFCD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B1FF2EA-3D60-4ACD-A1B4-3C4713DBF62C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B257ACD-4AAE-443D-A54E-A815599ACF7A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B3164E9-2FAA-4525-BC4A-9AC7C7FDD5F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B47A53C-7379-4E84-9378-DB387015BDF6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3B98AC8C-E4A9-42C1-BAD2-113311788629}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3BB4B6E7-E12A-4D57-9153-02A58280B30F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3BC5B5B9-E55C-4516-8E6B-010A995D8474}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CAAC943-188A-4F1D-9F98-B348E23E95AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CBD11C5-04B4-4E16-ADB9-BEF9E8B8B82D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3CEAB108-4CB4-4A59-93E0-E53A259FC763}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3D343283-C742-4816-8209-026FEEAE14DC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3D7822A0-8664-4D15-9C78-F1944FD7DC4D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3DDA07E0-A0C8-4A3A-B8ED-7E82246D959E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E15E7A1-A88C-4C33-A5AF-493FA3183484}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E55A5A5-BCDF-4794-A5A9-C4B19170AB0F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3E5FF309-4C1A-4542-94AB-C9049F57E8B5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{3F3FFCA6-9B34-4776-BDCA-F21F1DF52DF0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{404EA176-0473-469E-BEF6-2C5783C346CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{40FE7FEF-1D79-4BCE-83D5-8477F2C4F0B3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4119DE01-5C22-4311-9003-7BAA22EA0B67}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{41DB5F8D-5110-44E0-9F63-243CC5D55561}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{41E1551D-E362-4522-A0CE-4223744C23E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4244AB40-FC2D-473C-8B1C-E27517194C31}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42646B87-4AC3-401A-AD1C-4F457778C1C5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{429FD7C8-CE94-474B-A6BB-6C20A4A6005D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42E98F38-0A14-43A7-879E-5FC54B7DC156}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{42F253D2-036E-4B2F-8FE3-0190BF45E6F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{43FFED72-B430-4563-9872-6521834465C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{444AC3CC-A0F1-41CB-9416-D4C8D0E6DB6B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4479A85E-DB9A-45C6-8363-C8FFE0D88ABB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{44856460-85DA-457F-92F8-EBFFE66AE810}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4576AD61-E1E1-44B1-B89E-02E4125011CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{45FEB38A-85FE-42DF-A6A9-5CEA4CAAB90B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{460DC7EF-B548-466D-A405-3DF9C48D54AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{461ACFB8-3CD8-40A8-948C-D7129E1FB58E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{46338DAB-C507-469E-AACA-C407FA75F639}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{464041A9-B47E-409E-A88F-946971D3A1F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{464466BF-CBE0-44F7-B48A-2FED7387A2ED}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{476E9D23-B666-477A-AEB9-5097AB04C4A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{47747862-C943-46E6-A76C-C493275CD606}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{483C0834-278C-4D56-9E7C-7A95E7522A67}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4858F450-0828-4B73-B976-844EF7AC0B8D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48C32370-9BC2-42E2-8297-73D0D68650A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48F47DA1-F4C6-4DD7-9205-424F310D8F53}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{48F4F055-7565-4273-87FD-B692FB79C92A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4952A650-53F3-487F-A199-C234DB7A0B86}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{49539006-9266-4D22-8E02-5E83E7EE0DE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{496D88C1-14FD-4ADB-993A-7F705F8DAAA7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{49AB0A98-821D-4035-92E3-FE3F08D544AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A1A573E-3A5E-4291-8A18-3E1962E170BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A303311-8E56-46F5-A35C-1953D5918309}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A4BB0C6-395A-408A-9845-0F89819AC469}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4A6644E3-BF51-4F06-8124-6B44613E18E3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4ABFC388-FA30-445A-BAEF-22301B079025}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4AD0E794-758D-45D2-9403-B872C1EF420A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4ADB0851-11A5-453E-A9F0-758BB9E6DD09}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4AF3726F-271B-4274-88D3-F1A035D72C10}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4B0557E9-2A50-4343-BA58-25659E78729D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4B5CC351-8A51-4967-ACB5-AD6AD4C48F95}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4BF3C3FE-9D84-4233-822E-74AF5660F6EE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C3035BB-588E-4FE2-8E27-B024CF2C24DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C4E4D86-3E6D-4340-AA03-81AE6BE3A4C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4C8C815F-AE0E-4332-BF1C-DAC010E26816}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4CA04863-E04B-45C9-BD91-E7F73AD8A9A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D0DDC5D-ACCD-43E3-BE5E-AA03F3DA4CC0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D3A8339-B18A-484A-BE2B-F778D359AE91}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4D6E723E-53C6-456F-954E-A70AF2F00945}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4DC8B937-6379-425D-BD6E-A98BDE7733E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4DCA0647-4B5F-44A4-9768-EB5A967E4F36}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F3055A1-C9E8-4274-B924-D11C8C289932}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F46A3A2-20FC-4DBC-B5D0-647E89910995}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F493906-6D14-4C60-9D23-A2399D4315FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F6C7FC3-F3B6-4932-9136-156117FE5663}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F8B39E3-98C4-404D-81A8-84C45624E25A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{4F8E5F93-5D97-421E-A07D-B8253C5E3B10}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5000EF51-B45D-40FE-AAF7-AF774410F004}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50A156DB-7311-4709-806D-C3B827BA0EC3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50B5F6DA-C8E1-4E08-8338-DD338349413F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50EB9945-C5AC-4538-B4BE-A4DC1DF71504}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{50F0CDCD-2039-483F-9823-70DBC5711FE0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{51F99D0F-B61C-463F-9167-FCADB9252B85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52532D4B-0C90-4092-B67D-17A4D4A45EC0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{525D87FC-0EAF-4FBF-B40B-628BC6E35EF6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{527826BE-E2A0-48E2-AEF0-14BEA8912E45}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52C35510-870C-47E8-9226-9CB9914ACFA1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{52E77631-41F7-48F6-99AF-56152A29AD61}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{532CC3E2-EE26-4DB3-A8AB-E20050CF42BD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{53495269-C1AC-4056-9C51-2F26C60B0C28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{53C6C961-A98D-497B-87B3-5F89952EE1AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5433D83D-B3CA-440E-A84D-9DF6149D085E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5499C6DE-EEE5-40C2-8335-1BFA2173CD8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5528A806-718A-4D92-BF96-CCE760CA41AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5571BC1D-F74C-43CD-AC4C-883513CD8574}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{570FDD90-91CF-465C-9006-A50B992A73B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{571DE70F-0B54-4948-8262-81CB9D3B5577}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57336498-F04B-4DCB-8923-830246D6E605}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{575D70BC-091C-4DD0-9E1C-0F02DAF367EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{579F60BE-9296-4F23-B565-428535406957}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57D0D169-6EE3-4101-BA62-FACD1296C194}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{57FC404A-5E1C-4B56-B092-359DC75F7AA6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{582C6857-B211-4D65-AE89-2D8A2A3E67A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5854E183-04F1-4E77-89F9-BBDBF8D77DD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58675302-EA0D-4164-87C2-E51D9CB3FA4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{588032B9-5DA7-45D8-824A-924FCAB9E6E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58AA02A2-8A30-46B4-8560-ECB826725D2D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{58E12A6A-595A-4916-8B23-588FC9D2E616}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{593A544D-D0F4-4A9A-BF56-3197729782EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5971933F-FBFF-4E7C-B162-6186BC128B94}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59D1CD3E-86B0-45B4-9558-6A2600AA4A68}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59D93645-9BF0-4E6D-A9D8-DC180DD92C5D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{59EC4201-C3C5-4F8C-B534-BF357C8940B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A2EA667-021E-4DC1-A523-A8EA7DFCBFD6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A3D324E-A09E-4DE3-98D1-5832ED1E3B41}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5A44578E-2236-4FCA-AA77-E77B5DFB67F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5B4791BF-83F0-46A5-AAC8-7BD13F5B7D83}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5BF14D39-98E1-442E-919F-F9833A6B7D63}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5C309052-4375-44D0-9ED2-56CAEFDF119B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5CE15972-0557-4B53-ABF5-759B41D87294}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D26C15B-1A6A-4826-8C3F-F7FDAB51D043}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D3D4A26-C993-4816-B1FB-A3B97FA5ACB3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5D7DF7A0-9C17-419E-8352-519946A9337C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5DCDA36C-ABC6-4A58-9B5C-9834C21C9F5A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5E0E6967-49E2-4BB9-85C4-E667B5D53A96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5E6B23D0-B0CC-4074-A74F-F6E01F3ACF5C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5F694FE6-FD9D-455A-92CC-D0C8384BCD28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5F91EBF7-AAC4-438F-AB79-031F255E5253}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5FA262CA-5DE3-4974-9141-E04E97B7C12F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{5FF16193-8C8E-403A-BA47-83D5744FFE0C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6000D458-96AC-47B3-A3F9-7A25D5C19882}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{601DA959-C73A-4DDF-96BC-B0E43939BDCB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{606BA4EF-3740-4874-842B-BCDF5263AFE2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{60B6AEDD-5014-4998-83BA-C8196FFCAFAA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{612DFF6C-6199-490A-B624-EA5AE8D82B18}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{61676A20-375E-4F03-941F-6EEF7467DD25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{61AF0B89-F3CF-4C85-A3A7-8DCC6AC833B9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{620C33BA-D978-411D-A6B8-E71B719CDB1A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{620E704C-3858-4466-BA70-098D54C6A208}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{628468A5-0321-44BA-87E6-39312C4B1A3F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{62979C2F-40A7-4197-9F7D-40505763E907}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{62999B76-127B-40C4-A7C0-7B42A55F1773}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{63AD0486-6026-4D6B-811B-75825C9D89FF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6413C4D5-9470-4538-9BF8-FB77E3DA7476}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64A0905E-C7A0-4EF3-817B-2F8E6CA473A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64A5D50F-E57D-4BD4-A15C-65F32ED09AD0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{64E7998E-9A9A-4F68-8D35-2336A878215A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{655AD731-838E-498A-8E7D-F039847C5402}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{65724960-52C5-41DB-AAD9-9C7B97A6B039}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{65744EEF-8282-4D02-AF15-7345862DDE7B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6655F222-D308-4C46-8101-F8DA30C90672}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{669A60E2-3E24-49C1-9A24-C2540F53C9AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{66CB8157-1242-4CB8-B095-6FD8FA2E1B2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6794898D-66E2-4353-A076-99648ADAD508}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{681DC91F-F025-4A13-B55F-D70D92DE9F02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{685EFE4A-B21B-4808-88A5-C712A05A5DA4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6898E4C5-9B23-4579-A291-19128F4B530C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68B26648-B09A-40AC-8F60-BEE1C023C76D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68B65E55-6128-48AD-AB9E-3AC580281C0E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68C9391E-73F6-4CBF-ABE8-3A4FA26EA216}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{68D099F2-7100-4C7C-93AA-59CFBFDDC379}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6904F4DA-A648-47F5-AD45-2624122EC576}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{69189FC3-CC6A-4D63-BAD0-B19EEA40BAA9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{691F9379-C447-4D80-9FED-6F613B8FE505}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{69E38BCC-26CD-4790-8660-48A49ECF8E11}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6A88CFF2-792F-4D79-9C31-720A1AA62585}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6A9B2BA3-A2A1-4593-82EC-75C5D36C9CD2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B0362D0-8B03-4680-947D-22069DEC2EA0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B3B2665-3F0A-4F96-AC2F-CF70EC559AE5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6B6DEB4B-8F3F-4318-B2AE-498D492AA81C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BA10E8B-C88D-4A13-B0FB-D4FB6D4CDA15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BAFC08F-D47B-4679-966B-6ED86152F3E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6BEC1847-23A2-4E29-B461-9BC9FDDBBBB2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6CCF8EA9-BA91-4F73-8380-1277D27633CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D0FF6A1-42C7-4335-B4D2-4E8B4E158E94}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D32D3FF-4849-4142-9C5E-BF86ABCED5A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6D51CAD6-7FAE-4CC1-9EA8-57A2AE72D558}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6E3DF629-3715-47DC-8398-CEFF87D759A6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6E5F64AC-4C7D-463D-929E-05DFC78DC3B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6EE2DCBC-82B0-41E5-9999-8187C679CD4D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6F3309DE-A9D2-4815-9C1D-49BA984C1DFB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6F6FF9EA-D1F6-4927-A752-D77D2A2426B6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6FA0AA9D-FB2B-4BB5-BC5B-4E3F7D54D676}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{6FA6837B-8D9C-456A-8274-9776DB2039E7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{702DD0D7-13B2-47E8-AE0E-9902353EB25E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70423093-E9A7-4813-ACF9-D19B0FB8F260}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7084A884-476F-48EB-BFA5-E9BDBC32EF53}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{708C9E54-857A-46C8-8AE9-8B3527CCC6F0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70A8939D-9CFC-48EC-8714-26CE5A5BB294}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70B38E54-030A-4710-A256-C233BD35CDB5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{70B99448-012E-4B39-BE00-123C9DD3E32C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{71A44C89-9048-4C7F-8D2D-5EE4F3A3801E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{71E698DE-23B1-407F-9901-7138252DFFEA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7271459B-755D-42D4-8EBD-6BE2332AC2E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{728CBF0D-8DB2-4772-A957-0D6A311FD7EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{72F2F359-E5C8-4BF9-865D-BF2BA81F4A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7358A879-42D5-4526-9F27-723C9CD6D4C7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{743C10E7-51C6-4864-BF37-760861A6982B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{74559496-1997-41DB-8154-BA316E69A03D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{74705EBE-E57D-4E99-94E8-1081C2DD6C62}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{75540E21-30CE-422C-83C0-5207DDDF0172}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{755E1A65-9D2C-404B-8E48-E4F4D3AA3F47}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76480A8A-6B85-4EDC-978F-26B7204A0DA5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76663A3A-2E3A-4D8E-B6BB-82F8E81BF002}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{76CC3E08-D6FF-4A83-A6B4-6F717C7A3A8F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{77110A37-90B2-4395-8BCB-721087979C26}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7736E142-3818-4DC1-ABA0-0E55336ADD46}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{77A0D216-C76F-4B0E-89CA-FCCC11941E14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78217991-921B-4669-BFA7-682122271078}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78365B0B-D90F-47FF-89E8-F5C76012E0ED}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{786A62A1-372D-4F3C-AF49-EC5CFD6655F5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78775B05-01EA-42FF-B27E-C94E35BC2A6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{78817B55-DC16-4CB9-8235-9AB60AB8E4C4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7902666D-62B6-4829-A7F3-52770C98FC93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{795710AB-BA2F-45A3-9B4B-2A8CE3EE97E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{79C213E1-5AE3-4C03-A519-AEB7BE5569C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{79EA27E3-EEF1-4A35-AF61-8B6A79854E0F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A525E19-625A-4513-AE93-901E8CB7F118}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A77E31E-3968-4353-A5B2-E0405771AAC7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7A820C94-4BFB-45B9-93E6-DDD790EA2C83}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7AA1BC57-2EA3-4869-9F5B-3789C43EB661}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7AB36458-837F-49E5-BCFC-24C425BE5F7D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7B146173-4C28-4764-A08D-75957E18806D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7B73DCEF-1ECE-4935-B1CD-46C17B582C9A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BB37A36-5117-441F-A892-F127B596DB5E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BBF65A1-5C98-4F8A-BAC5-119AD77F99F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7BC64D34-53AD-4573-8226-76E018E74D17}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7C399ABF-7A1E-4A03-902D-5AD4A577E02D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7C60F4D2-EED0-4C56-AD83-0ED32629573E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7CC8AE55-4258-448D-A475-40567C0BDA93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7CE95E56-4ECD-41B2-821E-4F254C7DD535}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D1B4A76-0C06-4AEF-A33C-FDDD71E9C968}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D34833F-1AD3-4B70-99E3-22B1E9CC8CC2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D3F1EA5-6B4F-45D2-8048-AB65B24E415B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7D89F014-7016-4688-A118-5BA202D2EB25}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7E0A6056-78E4-4083-8A50-31DE3A023DBE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7ECEA3F4-B8E6-4DB9-8BA5-A8918E67E55A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F1D459F-57F8-4F3A-9E4C-D9F2F8C12F9F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F2CF017-37C2-4670-95F2-C13EC3568B85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{7F50C2CF-E999-4F48-884F-57F139AB2C4F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{80A019B9-A475-4B80-9CD0-00E66205E78B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{816EFC9B-6162-496C-BAE7-8D2E9FF51F1A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81774051-9583-4DF3-8230-A4A8F6B9DE8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81C473FD-C82D-4E75-9278-A7FBA81B2F11}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81D5C872-14C8-4830-831A-EB3F55A3AE6C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81F44202-506A-4EA3-B168-70E00D36E511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{81F9D7A8-890E-427B-A8FC-7BE9400BE2FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{826052B3-FED5-43B7-9B8F-5AAE324B213B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{82613B98-CBF9-4C42-93F9-D48D66E129D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83025519-4108-4C54-AF9B-A4BB4BEF9A7C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83053B2B-127E-49DB-B0C3-C027657067F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{830EB296-0735-4DCF-A909-19DDEAC20769}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{833965C6-6A35-4B0E-B937-9D4FC693739E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83B320C2-46CB-4CF2-8CA4-ECE6A1BA0613}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{83CD634F-289C-43C3-8285-6271A13927D5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{84241867-137A-426C-A368-2533936902C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{842BCA06-7C1F-40E8-865F-54BBDC8357E6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8432BE82-B4BA-4083-BDA6-9A879E2EF06B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8441788E-AEB8-4596-930B-2B73753D8B8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{84A4BC31-BD79-4D90-845F-C05D212CC560}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8500CD60-813F-4768-9D5E-48D7C6D33822}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85174610-1B9D-4010-9B31-043B01E32A92}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{857BD189-12B1-4E75-B833-5631BD12596E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85AA4735-A9FB-46BF-8F28-F463202C37AD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{85FBF4B5-8BF4-4F99-BC5D-FB0C49C89DFC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{860B2698-7E47-4F22-A4E2-5746CA17F195}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{86FA3EE9-0644-4722-B053-0F2243C41F4A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{870D72DE-9892-4C16-A7EC-3A19020E3F03}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87371069-A13B-4D73-A08E-EC660F154ADD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87D6DB77-E41B-436F-A397-AC83814D8EB1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{87FF246A-5F9C-41D0-AC1D-A33C4355F528}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{881C089D-7987-4760-89B8-45AB76E01206}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88ED9B6E-FDE9-4476-A9FA-07D20A2B6F6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88F1A6E4-FA5A-4AB1-993C-806BB37E8B3E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88F37773-E514-496C-A29A-883D14DEA519}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88FA0465-7CD9-4AB4-8839-6BE2037ACB7D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{88FF9F85-A104-42BB-987C-CF72F1C91467}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89293C35-5E6E-45DF-B4F9-F632442C8996}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{894DED80-02D9-4EEF-AC87-49D7B50B27FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89889EB6-34AB-49D3-9529-CB8D761D2C2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{89A02354-F6D4-409B-9B13-D44FA356F1DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A2A15C9-2A65-4404-B148-D8ABB58B0FAD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A37E7EA-35F1-4A73-A23E-B58E1BD2C2B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8A65D5B1-9A45-4D18-B947-BF5570AD04FF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8AB2529F-431E-4675-9B8B-DC63454AE745}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8B2B892E-4050-43DF-85AF-B1771D22E904}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8B5BF874-2EF5-4D89-96AF-627EBD619714}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8BCFB64A-D2DF-49E9-A930-CE5FA680DBDE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8C16F757-4480-4C4E-B51F-815A6E1325EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8CE87183-FC45-498C-BDA0-3C9FC6C7742D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8D3BE354-6BB3-42E5-956F-73AB6E2DCA36}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8DA26F03-5712-46A5-A9DC-3CAEAC3F2E02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8DFDD749-A9F1-424D-9029-4C7B51592886}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8E609D93-FFC6-453B-98FE-F8859CA3C3BE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8F7C05B4-3295-4A56-9C31-3F819618E24F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{8F860F59-B6BA-4B7D-AC27-E1770B6EA7FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90159F77-8A64-430D-8345-4578FCD5F46C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90496EA8-45FA-45E4-A5CC-F4CB11BD2208}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{905BEDD7-578C-4B1F-841E-9A5F85C3D9E4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{908779C9-56E0-4927-885F-187DEDF74A28}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9099D336-A238-4721-B42D-D011C86869AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{90FB8A52-FBAD-475D-9652-8AF470CB95E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{910BA246-81FF-49DA-B666-70E751C4843E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9161BCC9-013B-4E92-8CF4-BE056AD5067A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91631C76-49D1-42C7-A8AC-6EAA2C004B39}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91A2D8A0-9C73-4D7F-A8CB-2B5DA8B668B7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91C3D78F-EF35-45D7-838E-7A319154239A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{91E4F34C-7515-42E0-97C5-FC7A370CCD61}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9240B4DC-0606-4042-AD12-15C63F957EA9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92432542-53B5-49D3-AE9B-2EEDACC0BFDD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{924A1889-DD33-478A-96AA-CB9697FDDB9A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9282D468-B66D-4F3A-AB05-FB41B343D461}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DCCAC1-7AE5-4975-B418-98D451E8C732}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DEA894-403C-46AA-8BD6-856601B18B2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{92DEFB66-DE46-4B92-A692-4619EEDA2FBE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{931C37FD-EBCC-4622-B86B-352B5B56BB5B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{938FDED7-5AC7-45D2-956B-4527399D0CC4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{943F2CCA-B87E-403C-B50E-83B882E4D37D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{946CA5BD-FEE6-4B74-975E-0EA2919E00C5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{94999E90-BB90-41D0-8FA9-876B3B1E13FC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{94E5AB30-ABBA-49AF-BB8C-B0AD633B78C9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9501258D-645E-4AC3-864D-F1EB721DACE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{95458BCA-B1AA-4CBD-B5B6-F93540457EEC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9572C66E-9E1E-4DB1-9BDD-A356A10A039A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{959DBB92-A831-4128-A9C2-83F54840CEC5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{95DD5CF7-529B-49A8-B774-83A2E1D6BFD7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96A7778D-F797-48CB-A3A5-0CC9F63F7742}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96BE5C43-A3CC-4F6A-B676-59429BC8436D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96D338E6-A0A8-4D61-AFFC-8E31CBAA8B56}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96DB0DEC-9005-4B10-886E-C23ADDE43875}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96F4EAA8-6D80-4E0A-8024-BCBD31D524C1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{96F7B440-EBC6-4E26-83CB-144C68E49511}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{97C04604-F86B-4081-AA4F-AFCC57103281}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{98612620-4D61-48FF-BBB5-0B6BA65983E0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{98DB0252-8236-4CEE-9E2E-517C21624A49}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99776108-0419-4BDB-87E7-6480F03B8AEE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99A271C1-1D83-47F7-AC2C-8CB4B172857F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{99A35D01-6B64-41F1-9DE1-9D313518807D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9A630097-C648-4AA5-8471-A7DAD300AAD6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9AB02ED9-5EB2-4661-ACD2-9CD4E8694A3B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9AFF4716-5E9D-4E02-AC0A-13390C4DC4D9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9B00E288-BB33-4F22-B21B-53A62E5BDD6A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9B1704A9-834F-4FBE-BAA1-6E8FC350298A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9BDF9C09-C151-4E90-B63E-B1B1022C74AB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9CE1E4CA-C90D-4890-88E4-DCE70C2922F9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9D9A9B2F-E3F4-414B-897E-540879FFC1AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9E0C42F3-6B4D-4446-A3F6-DB20087389D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9E710F24-63DF-45AA-9DE0-87E57F4BC932}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9EDFC3D2-3497-4EFD-96D3-E189AF6826EE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{9FB6D974-AFFD-4131-BB6C-A12A21207AE3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A011EEFC-71EF-41C4-BA62-796F899942AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A0FFBFA0-9569-482D-BE3A-FEF21FBB2F15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2123408-7619-43EA-B040-A9BE0681C756}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2EEC72D-8E98-4C25-8C3A-9120507E0FE0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A2F3E003-3F30-4E1F-9222-E37247541F1F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A328CA4D-7C5B-4378-B872-E160533B1966}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A3880567-3A5A-4CF1-B59C-5BF2862A0020}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4100589-7CF7-45F8-865C-89EA8DE4F02A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A42F64E2-F223-4027-9B88-9985C858E255}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A44E4BF9-8D35-4FC2-B868-4003176253A2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4CD4A1B-AB28-49B5-B0D1-46F60210BC19}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4EB442E-F31C-47DA-96C0-AFADE74FAA93}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A4FDE67D-4CFA-4396-9DB2-EA659016910F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5997495-1595-4A7E-BA98-7350DB460F29}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5B81530-1641-47E0-BE23-A56F07D192E9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5D79962-7C45-46EB-92A2-21D86D2280D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5D950BE-8F80-4D26-A8FA-BB4519DCDC5D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A5ED8D03-4A34-4D71-BF39-4FD0F17E9754}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A627B16C-40C4-4118-91B5-3503F76C69F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A783EF8F-C74F-4D00-85EB-599139245754}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A7C51BE8-1125-4B0A-B159-38A458B902CD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A7F67600-A804-44FF-9DCD-A01F0EBE40FE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8363911-1BC3-401D-88CF-A1C54F81DFC2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8442C5B-6238-4BBC-82CC-85323B42ABCD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A85D51C2-2942-4280-9ECF-D11EC47FF6D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8712EEF-97D6-4940-8A50-8A771446255A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8721E90-5B67-498E-9B53-665956235A08}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A88C17D9-A448-4752-99F2-70992047308D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A88E9B1A-3A2D-40D7-A3FB-F26806DBE950}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A8AA9A74-908B-417D-97B0-8728ED7A1E89}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A9B29610-9F63-4C2B-AF6C-F2C4ABF3E9AE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{A9EF78F3-612B-4375-8DB0-3DC398B87864}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AA6137C6-FE56-4C9D-9519-A3166885F3D3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AA713239-EA31-4871-924F-363437169EE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AAF183BA-457A-487D-B387-84CFB21B6888}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB1A2FAF-463F-41F8-B3A2-E62CE1AF4E15}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB1ADE2A-39EE-4045-A5B5-3E481074EC14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AB7A7DDB-0FF1-4B05-97AB-0899D5AD4E2C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ABCF278D-5A64-4EF8-85C2-947A2A76F5B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AC40F553-7054-4C1A-BCAD-86ED2F0C645B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AC9DD3BA-E741-4A4F-A80D-17A75E421916}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ACC60EC8-1CD1-4039-AF86-A385ABD16357}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ACF5BB13-C4F9-40C7-AA7E-2855337D8DEC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AD7F742B-99BB-4C9C-9064-8216BF45B96F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADD0BC26-031B-44FF-8E34-B4C5A442ADB9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADDBC9E0-6281-4F55-96F0-10E16F7934BB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ADDD89E3-3845-4682-996E-EA95FA8F2E03}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF02B717-6BE4-4329-A1DC-34F516ECB082}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF988F3B-1F91-4FA6-8E11-0C009BC3E3AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AF9B9D87-37EC-4FC3-8AC4-91F4F0D5F888}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{AFD20F14-3685-4F11-879E-FF2E8D4F60DE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B11F50C6-0300-4783-9725-EF94E61AC658}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B17501A7-4CE1-4C0A-91B9-35F91DA40604}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B2D586E2-F7AB-4DC5-A0A8-8DA24ED59F9E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B2EF20AE-B618-43DE-ABE6-77ECA5F88BD0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B315928B-9436-4416-B080-56E98C1477C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B34DA21E-305A-4529-ADED-B80D9F3847D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3BBAC2C-602E-471C-9232-F1CFAEFEC2F6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3DBDB73-B1DB-417E-B2AB-AE72559C7F87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B3DF285B-42B3-466E-A4FB-296083FFECFE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B42EA41A-F903-4531-A2D0-08C921F1C9B8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B434CDA8-4EA3-475E-BD3C-102D0DBA6059}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B44731C9-BB09-4373-B146-3135D6D8C5A3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B4FB7A85-41E7-44E6-9F5D-69724252C81F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B501F206-54A3-4529-9845-F981EC1C653F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B5F64CBC-C3CC-4C37-8E22-F51C2341ABD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B60290B3-A831-41F5-897E-1E04FD193250}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B6320E92-5A42-4423-9533-E7C3B261837E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B63BBF5E-20CA-4037-9AEA-B0597A9DEB27}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B65080BE-4582-4079-9F14-569DE773671C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B6541212-E85A-4ABA-BAB5-08D15201DFD9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B656985C-45B3-4534-80FA-E2E8C04F7086}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B697D22B-7C1A-4FE5-8A62-0293CEF5D52D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B69D4A70-0F4E-4CC0-BCFD-9FFCCB38F320}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B747328D-C981-4916-B483-04E7826DF8A5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B779FA41-971F-4A52-8010-C3D20CBF3CEB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B7FCE830-DE4A-4E9A-A5BA-5C692A72A4F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B828843A-33CC-43D9-AC50-DB6D0E1C7AC1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B82B0497-2F76-4954-AC8D-DC5A62BAB534}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B97C499D-D023-41C1-A72B-B16CD750F7CC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{B9CD30E0-1C2C-4DFD-AEB1-4B7D8375AEBA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA34F005-42CA-4B35-8367-AF38E7DD94D8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA6550DC-DDF5-4608-8D87-289B9505B26F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BA66ECFF-A5CB-4E73-B031-C9A229A1AF2F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BAE7F351-E574-4A3C-88AA-214B45050F85}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BB3560E6-B143-4E4B-9B3B-97F2AF933DFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BBD416B2-B0CB-4D9F-8CB2-5A5A494FFCE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BC4199D1-9330-45BB-B0D8-439A9BD17DBA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BCBEAF15-C38C-4C80-AFDE-3D6B6C0C465A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BCEF6B33-5712-41BF-8F33-18AD86655389}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD0DC7C9-5591-41B5-9259-624A613602F4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD1562AD-2E12-4186-BECB-CAB0BF731E9B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD1CA25D-7219-46C1-907E-B91F00DBA14C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD5A941E-7EF1-4E22-A484-934AAECC7830}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BD70542A-C3C2-4FB5-9B13-3FEF6B80E99E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BE5C12D8-268E-4720-A251-A7C26A1978B1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BE677D0A-BA18-460E-A5B9-C6C3F0059C91}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BEA1A773-CCA3-4ACF-9E73-55CB3AA38EFD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BECE9DA4-A5BA-4543-A3B1-8CF6E36C74DA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BEEC3297-E2DC-4208-B443-A000461736CA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{BFEC0A92-E2D4-4FFC-860F-E664B40996C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0590219-9C90-44EF-9082-529C48EF3BAD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C069145D-1A5D-4A65-8494-CD33121EDE3F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0B018C0-632D-4ABA-8AE9-7211DCC5187A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C0F5F53D-5793-497E-8A8A-9AA819BEE7B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C129E0CD-C2A0-43D4-B856-12F68D6D8B16}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C167FA70-D754-4812-8FBD-ECBF167DF643}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C19D7FB7-D97F-4E15-9F80-166715A730D6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C1DC8D4A-3311-44A9-B017-D041B6371E80}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2815802-4525-4789-9ED0-60FED872D913}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2A774DF-88A4-4E5F-9ABD-72415D2A6009}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C2A7903D-4514-4F7B-A269-704A0EE5EFAF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C30E8CC8-4C52-47F6-A778-D5797E8D5251}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C31DEF93-C076-4D17-A8E5-8136D50AF162}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C357F7F3-9325-4957-A0EA-9A5531BAD053}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C41B40BB-1C43-463E-9859-E9BA9F211654}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C41BC904-AEF6-4C10-9F4E-D2A8483FEA8B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C45864EE-9032-4EFD-A5E7-55508C1035C8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C4C27760-7D9F-4F3E-B828-62E1DDACAD40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C4E9D987-C723-4746-9AF5-AA887FF308B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C565733B-035A-4BB1-BCFD-D1055730B4F1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C60DB0F8-477A-4CDB-9D9B-934656171A87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C61F64A0-D8D2-4F3B-B43A-B6AE0A3FBA38}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C6D4A1A6-15F0-46B9-8A64-3C5E6A61AD50}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C779C684-5AAC-48C4-922B-747A6062923B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C795D9D0-F96B-4F45-B76F-6297D5FAF50B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C864209B-74D8-41E5-B1E6-A47DC9B44FB6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C86F14E7-83E0-4AF3-A0A3-AA1633495A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{C98F9AE7-3A40-459D-A68A-4BDEF7EB5920}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CAE35E9A-D854-414B-BFAE-A27F74B66A02}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CAF5BDE3-E2DA-4C89-996C-5B3701E07541}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CB68D912-292D-49E6-80BD-121ECCF61771}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CBF0E40B-16B1-47A2-A86D-3D77783E5072}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CC8B28B2-004D-413E-AE8E-AF0203CC3954}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CD20507B-0E20-4177-AE25-5C4F18578B9F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CD59C6FB-08F2-4780-98AD-941DDF413B69}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CDEEF1C5-AE34-4800-B088-B1219D3B9D1C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CE46D979-4643-4D66-A60E-40D3BA1CE99E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CE82009B-CE4D-43FD-8552-D6350C78E893}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF0CC19C-31B6-41C7-921C-BFC3109EC497}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF5E5137-FE6D-45FD-932D-471702365DCA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CF9E7224-56FE-4AB5-BE50-7437E4D8F46A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFA8D085-A908-4733-944D-918F733D0600}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFB11BBD-17D8-4015-8B9C-2E39F2C073AF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{CFB6A210-3A4D-4691-80CF-6B6B056C2A72}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D04E5290-5D3B-4758-BC9E-C6E2A54DD312}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D054A2FA-CFB5-4F34-B4B3-ABEC7D866F37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D067E5B3-AEDA-45B8-9703-8F55FECF4E6D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D0B4E0F9-083F-40C7-A633-D7F28B153D0D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1014499-1237-43F1-8CFA-358B95B58F05}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D10726B8-31EA-4839-99A7-86CB615DE604}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1666E64-E664-4CD6-A12E-16A12D695DD1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D1F34A43-6514-46F9-9D94-58EF373229FD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D2794504-E4F3-4F40-9C99-C31CA6719856}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D36733FB-552A-439D-80D7-99D0D9A62330}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D3991675-1226-41A2-8747-76E001A352DD}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D6556DD0-43A1-4C2C-82D0-C36F149278EF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D6DA7EE1-A1C2-48C8-9845-FCAE8E666C57}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D751B0AC-B0A3-4950-ADE1-D063DB2C16B2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D769C08B-EC87-4411-9AE9-8ED925C04EEE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7C0FE3C-FEAA-4DF6-905C-B9458250376C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7D110F4-4AA8-4677-9F26-3BC540831BA3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D7E059DC-87A9-4DEB-ACA7-92F68BD52233}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D82D312C-22A6-4AE8-A465-513B2A7C72F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D860D5E7-4DBA-44B3-B5A3-55E8B90B513D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8E9D21D-6561-4921-B4F4-755CE68FE829}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8EEDA26-B36E-40CA-8D70-48C027621576}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D8FD44F0-ACF2-4883-B54C-4CB58A7A73CB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D939D70D-304F-4B99-AE7D-8BC154AA38A8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D9BF6987-71A9-4423-B630-7DCB2A3D36DB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{D9F6F9F0-4539-4568-93C8-294D026744B8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA48E2CA-8FAD-477A-BDA9-B8BBEF5EE7EA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA75DD1B-1FA2-4B7A-9963-FB6D7075E1DE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DA92CD46-D863-4021-BC1E-544850AB58B0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DB15E794-ED03-4C24-8CA9-9BDD887AD312}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DB6421C2-58DD-4913-9717-F1FBE14117B4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DBFE50AD-FCAB-4063-9F8E-47AF7289286E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DC146F62-CBB4-45BF-AD04-E9D0BAD3CE70}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DC6BBCAB-9F16-4650-A22B-9BB1B2EA263F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DD483E84-ACD0-4A9F-9F5D-05E8E17E3047}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DD9C8067-7E6A-4847-93DB-39D031F8C045}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DDC52DB6-84E9-4092-A10F-3A1AB1CEF48B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE2A5B68-50EE-47DE-B852-438D18AEEF2B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE7CBD27-FE5B-4275-A6CE-00D2DD6529F9}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DE8D44B8-261B-4799-9DFE-F5CC138B1980}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DEE3BCCD-59DA-4684-BC2F-33F67A146E46}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DF538BE4-BFC9-4848-A977-B35C6BDEB03D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DF68358C-115E-473C-97E0-EBE01EF53A9C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DFA5F200-EB88-4351-AB8E-D109A945A029}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{DFB2C85F-E4DD-42E8-8999-16D46ECDD771}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E0304DAF-EF97-4FFA-873C-4B32344E9D86}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E04FAA55-8216-4EC7-99EE-6B583AA20608}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E05946D7-FD56-4522-9EA9-3C92C916380F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E0A909A6-8C13-4809-AF47-230EE760E6BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E1CD0098-0416-474D-B890-4726E433D9F6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E23AEA58-1050-4F92-BD95-E529B28300B3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E2D4613C-C652-43C7-B9F4-D579BBE4EFCA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E38956A9-FF50-49A9-9CD1-270200D9014B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3ADA2D8-669A-436A-985A-878268AF2101}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3D4FAFD-A9CA-479A-8705-F23D161BA8B7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3E5E8AF-7615-4F53-93F0-C6135604058C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3E96F15-B67D-43FE-BEAD-A7F1951F8E37}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E3EC59BB-A92F-4F7C-8848-32A1397AF51F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4318995-1E6C-47AA-98A8-7032D8ED19CE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E444655D-8337-446C-AA46-F996CD283015}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E495B75B-AD81-463D-BC42-EB9880E80DC8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4A89FA0-52B7-4EC7-8F35-B76FABFBBF1D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E4F38D7A-4274-4259-9EF4-9ABB1DD8229F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5630DF8-D500-4F6D-A9A7-61424C64B493}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5804073-B56D-46C0-B05D-9334D7F5C4C3}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5B1B33B-478B-4659-9D3F-EAF40EF1A396}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5D61484-E03C-4667-91C7-0016634F7FE1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E5E00E70-303E-4B40-90F2-ED5C33E935D0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E67AC73D-71FD-4DA8-94B2-F44AD45A2411}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E6B6C95B-A0AF-4EF8-AEB3-7954D15DB0DC}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E70F7894-C89E-4DDA-A90C-2CD75F42F48E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E84A543D-E22A-482C-9318-A245D799F579}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8744F77-BDEE-4E00-B72C-398DA9027A66}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8842B5C-3271-477D-BD39-D903571EC73B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8DA627A-11B7-4B06-8D49-C184E28296CA}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E8EDD117-EE39-4F6D-9B87-2CA32E43F013}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E94C4DF3-0194-42ED-AC1D-DBD6502E2409}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E9BD7114-4C90-4EDD-A0AD-CCFDBE840B5F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{E9F68971-04B0-4809-A6C9-EAF58783BE14}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA1CB095-89EA-4B97-B24D-EB21A695ABB7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA4D49AC-14BA-4E7D-9A44-4FB3989520D4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EA6BCE86-810D-4C56-A373-F1BAF6769571}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EAA568E7-F4E5-412C-AB27-F1218D1BBED0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EB76AF52-0BD6-457A-B33D-58FD18785506}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EB7B4BB0-5FAE-41EA-9610-990315397C9B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EBE38127-832B-462A-B7E7-5C22CDA94310}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC022C4B-5A57-41DF-8193-5095A4C7D1E5}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC180433-E10B-4933-9B78-4CC587E2013F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EC1E7EAC-38A8-4419-B289-F99AE26137BF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED283558-AC70-43C7-B46C-4B86CD894F42}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED807C4A-9E4E-45D5-85A8-67BA7FED7DE6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{ED8A4E67-4BF7-4C94-9936-B66B48A9F7D7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EDC0E4DB-C4F5-44D6-A40C-6AE9DA7E4D8D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EDC670FF-3596-46FE-9996-384407D02D99}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EE070AF7-E79A-4C1E-A391-AF25378EA8BE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EE49685E-A656-4E64-A2F5-1E1F103D9189}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EEEE7CE7-28BF-494F-97BD-40A0E5B2D00A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EF318D36-FF9A-4F13-90E7-799AE434BCAF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{EF714A98-4AD1-4414-8799-DD8D0AFD6AAB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F017FDDD-06C7-4373-9A41-A27FF8B15DF0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F01DBE58-D797-4456-8A5C-0E1A3396A5EB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F0239798-F550-4F22-9DF5-3EFFD1E46264}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F0D6CBB5-318B-421C-8A07-4773E8D2101E}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F15271A7-CC53-4DA6-8D5A-0DAE9434B7FE}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F1603AFD-0113-40E4-B62E-5BF59B7D3D35}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F190C0D8-8926-4889-8E0B-0EE26469B44B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F1BE3BE7-3721-4798-AF82-0CC4DFAB6095}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F235A8D0-9953-4899-AA63-EFE071375ACF}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F26D3054-1D9E-4B72-B7AB-D3CF57264508}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F271F053-DE3A-430E-896E-EF8DAD343C58}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F2A440B9-9CE3-41E9-94AE-A588FB7D8B21}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F2BDA206-F419-4235-8D0A-4D0BE55B077B}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3160105-AE76-489D-A469-B2EF64B51A8A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F33831F7-FD21-4FB7-88C6-59A078C45558}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F348DC97-EC7F-404C-9740-3971EE3F2F87}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F39AA347-27B7-4607-BB00-D5D5C310261F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F39B2AA2-4F9A-4D41-A422-28F7ED3DD5F8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3B1054B-A9A4-4FBB-A883-DC0CC0E75DC4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F3C5156A-CD98-4F77-AD61-707469E4628A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F41BBE1E-085B-4231-9C68-71F219F7A832}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F483F3CD-41FA-4B9F-A7EE-3BB54996F3E1}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F4F5B1E5-9186-42A3-A26D-3EF2839E58DB}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F53A8378-B6B5-4B69-90BF-19613D3D0B0D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F563E103-71DD-4CE5-AC80-5CDE9F4289E2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F56C3C9E-EFFD-4BA9-9E91-F619673F8742}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F61C1ACB-F663-47B5-A16C-BC9F8CCB01F7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F6492C19-D155-4771-A419-28C24A0DE89A}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F65F539F-033E-436B-882D-D2A77A4CAFE4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F6E5C4B5-334D-4CD3-9B5A-0A24250623D0}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F845C4B4-3CB4-45C9-A307-07FF23EF0F40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F84F6C91-5E3D-4E89-AD64-10D1F85D27C4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F85AC0E1-57E7-4A34-A6AF-073986F56C8F}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F93D094F-292B-4678-87A4-81F746046CB2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F96923F5-D47E-4F96-ABCA-4C5F568E9D96}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9866BA3-6699-4CA5-B11D-622ED5B63A40}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9C26754-FDC1-490B-B6A9-4242D291D08D}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{F9D60878-70CD-4AE6-8601-EC2FDD4881A4}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FA191CA5-1D48-4D89-B2C8-ED9E92D88FD8}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FA890061-EDE4-4B3C-A1D8-ED9D45426362}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FAD6F801-A351-4776-B71F-05FE77A1D241}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FB34DE55-A05E-4251-A163-E592FB71E3C6}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FDA7BF7F-3D36-45A9-8DF9-6A99E90807C2}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FDFEFA7B-C37E-4F76-BBA4-AD02BB12F311}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FE03BF73-43B2-4638-ACB3-97DE71B2644C}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FEC0AE40-5ADD-4ABA-AFEF-37952F21EE47}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FEFAC5EB-7E50-4E60-9904-63F23C8D4297}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FF2FB48F-F434-4CAD-93CE-797C1253A5A7}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FF9731BB-5C9B-4060-9D5E-E61AD38B5568}
Successfully deleted: [Empty Folder] C:\Users\UP\appdata\local\{FFC5C59F-21E0-41D2-84BC-D0941449642A}



~~~ FireFox

Successfully deleted the following from C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\prefs.js

user_pref("extensions.toolbar.mindspark._gcMembers_.defaultSearchOption", "true");
user_pref("extensions.toolbar.mindspark._gcMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.installDate", "2013041112");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerId", "^XN^xdm101^S05015^de");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerSubId", "CN7G5e2wwrYCFUNP3godQUsA1A");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.toolbarId", "C3A1324B-E08B-411B-A282-57C6420D4166");
user_pref("extensions.toolbar.mindspark._gcMembers_.lastActivePing", "1371029641443");
user_pref("extensions.toolbar.mindspark._gcMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.searchHistory", "neunkirchen saar");
user_pref("extensions.toolbar.mindspark._gcMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "weatherblink@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "weatherblink@mindspark.com");
Emptied folder: C:\Users\UP\AppData\Roaming\mozilla\firefox\profiles\qets9qo8.default\minidumps [32 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.06.2013 at  9:42:02,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

KuniP 13.06.2013 10:59
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2dacedb75798cf429e6a9a6ad176b85d
# engine=14059
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-13 09:24:36
# local_time=2013-06-13 11:24:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 99 8637 236538766 1401 0
# compatibility_mode=5893 16776574 100 94 62600364 122746667 0 0
# scanned=151340
# found=0
# cleaned=0
# scan_time=5828
Code:
OTL logfile created on: 13.06.2013 11:39:25 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\UP\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,50 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 58,56% Memory free
4,99 Gb Paging File | 3,86 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,07 Gb Free Space | 69,77% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
Drive Z: | 3,60 Gb Total Space | 3,44 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
 
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\UP\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\Programme\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\ICS\CashM\cashm.exe (ICS)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Windows\System32\CBNDLL.DLL ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Programme\ICS\CashM\zlib.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (OxSer) -- system32\DRIVERS\OxSer.sys File not found
DRV - (OxMf) -- system32\DRIVERS\OxMf.sys File not found
DRV - (catchme) -- C:\Users\UP\AppData\Local\Temp\catchme.sys File not found
DRV - (amdiox86) -- system32\DRIVERS\amdiox86.sys File not found
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (CBN) -- C:\Windows\System32\drivers\CBN.SYS (MARX Datentechnik GmbH )
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (OxPPort) -- C:\Windows\System32\drivers\OxPPort.sys (OEM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 58 A5 0A 88 66 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gcffxtbr@WeatherBlink.com: C:\Program Files\WeatherBlink\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011.06.19 21:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Extensions
[2013.06.13 09:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions
[2013.06.12 16:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UP\AppData\Roaming\mozilla\Firefox\Profiles\qets9qo8.default\extensions\trash
[2013.05.25 12:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.25 12:13:58 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.06.12 17:31:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\UP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CashMaster starten.lnk = C:\Programme\ICS\CashM\cashm.exe (ICS)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21BD6CFD-04ED-444C-9D38-C3D31A2B486A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E89008DF-4221-49A6-B68C-2235D22BF181}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 09:38:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.13 09:38:23 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.12 17:37:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.12 16:37:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.12 16:37:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.12 16:37:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.12 16:35:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.12 16:34:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.12 13:04:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\UP\Desktop\OTL.exe
[2013.05.25 12:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 10:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.25 10:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2013.05.25 10:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2013.05.25 10:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.05.25 10:48:27 | 000,000,000 | ---D | C] -- C:\AMD
[2013.05.15 18:19:00 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.15 18:18:58 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.15 18:18:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.15 18:18:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.15 18:18:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.15 18:18:56 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.15 18:18:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.05.15 18:18:56 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.15 18:18:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.15 18:18:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.15 09:03:00 | 000,077,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_AuthenticAMD.dll
[2013.05.15 09:02:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.15 09:02:58 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.15 09:02:51 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.15 09:02:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013.05.15 09:02:44 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 11:22:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 09:38:23 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 09:38:23 | 000,016,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 09:29:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 09:29:15 | 2010,619,904 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.12 17:31:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.06.12 13:41:58 | 000,001,068 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2013.06.12 13:38:27 | 000,658,988 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.12 13:38:27 | 000,620,174 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.12 13:38:27 | 000,132,558 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.12 13:38:27 | 000,108,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.12 13:04:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\UP\Desktop\OTL.exe
[2013.06.12 11:22:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.12 11:22:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.28 17:24:00 | 000,012,579 | ---- | M] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg
[2013.05.22 14:31:38 | 000,019,097 | ---- | M] () -- C:\Users\UP\Desktop\DIN-Formate.gif
[2013.05.16 08:50:04 | 000,296,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.06.12 16:37:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.12 16:37:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.12 16:37:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.12 16:37:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.12 16:37:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.28 17:23:59 | 000,012,579 | ---- | C] () -- C:\Users\UP\Desktop\Spiralblock-kariert-DIN-A7-70-g-m-40-Blatt-wei-_3.jpg
[2013.05.22 14:31:37 | 000,019,097 | ---- | C] () -- C:\Users\UP\Desktop\DIN-Formate.gif
[2013.03.29 04:13:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2013.03.29 03:24:06 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013.03.29 03:24:06 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013.03.12 07:38:22 | 000,695,006 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013.03.04 20:52:52 | 000,230,836 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013.02.01 02:14:10 | 000,075,600 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.11.22 17:14:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2012.10.11 15:23:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.01.06 16:08:40 | 000,000,000 | ---- | C] () -- C:\Users\UP\AppData\Roaming\JFritz.lock
[2012.01.06 15:40:26 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat
[2012.01.06 15:40:20 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.01.06 15:40:20 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.06.20 20:50:42 | 000,001,068 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.06.20 20:50:42 | 000,000,153 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.06.20 20:50:22 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.06.20 20:50:22 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.06.20 20:49:32 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011.06.20 20:49:25 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.06.20 20:27:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011.06.20 20:27:38 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2011.06.20 20:27:37 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2011.06.19 21:42:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.19 21:18:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.06.19 21:08:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 861 bytes -> C:\Users\UP\Documents\theo.eml:OECustomProperty

< End of report >
Code:
OTL Extras logfile created on: 13.06.2013 11:39:30 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\UP\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,50 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 58,56% Memory free
4,99 Gb Paging File | 3,86 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 68,07 Gb Free Space | 69,77% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 366,74 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
Drive Z: | 3,60 Gb Total Space | 3,44 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
 
Computer Name: UP-PC | User Name: UP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B598A0-FED6-49FC-894E-3A65D06775C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A8F6D4F-AA61-4E4B-A4B6-E2CDDE9F6D45}" = rport=139 | protocol=6 | dir=out | app=system |
"{14A3D595-7DF8-452D-89FD-B9FC89E150A9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16230073-52E9-44C0-BF23-9B752EA80E72}" = lport=137 | protocol=17 | dir=in | app=system |
"{36BD00FA-7A87-4492-AB23-23F6FAD154D6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3716BAF1-D37A-4979-AEAB-8B605AB65BF3}" = lport=3389 | protocol=6 | dir=in | app=system |
"{372EF30E-C0F9-4251-991B-A29B23D98436}" = lport=2869 | protocol=6 | dir=in | app=system |
"{45A94CA0-0AC1-42DC-BA2B-EF87CC0D07E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A7F40A3-AAAF-4FAD-A45A-1B5628DC2571}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EEF8DA1-841D-4495-91E8-7EB085784C0F}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{63258CC0-832C-4AB7-A7D2-50D2F2BCC080}" = rport=10243 | protocol=6 | dir=out | app=system |
"{68AE022E-CA35-4B01-868B-D2150703E790}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863A44E2-22F0-4DF6-919C-6C2CA1CD34C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8656AD80-0578-440A-B772-D2509EFD2DC2}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C343E14-CF79-4D15-A243-AFFA698249BE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8FD6EF72-21B7-4E0D-A971-CB1F6FAA2A5E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94C4491A-442E-427F-B597-CB410736009D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B696B67-A6E2-4A7D-9D04-D4B1B23CFF05}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A24533D4-90D1-4CF2-8542-40DC44576720}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A98271EA-6280-40B3-A256-BDFB4CD67AF2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B124F087-60B4-4559-8D31-B6472931001E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B12C3F56-5206-4EE9-A754-7224D08A0986}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7A0453E-0244-44E0-BEAC-2A29CDF646DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8DB6202-A501-441D-B8AD-7CDF3197D201}" = rport=445 | protocol=6 | dir=out | app=system |
"{BC3BC357-26C7-4EF5-AC16-4F543DBEC606}" = lport=138 | protocol=17 | dir=in | app=system |
"{DBC6B725-70D0-4FA9-8146-EF492DCF885B}" = rport=138 | protocol=17 | dir=out | app=system |
"{F2113536-7060-45CA-B437-EB5775A303C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD9F59EC-C536-4BBC-B1A8-B8FE46F44487}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06097CEE-C0D7-4993-91F6-046F49F46B10}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{0ABE0379-697F-43BD-B568-341514D34EA7}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{0FDBBB99-6991-4B25-BDB0-002982CD7F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22A9353B-A1A1-41AC-B63B-76C22AFBBCAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{250D6FA2-4DB7-49FD-A365-E1246E9B563F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F7591B7-5336-4AC9-83A5-E54357846011}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{331E0B20-26F5-4EE8-9EBD-B57548857648}" = protocol=6 | dir=out | app=system |
"{3A576EA8-71D1-4C44-89F7-4E0E3C7A993A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BB4C5B3-364F-400D-B5B9-F15000A99194}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3EB61444-7A3F-49BA-97BB-CDE123236518}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{3FEF6BAF-9746-4458-BEF0-8A9A7DC93221}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41943D30-A712-485E-BB37-70066E57F17D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{571BA441-9B02-4544-A10D-137C34A3B436}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5B77DB1F-C866-4741-A097-5A049F6773B5}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{6CEB4F73-5BF9-45BE-A8BB-10D17452D259}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{71A84D4F-0B2D-417A-8232-FB79BB852E48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7716839E-9634-40B4-8429-B9E030C5F11F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{840916D8-F5EC-4465-8653-05698E2C7163}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85CEBB8C-10C4-4BCC-86DB-7FA32EAF5F74}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{8D07BD8B-2D26-43EB-923C-C05A0C13E6BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91CD68C6-0A16-4B46-956F-3A9B21A94B5C}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"{9393AED4-C0E1-4B0B-B5CC-ABE673B7CDBE}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{9B5CF10C-AACA-4266-8C56-89F5D715F779}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9EA5C179-E75D-4C80-ABF7-FD3E22A65E02}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C2B7F119-34EB-4BA1-B963-4A6E9BC5E663}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C998B17E-9358-4853-ACBC-3491ED27C966}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{D1665D45-A4DB-4A5F-AAE5-1697BE4AC23B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D467D9BA-B5E7-43A6-896E-FB3003431623}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E0AD0BB6-CB5C-4346-A83D-5A06440B56A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F08E0C64-58B7-465C-A8BB-690B1FB9CA1A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{F6ACE780-7335-4CDA-90CF-8A7FD4D9B166}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08y\faxrx.exe |
"TCP Query User{B92153E0-DAF4-40B9-AD7C-9EAC0CCD03A5}C:\program files\jfritz\jfritz.exe" = protocol=6 | dir=in | app=c:\program files\jfritz\jfritz.exe |
"UDP Query User{D0D9DCB7-6EE4-4723-BAAA-B7FA2EBC723F}C:\program files\jfritz\jfritz.exe" = protocol=17 | dir=in | app=c:\program files\jfritz\jfritz.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022D2599-2316-4927-89F1-9188894CEB02}" = StarMoney
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}" = AMD Catalyst Install Manager
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{66CDB4B8-10A9-4D47-A948-D2564035AB3E}" = StarMoney 7.0
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B594A3F-FDF9-74A0-B3F6-C2E7B6AA339F}" = AMD Media Foundation Decoders
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{98D77F94-61D8-0C3A-85E9-E588471956EB}" = AMD Accelerated Video Transcoding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6273C55-5524-4587-A655-D106125E7A41}" = CashMaster V1.40.021
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF595A9D-325A-0B86-4BFA-F2D90553A9FC}" = AMD Drag and Drop Transcoding
"{AF5B3ED5-70D3-48CF-A00F-FC29F5261A37}_is1" = JFritz 0.7.4.1.32
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1A70A4D-549B-4C56-9C00-EF55A22E52B6}" = StarMoney
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CBFDA5B8-3190-3CC6-A4B7-D27B3B48D72C}" = AMD Steady Video Plug-In
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DBE146EB-0898-4CDC-AABA-DCCA86659633}" = StarMoney 8.0
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2250DN
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{EA6451EA-DCCA-21BC-3BFE-018E1C43F0F4}" = AMD Fuel
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F314861D-F02B-07F6-612E-C51B1DA80EA4}" = ccc-utility
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Foxit Reader_is1" = Foxit Reader 5.0
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
< End of report >
Security Check sagt "unsupported OS"

schrauber 13.06.2013 11:00
Noch Probleme? :)

KuniP 13.06.2013 11:56
nein, auch vorher nicht :-)
ANtivir hatte den Zugriff auf die Datei ja verweigert, ich denke also das Ding wurde eh geblockt.
Trotzdem war das Ausführen obiger Progrämmchen wohl nicht schlecht :-)
Habe jetzt noch den Plugin Check durchgeführt.

Alles ok denke ich!? :-)

Danke!

schrauber 13.06.2013 18:45
Schau mal in die ganzen LOgs, unter gelöscht, und sag mir nochmal Avira hats komplett geblockt ;)

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Falls Du Lob/Kritik loswerden möchtest:
Lob, Kritik und Wünsche - Trojaner-Board


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

KuniP 18.06.2013 09:22
Hi & Danke,

alles sauber jetzt.

Mit Avira meinte ich, dass es den Freenet Spam bzw. die exe geblockt hatte.
Die Sachen die gelöscht wurden waren ja andere? ;-)

Gruß

schrauber 18.06.2013 12:27
Avira is müll, nimm lieber Avast :)

KuniP 18.06.2013 12:38
ja, werd ich bei gelegenheit mal umstellen ;-)

schrauber 18.06.2013 13:31
Alles klar :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131