Trojaner-Board - Was ist Superfish.com bei Google Chrome?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Was ist Superfish.com bei Google Chrome? (https://www.trojaner-board.de/122629-superfish-com-google-chrome.html)

Was ist Superfish.com bei Google Chrome?

Hallo zusammen,

ich nutze schon seit geraumer Zeit den Browser Chrome. Nun ist mir aufgefallen das egal welche Seite ich aufrufe unten in der Statusleiste beim aufrufen auch immer auf eine Seite Namens

Superfish.com bzw.
static7.superfish.com

Ich weiß nicht ob das was schlimmes ist oder nicht aber ein wenig stutzig macht es mich schon.

Vielleicht kann mir da ja jemand helfen.....!!!

:hallo:

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Hallo,

sorry das es ein wenig länger gedauert hat.
Habe nun alle Schritte ausgeführt.

Das Anti Malware Programm hat nichts gefunden.

Und der ADW Cleaner auch nicht.

Hier der Log.

Zitat:

# AdwCleaner v1.801 - Logfile created 08/25/2012 at 11:32:53
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Jens - TOWER
# Boot Mode : Normal
# Running from : C:\Users\Jens\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Found : HKCU\Software\MarketPrecision
Key Found : HKLM\SOFTWARE\MarketPrecision
[x64] Key Found : HKCU\Software\MarketPrecision

***** [Registre - GUID] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [977 octets] - [25/08/2012 11:32:53]

########## EOF - C:\AdwCleaner[R1].txt - [1104 octets] ##########

*edit*

Hab zur Veranschaulichung mal versucht ein kleines Video zu machen....vielleicht hilft das auch weiter...

hxxp://youtu.be/dWDaetD4B6U

Kommt dieses superfisch nur auf einer Seite oder auf allen?

Sehr gut! :daumenhoc

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

danach:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

Hallo,

werde den zweiten Teil der Überprüfung leider erst morgen machen können.

Superfish kommt auf jeder Seite und was mir noch aufgefallen ist das es auch am Netbook vorkommt was wir hier noch haben.

Dort ist aber weiter nichts drauf außer Chrome und avast Antivirus. Auf meinem anderen PC ist Kaspersky als Virenprogramm drauf und noch einige andere Programme.

Hab gerade auch nochmal gesucht und habe eine Info gefunden das es die Erweiterung IETab im Browser sein soll. Diese Erweiterung hatte ich drauf aber sie schon vor einiger Zeit deinstalliert.

Hallo,

so habe jetzt nochmal alles durchlaufen lassen und hier die Log Files...

adwcleaner...

Zitat:

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 12:37:56
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Jens - TOWER
# Boot Mode : Normal
# Running from : C:\Users\Jens\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\MarketPrecision
Key Deleted : HKLM\SOFTWARE\MarketPrecision

***** [Registre - GUID] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1103 octets] - [25/08/2012 11:32:53]
AdwCleaner[S1].txt - [992 octets] - [26/08/2012 12:37:56]

########## EOF - C:\AdwCleaner[S1].txt - [1119 octets] ##########

Anti Malware

Zitat:

Emsisoft Anti-Malware - Version 6.6
Letztes Update: 26.08.2012 12:52:12

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 26.08.2012 12:52:29

C:\Windows\Setup\SCRIPTS\w7ldr1 gefunden: HackTool.Win32.Gendows!E2

Gescannt 702462
Gefunden 1

Scan Ende: 26.08.2012 13:48:29
Scan Zeit: 0:56:00

C:\Windows\Setup\SCRIPTS\w7ldr1 Quarantäne HackTool.Win32.Gendows!E2

Quarantäne 1

Eine Sache wurde gefunden.....kann es das gewesen sein????

Gewesen ist es das leider auch nicht. Superfish wird immer noch geladen. Ist garantiert eine Chrome Erweiterung. Nur welche...???

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.*

%APPDATA%\*AcroIEH*.*

%APPDATA%\*.exe

%APPDATA%\*.tmp

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hier die OTL.txt

OTL Logfile:

Code:

OTL logfile created on: 29.08.2012 17:27:51 - Run 1

OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Jens\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 37,26% Memory free

4,00 Gb Paging File | 2,46 Gb Available in Paging File | 61,60% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 79,98 Gb Total Space | 37,46 Gb Free Space | 46,84% Space Free | Partition Type: NTFS

Drive D: | 152,81 Gb Total Space | 125,26 Gb Free Space | 81,97% Space Free | Partition Type: NTFS

Drive E: | 611,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: TOWER | User Name: Jens | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

PRC - [2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2012.08.14 10:52:28 | 001,014,624 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2012.07.25 10:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe

PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

PRC - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

PRC - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe

PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012.03.16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

MOD - [2012.03.16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll

MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll

MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll

MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll

MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll

MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll

MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012.08.26 17:11:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)

SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe -- (BotkindSyncService)

SRV - [2012.03.15 18:31:06 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)

SRV - [2012.03.15 18:31:06 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)

SRV - [2011.11.15 01:49:06 | 000,032,768 | ---- | M] (STRATO) [Auto | Running] -- C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe -- (STRATO HiDrive Service)

SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)

SRV - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)

SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012.03.16 11:05:36 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)

DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.02.16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)

DRV:64bit: - [2011.03.04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)

DRV:64bit: - [2011.03.04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)

DRV:64bit: - [2011.01.08 01:22:22 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)

DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)

DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)

DRV:64bit: - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)

DRV:64bit: - [2009.12.01 12:31:10 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)

DRV:64bit: - [2009.11.02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)

DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)

DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.06.03 00:58:24 | 000,507,392 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)

DRV:64bit: - [2009.06.02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)

DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)

DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;192.168.*.*

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]

 

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.de/ig

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},

CHR - homepage: hxxp://www.google.de/ig

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll

CHR - plugin: ProductName (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\miedgcmlgpmdagojnnbemlkgidepfjfi\0.9.8_0\plugin/NPIETab.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll

CHR - Extension: X-notifier (Gmail, Hotmail, Yahoo, AOL ...) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apebebenniibdlpbookhgelaghfnaonp\1.0.12_0\

CHR - Extension: Auto Copy = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg\2.1.1_0\

CHR - Extension: YouTube = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\

CHR - Extension: AdBlock = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_1\

CHR - Extension: LastPass = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.10_0\

CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\

CHR - Extension: goo.gl URL Shortener = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.2_0\

CHR - Extension: Shortcuts for Google Services = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\inkakoeaffjffaieeahkifojiiajanmb\1.1.5_0\

CHR - Extension: Windows Longhorn (Aero) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnibogjpmbdhgcnihcbbgemafibnmnam\2.23_0\

CHR - Extension: Unfriend Finder = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0\

CHR - Extension: IE Tab Classic = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\miedgcmlgpmdagojnnbemlkgidepfjfi\0.9.8_0\

CHR - Extension: stern.de = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\

CHR - Extension: Evernote Web Clipper = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.6_1\

CHR - Extension: Anti-Banner = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [BDAB9B7B072FC8EBB71FCF0C306C76E292E413CA._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [DeskDriveStartup] C:\Program Files (x86)\DeskDrive\DeskDrive.exe (Blue Onion Software)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Facebook Update] C:\Users\Jens\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Spotify Web Helper] C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk = C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)

O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk ()

O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk ()

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Domains: fritz.box ([]* in Lokales Intranet)

O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)

O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35BD144E-D9FE-4017-A8D9-46F30F7C6280}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57213BAC-F779-4BF3-9C7F-3441D0D3438E}: DhcpNameServer = 192.168.178.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012.05.24 09:04:44 | 000,000,050 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{4a93791f-d962-11e0-87d6-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{4a93791f-d962-11e0-87d6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdsetup.exe -- [2012.05.24 09:04:44 | 000,056,112 | R--- | M] ()

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell - "" = AutoRun

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell\AutoRun\command - "" = H:\pushinst.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -  - File not found

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: hpqSRMon - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: Nero MediaHome 4 - hkey= - key= - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)

MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {0e8d0700-75df-11d3-8b4a-0008c7450c4a} - LizardTech DjVu Activex Control

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.08.29 08:26:44 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

[2012.08.29 08:23:59 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{46350AFC-A9BA-4019-AC1B-06399F5C441B}

[2012.08.27 09:56:47 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{9FAD8A9A-DB81-4F42-83C0-D3975DCE9641}

[2012.08.26 12:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware

[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\Documents\Anti-Malware

[2012.08.26 10:07:19 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{DC949791-1FBA-4A04-A064-7B3C395F0E82}

[2012.08.25 10:05:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Malwarebytes

[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.08.25 10:05:01 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.08.25 10:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.08.25 09:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{25FEA537-BB74-4EFE-BFDF-E9F52B6131D9}

[2012.08.22 18:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Mozilla

[2012.08.22 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{98C6277F-21DB-4525-B69B-41F504468953}

[2012.08.21 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2012.08.21 19:47:45 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2012.08.21 19:47:45 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2012.08.21 19:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2012.08.21 19:23:27 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{3A2D6515-1088-4AEE-9DE3-23BB34F7B290}

[2012.08.20 19:51:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{ED2657A7-F39F-4AE9-BC92-8B0D2AFCE6F0}

[2012.08.16 14:47:12 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\GMail Drive

[2012.08.16 14:45:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt

[2012.08.16 14:45:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ShellExt

[2012.08.16 12:47:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{C3BA0D7B-935B-4332-A8D2-8F95337D156F}

[2012.08.16 12:47:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{0D709960-3D7E-48D3-9554-643EF656309C}

[2012.08.15 20:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

[2012.08.15 20:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote

[2012.08.15 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2012.08.15 13:26:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Secunia PSI

[2012.08.15 13:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia

[2012.08.15 13:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\YoWindow

[2012.08.15 13:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YoWindow

[2012.08.15 13:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YoWindow

[2012.08.15 12:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YoWindow

[2012.08.15 12:18:25 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FBAB629C-70E8-4E82-B2F5-051B0F7D227E}

[2012.08.15 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1C2983D9-8BD0-4D4A-A2F2-09CA52E1D2DB}

[2012.08.14 12:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{120E1B53-3E8A-439E-9FDB-88A9FCDF7620}

[2012.08.14 12:27:08 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{10A5DFF7-257C-4BF5-966A-FBA8C63A7D61}

[2012.08.13 14:59:03 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{B88C0121-B152-4C2C-9B45-445F8A406D12}

[2012.08.13 14:58:44 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{83E7DE35-5E31-4CFD-99E0-57B346922B9C}

[2012.08.05 20:58:35 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{5D6809A7-ABCB-4CF5-B384-A958B75ABE93}

[2012.08.05 20:58:13 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{E5063A18-8385-4D0D-BD5E-42D093777EA5}

[2012.08.05 08:57:46 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{F4336489-61B0-4BB5-B15D-12E83C63EAE7}

[2012.08.05 08:57:13 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{60BB3704-A5B8-485C-B9E0-E40011CE718D}

[2012.08.04 08:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FCED3F05-037A-40A7-A8EF-3B349C9E542D}

[2012.08.04 08:15:42 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{B1B34639-9519-420B-9434-B670CF39D115}

[2012.08.03 12:08:29 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{A34A0BD4-C452-4267-A670-262AB12AB9FE}

[2012.08.03 12:08:05 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{42C9932A-A0F6-4A23-BCA1-D6B948266465}

[2012.08.02 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\STRATO

[2012.08.02 09:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STRATO AG

[2012.08.02 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STRATO AG

[2012.08.02 09:32:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{3E8FB497-C8C6-4BA0-96CF-1CE316CB1C3B}

[2012.08.01 21:56:17 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Bitdreamers

[2012.08.01 21:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdreamers

[2012.08.01 21:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdreamers

[2012.08.01 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{55F85693-0ECE-4305-B71B-04BED09CF275}

[2012.08.01 21:31:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1578C826-B430-43D3-834B-810DDDA4D5FC}

[2012.07.31 09:47:41 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{D634424B-D367-45DE-B3C7-1C162E916220}

[2012.07.31 09:47:20 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{7E86B8B9-E5F3-4F24-9527-2684233CE4B9}

[2012.07.30 21:46:49 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FF24148F-80D2-4C11-8CC2-72E240AAF3BE}

[2012.07.30 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{EFA0A98A-CC2D-4A0A-A673-D1B0DC2BC7D3}

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.08.29 17:32:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.08.29 17:32:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.08.29 17:24:02 | 000,000,316 | ---- | M] () -- C:\Users\Jens\Desktop\Gainward_178 (E).lnk

[2012.08.29 17:22:21 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.08.29 17:20:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.08.29 17:20:31 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys

[2012.08.29 08:35:55 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job

[2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

[2012.08.27 09:54:28 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.08.26 17:07:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.08.26 16:35:02 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job

[2012.08.26 10:22:59 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.08.26 10:22:59 | 000,654,478 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.08.26 10:22:59 | 000,616,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.08.26 10:22:59 | 000,130,536 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.08.26 10:22:59 | 000,106,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.08.25 10:07:22 | 000,618,227 | ---- | M] () -- C:\Users\Jens\Desktop\adwcleaner.exe

[2012.08.25 09:39:01 | 000,412,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.08.22 21:01:48 | 000,001,013 | ---- | M] () -- C:\Users\Jens\Desktop\TimeComX.lnk

[2012.08.22 19:35:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job

[2012.08.22 19:35:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job

[2012.08.22 04:58:13 | 000,002,525 | ---- | M] () -- C:\Users\Jens\Desktop\Evernote.lnk

[2012.08.15 13:26:20 | 000,001,113 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2012.08.15 13:00:37 | 000,001,042 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk

[2012.08.02 11:11:51 | 000,001,442 | ---- | M] () -- C:\Users\Jens\Desktop\Dropbox.lnk

[2012.08.02 11:09:47 | 000,001,260 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk

[2012.08.02 09:49:39 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\STRATO HiDrive.lnk

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.08.29 17:24:02 | 000,000,316 | ---- | C] () -- C:\Users\Jens\Desktop\Gainward_178 (E).lnk

[2012.08.25 10:07:09 | 000,618,227 | ---- | C] () -- C:\Users\Jens\Desktop\adwcleaner.exe

[2012.08.25 09:38:52 | 000,412,568 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.08.22 04:58:13 | 000,002,525 | ---- | C] () -- C:\Users\Jens\Desktop\Evernote.lnk

[2012.08.21 19:48:45 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2012.08.21 19:46:14 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2012.08.15 13:34:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012.08.15 13:26:20 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2012.08.15 13:26:20 | 000,001,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

[2012.08.15 13:00:37 | 000,001,042 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk

[2012.08.02 11:11:51 | 000,001,442 | ---- | C] () -- C:\Users\Jens\Desktop\Dropbox.lnk

[2012.08.02 11:09:46 | 000,001,260 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk

[2012.08.02 09:49:39 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\STRATO HiDrive.lnk

[2012.08.01 21:56:10 | 000,001,013 | ---- | C] () -- C:\Users\Jens\Desktop\TimeComX.lnk

[2012.05.24 09:04:44 | 000,007,800 | ---- | C] () -- C:\Windows\cadx2.ini

[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.03.18 19:59:54 | 000,012,754 | ---- | C] () -- C:\ProgramData\mxnhytee.feu

[2012.03.16 11:08:34 | 000,017,408 | ---- | C] () -- C:\Users\Jens\AppData\Local\WebpageIcons.db

[2011.11.13 17:13:15 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll

[2011.11.13 17:13:15 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl

[2011.11.13 17:12:49 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini

[2011.11.13 17:12:49 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg

[2011.11.13 17:12:49 | 000,000,222 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi

[2011.10.17 11:28:43 | 000,007,606 | ---- | C] () -- C:\Users\Jens\AppData\Local\Resmon.ResmonCfg

[2011.10.02 14:04:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011.09.10 08:27:04 | 000,000,680 | RHS- | C] () -- C:\Users\Jens\ntuser.pol

 
 ========== LOP Check ==========

 

[2012.03.07 17:47:38 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Motorola

[2011.09.18 14:24:01 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Rovio

[2011.11.12 18:13:26 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\TuneUp Software

[2012.06.17 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\.kde

[2012.08.01 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Bitdreamers

[2011.09.16 12:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Canneverbe Limited

[2012.04.10 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\COMPUTERBILD Cloud

[2012.08.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox

[2011.09.10 09:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Engelmann Media

[2012.07.05 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\EPSON

[2011.09.28 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!

[2011.09.27 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2012.07.10 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Miranda

[2011.12.29 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Motorola

[2012.08.26 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mp3tag

[2011.09.10 08:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\NetSpeedMonitor

[2011.09.18 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Rovio

[2012.03.28 10:44:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\S.A.D

[2012.08.25 10:01:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Spotify

[2012.08.02 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\STRATO

[2011.10.14 22:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\TuneUp Software

[2012.03.23 17:41:44 | 000,000,000 | -HSD | M] -- C:\Users\Jens\AppData\Roaming\wyUpdate AU

[2011.10.09 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\XMedia Recode

[2012.08.15 13:01:40 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\YoWindow

[2012.08.22 19:35:01 | 000,001,112 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job

[2012.08.26 16:35:02 | 000,001,134 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job

[2012.06.13 08:04:58 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.06.17 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\.kde

[2011.11.16 10:00:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Adobe

[2012.08.01 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Bitdreamers

[2011.09.16 12:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Canneverbe Limited

[2012.04.10 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\COMPUTERBILD Cloud

[2011.10.09 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\DivX

[2012.08.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox

[2011.09.10 09:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Engelmann Media

[2012.07.05 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\EPSON

[2011.09.28 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!

[2011.09.27 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2011.09.14 10:19:14 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Google

[2011.10.24 11:14:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\HP

[2011.09.09 17:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Identities

[2011.10.24 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\InstallShield

[2012.03.28 07:19:16 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Logitech

[2011.09.09 18:46:46 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Macromedia

[2012.08.25 10:05:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Malwarebytes

[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Media Center Programs

[2012.05.01 23:31:23 | 000,000,000 | --SD | M] -- C:\Users\Jens\AppData\Roaming\Microsoft

[2012.07.10 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Miranda

[2011.12.29 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Motorola

[2012.08.22 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mozilla

[2012.08.26 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mp3tag

[2012.01.15 18:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Nero

[2011.09.10 08:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\NetSpeedMonitor

[2011.09.18 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Rovio

[2012.03.28 10:44:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\S.A.D

[2012.08.25 10:01:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Spotify

[2012.08.02 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\STRATO

[2012.03.30 18:19:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\tor

[2011.10.14 22:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\TuneUp Software

[2012.08.03 21:21:42 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\vlc

[2011.09.11 15:28:47 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\WinRAR

[2012.03.23 17:41:44 | 000,000,000 | -HSD | M] -- C:\Users\Jens\AppData\Roaming\wyUpdate AU

[2011.10.09 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\XMedia Recode

[2011.10.22 12:25:02 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Yahoo!

[2012.08.15 13:01:40 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\YoWindow

 
 < %APPDATA%\*.exe /s >

[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2012.05.12 10:47:36 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Jens\AppData\Roaming\Spotify\spotify.exe

[2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.* >

[2012.07.12 04:54:17 | 000,000,174 | -HS- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

[2012.05.04 11:37:45 | 000,001,134 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

[2012.08.02 11:09:47 | 000,001,260 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk

[2012.08.15 13:00:37 | 000,001,042 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk

 
 < %APPDATA%\*AcroIEH*.* >

 
 < %APPDATA%\*.exe >

 
 < %APPDATA%\*.tmp >

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
 

< End of report >

--- --- ---

So, auch das habe ich gemacht und es wurden 39 TrackingCokies und 1 Critical... gefunden.

Habe alles löschen lassen und den Rechner neu gestartet.

Superfish ist immer noch da.....

Wo ist das Log?

NEU LADEN!
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Das Log habe ich doch glatt vergessen.

Hier das Log von SuperAntiSpyware

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 08/30/2012 at 10:45 AM
 

Application Version : 5.5.1012
 

Core Rules Database Version : 9149

Trace Rules Database Version: 6961
 

Scan type       : Complete Scan

Total Scan Time : 02:02:42
 

Operating System Information

Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Administrator
 

Memory items scanned      : 777

Memory threats detected   : 0

Registry items scanned    : 74493

Registry threats detected : 0

File items scanned        : 129474

File threats detected     : 40
 

Trojan.Agent/Gen-Yoddos

        C:\PROGRAM FILES\WINRAR\DEFAULT.SFX
 

Adware.Tracking Cookie

        .doubleclick.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .xiti.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .aok.122.2o7.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .superrtl.122.2o7.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .ad.adnet.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.googleadservices.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.etracker.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.googleadservices.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .c.atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .c.atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .apmebf.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .apmebf.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .fastclick.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .ad.adnet.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .statcounter.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        mediaservice.mirror-image.com [ C:\USERS\CHARLINE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YHCXU6S8 ]

        .xiti.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .histats.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .histats.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .e-2dj6wjkooncjocq.stats.esomniture.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        wstat.wibiya.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .doubleclick.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .autoscout24.112.2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        accounts.google.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        accounts.google.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .stats.paypal.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .paypal.112.2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.etracker.de [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        in.getclicky.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ADW Cleaner lasse ich gleich nochmal laufen.

Hier der ADW Cleaner Log

Zitat:

# AdwCleaner v2.000 - Datei am 08/31/2012 um 09:19:55 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Jens - TOWER
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jens\Desktop\adwcleaner (1).exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

***** [Registrierungsdatenbank] *****

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1103 octets] - [25/08/2012 11:32:53]
AdwCleaner[S1].txt - [1120 octets] - [26/08/2012 12:37:56]
AdwCleaner[R2].txt - [1103 octets] - [31/08/2012 09:17:29]
AdwCleaner[R3].txt - [1164 octets] - [31/08/2012 09:18:11]
AdwCleaner[R4].txt - [1095 octets] - [31/08/2012 09:19:55]

########## EOF - C:\AdwCleaner[R4].txt - [1155 octets] ##########

Scan mit SystemLook

Hiermit prüfe ich, ob für diese Infektion übliche Einträge noch vorhanden sind. Das Tool ändert nichts, wirft mir nur die nötigen Infos aus.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop (falls noch nicht vorhanden).

Download Mirror #1

User mit 64Bit-Windows-Versionen benutzen diese Version => http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Doppelklick auf die SystemLook.exe, um das Tool zu starten.
Vista- und Windows 7-User unbedingt mit Rechtsklick und als Administrator starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

:regfind superfish :folderfind superfish :filefind superfish
Klicke nun auf den Button Look, um den Scan zu starten.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, diese hier in den Thread posten.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Hi, so das ganze ist nun auch fertig und es wurde tatsächlich was gefunden.

Zitat:

SystemLook 30.07.11 by jpshortstuff
Log created at 16:50 on 01/09/2012 by Jens
Administrator - Elevation successful

========== regfind ==========

Searching for "superfish"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
"DllName"="SuperfishIEAddon.dll;SuperfishIEAddon.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
"DllName"="SuperfishIEAddon.dll;SuperfishIEAddon.dll"

========== folderfind ==========

Searching for "superfish"
No folders found.

========== filefind ==========

Searching for "superfish"
No files found.

Searching for " "
No files found.

-= EOF =-

Kann ich diese dll´s jetzt einfach löschen??? Die scheinen ja zu einem Browser AddOn zu gehören welches ich aber nicht mehr nutze....

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.

Code:

:OTL

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

"DllName"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

"DllName"=-
 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

In deinem Text steht das der Fix mit :OTL anfängt. Wo muss das denn stehen denn in der Code Box die ich kopieren soll steht das nicht mit drin.

Sorry, fuer die Verwirrung.
Fix angepasst ;)

Hier das Log File

Code:

========== OTL ==========

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\\DllName deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\\DllName not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.

 

OTL by OldTimer - Version 3.2.59.1 log created on 09082012_114722

Sehr gut! :daumenhoc

was macht der Fish? ;)

Scan mit SystemLook

Hiermit prüfe ich, ob für diese Infektion übliche Einträge noch vorhanden sind. Das Tool ändert nichts, wirft mir nur die nötigen Infos aus.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop (falls noch nicht vorhanden).

Download Mirror #1

User mit 64Bit-Windows-Versionen benutzen diese Version => http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Doppelklick auf die SystemLook.exe, um das Tool zu starten.
Vista- und Windows 7-User unbedingt mit Rechtsklick und als Administrator starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

:regfind superfish :folderfind superfish :filefind superfish
Klicke nun auf den Button Look, um den Scan zu starten.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, diese hier in den Thread posten.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Leider taucht der superfish immer noch auf und SystemLook hat das rausgeworfen

Code:

SystemLook 30.07.11 by jpshortstuff

Log created at 18:19 on 09/09/2012 by Jens

Administrator - Elevation successful
 

========== regfind ==========
 

Searching for "superfish"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

"DllName"="SuperfishIEAddon.dll;SuperfishIEAddon.dll"
 

========== folderfind ==========
 

Searching for "superfish"

No folders found.
 

========== filefind ==========
 

Searching for "superfish"

No files found.
 

Searching for "         "

No files found.
 

-= EOF =-

so ein Hund :)

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

SuperfishIEAddon.dll

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.*

%APPDATA%\*AcroIEH*.*

%APPDATA%\*.exe

%APPDATA%\*.tmp

{74F475FA-6C75-43BD-AAB9-ECDA6184F600} /RS

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hier die OTL.txt

OTL Logfile:

Code:

OTL logfile created on: 10.09.2012 18:27:40 - Run 2

OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Jens\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 43,11% Memory free

4,00 Gb Paging File | 2,53 Gb Available in Paging File | 63,34% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 79,98 Gb Total Space | 31,45 Gb Free Space | 39,32% Space Free | Partition Type: NTFS

Drive D: | 152,81 Gb Total Space | 121,38 Gb Free Space | 79,44% Space Free | Partition Type: NTFS

 

Computer Name: TOWER | User Name: Jens | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.08.30 08:38:47 | 001,193,176 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012.08.30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

PRC - [2012.08.14 10:52:28 | 001,014,624 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2012.07.25 10:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2012.07.20 15:17:14 | 012,218,904 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe

PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe

PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

PRC - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

PRC - [2010.11.20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

PRC - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe

PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.08.30 08:38:47 | 001,193,176 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012.03.16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

MOD - [2012.03.16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll

MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll

MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll

MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll

MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll

MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll

MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012.08.26 17:11:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)

SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe -- (BotkindSyncService)

SRV - [2012.03.15 18:31:06 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)

SRV - [2012.03.15 18:31:06 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)

SRV - [2011.11.15 01:49:06 | 000,032,768 | ---- | M] (STRATO) [Auto | Stopped] -- C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe -- (STRATO HiDrive Service)

SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)

SRV - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)

SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.07.30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012.03.16 11:05:36 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)

DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.11.25 00:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)

DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)

DRV:64bit: - [2011.03.04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)

DRV:64bit: - [2011.03.04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)

DRV:64bit: - [2011.01.08 01:22:22 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)

DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)

DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)

DRV:64bit: - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)

DRV:64bit: - [2009.12.01 12:31:10 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)

DRV:64bit: - [2009.11.02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)

DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)

DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.06.03 00:58:24 | 000,507,392 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)

DRV:64bit: - [2009.06.02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)

DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)

DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;192.168.*.*

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118

 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll (Facebook, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.09.04 08:48:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.09.04 08:48:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.09.04 08:48:19 | 000,000,000 | ---D | M]

 

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.de/ig

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},

CHR - homepage: hxxp://www.google.de/ig

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll

CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll

CHR - Extension: X-notifier (Gmail, Hotmail, Yahoo, AOL ...) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apebebenniibdlpbookhgelaghfnaonp\1.0.12_0\

CHR - Extension: Brushed = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\

CHR - Extension: Auto Copy = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg\2.1.1_0\

CHR - Extension: YouTube = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\

CHR - Extension: AdBlock = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\

CHR - Extension: LastPass = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.10_0\

CHR - Extension: goo.gl URL Shortener = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.2_0\

CHR - Extension: Shortcuts for Google Services = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\inkakoeaffjffaieeahkifojiiajanmb\1.1.5_0\

CHR - Extension: Virtuelle Tastatur = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\

CHR - Extension: stern.de = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\

CHR - Extension: Evernote Web Clipper = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.7_0\

CHR - Extension: Anti-Banner = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [BDAB9B7B072FC8EBB71FCF0C306C76E292E413CA._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [DeskDriveStartup] C:\Program Files (x86)\DeskDrive\DeskDrive.exe (Blue Onion Software)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Facebook Update] C:\Users\Jens\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Spotify Web Helper] C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk = C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()

O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)

O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)

O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk ()

O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk ()

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Domains: fritz.box ([]* in Lokales Intranet)

O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35BD144E-D9FE-4017-A8D9-46F30F7C6280}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57213BAC-F779-4BF3-9C7F-3441D0D3438E}: DhcpNameServer = 192.168.178.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell - "" = AutoRun

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell\AutoRun\command - "" = H:\pushinst.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -  - File not found

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: hpqSRMon - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: Nero MediaHome 4 - hkey= - key= - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)

MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {0e8d0700-75df-11d3-8b4a-0008c7450c4a} - LizardTech DjVu Activex Control

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.09.10 18:22:40 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{71EC614F-D7B3-46A9-A4CE-02743689D553}

[2012.09.09 17:59:44 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{DAA865A9-830A-48AB-AA24-71A8927DFB67}

[2012.09.08 11:47:22 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.09.08 10:37:10 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook

[2012.09.08 10:23:37 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{DC44E683-D968-42BF-BAB6-A6619F83C99A}

[2012.09.07 00:01:56 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{2AE53CCE-8345-4F63-8B3A-F7DEE012FF5C}

[2012.09.06 23:17:30 | 000,015,360 | ---- | C] (June Fabrics Technology Inc.) -- C:\Windows\SysNative\drivers\pneteth.sys

[2012.09.06 23:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for Android

[2012.09.06 23:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android

[2012.09.06 12:25:41 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit

[2012.09.06 12:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WugFresh Development

[2012.09.06 12:01:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{78AB672D-C6FD-4900-9E5A-779935797CB4}

[2012.09.05 12:10:36 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{29ED3956-3AFC-4B8E-9E96-18008F1D0CFF}

[2012.09.04 20:28:54 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{E27BF153-9336-42FF-9CEF-769CAE71CB94}

[2012.09.04 13:21:25 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\dvdcss

[2012.09.04 08:36:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012.09.04 08:36:17 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012.09.04 08:36:01 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012.09.04 08:36:01 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012.09.04 08:36:01 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012.09.04 08:28:24 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{F9B9B277-F7CC-468F-AA88-69FA43617CE5}

[2012.09.03 12:18:00 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{4B5F3432-49A4-4A92-85C2-0EB41D24930D}

[2012.09.01 16:24:29 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{ABDE3817-3E6E-4187-805C-21F341CC4AD8}

[2012.08.31 09:08:03 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{E1B8CBB2-9EBF-40A2-A01D-3BC73E21B3A7}

[2012.08.30 08:37:33 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\SUPERAntiSpyware.com

[2012.08.30 08:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012.08.30 08:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2012.08.30 08:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2012.08.30 08:31:15 | 018,720,152 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Jens\Desktop\SUPERAntiSpyware.exe

[2012.08.30 08:22:45 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1350F1DE-BD11-41C5-9646-80F4EB57D12F}

[2012.08.29 08:26:44 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

[2012.08.29 08:23:59 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{46350AFC-A9BA-4019-AC1B-06399F5C441B}

[2012.08.27 09:56:47 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{9FAD8A9A-DB81-4F42-83C0-D3975DCE9641}

[2012.08.26 12:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware

[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\Documents\Anti-Malware

[2012.08.26 10:07:19 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{DC949791-1FBA-4A04-A064-7B3C395F0E82}

[2012.08.25 10:05:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Malwarebytes

[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.08.25 10:05:01 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.08.25 10:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.08.25 09:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{25FEA537-BB74-4EFE-BFDF-E9F52B6131D9}

[2012.08.22 18:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Mozilla

[2012.08.22 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{98C6277F-21DB-4525-B69B-41F504468953}

[2012.08.21 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2012.08.21 19:48:45 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2012.08.21 19:48:45 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2012.08.21 19:48:45 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2012.08.21 19:48:45 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2012.08.21 19:48:45 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2012.08.21 19:47:45 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2012.08.21 19:47:45 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2012.08.21 19:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2012.08.21 19:46:15 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2012.08.21 19:46:15 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2012.08.21 19:46:15 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2012.08.21 19:46:14 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2012.08.21 19:46:14 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2012.08.21 19:46:14 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2012.08.21 19:46:14 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2012.08.21 19:46:14 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2012.08.21 19:46:14 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2012.08.21 19:46:14 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2012.08.21 19:46:14 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2012.08.21 19:46:14 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2012.08.21 19:46:14 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2012.08.21 19:46:14 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2012.08.21 19:46:14 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2012.08.21 19:46:14 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll

[2012.08.21 19:46:14 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll

[2012.08.21 19:46:14 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2012.08.21 19:46:14 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2012.08.21 19:46:14 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll

[2012.08.21 19:46:14 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll

[2012.08.21 19:46:14 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2012.08.21 19:46:14 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2012.08.21 19:46:12 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2012.08.21 19:46:12 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2012.08.21 19:46:12 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2012.08.21 19:46:12 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2012.08.21 19:43:38 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll

[2012.08.21 19:43:38 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll

[2012.08.21 19:43:38 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll

[2012.08.21 19:43:37 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll

[2012.08.21 19:43:37 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll

[2012.08.21 19:23:27 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{3A2D6515-1088-4AEE-9DE3-23BB34F7B290}

[2012.08.20 19:51:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{ED2657A7-F39F-4AE9-BC92-8B0D2AFCE6F0}

[2012.08.16 14:47:12 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\GMail Drive

[2012.08.16 14:45:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt

[2012.08.16 14:45:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ShellExt

[2012.08.16 12:47:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{C3BA0D7B-935B-4332-A8D2-8F95337D156F}

[2012.08.16 12:47:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{0D709960-3D7E-48D3-9554-643EF656309C}

[2012.08.15 20:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

[2012.08.15 20:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote

[2012.08.15 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2012.08.15 13:26:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Secunia PSI

[2012.08.15 13:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia

[2012.08.15 13:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\YoWindow

[2012.08.15 12:27:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.08.15 12:27:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.08.15 12:27:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.08.15 12:27:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.08.15 12:27:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.08.15 12:27:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.08.15 12:27:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.08.15 12:27:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.08.15 12:27:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.08.15 12:27:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.08.15 12:27:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.08.15 12:27:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.08.15 12:27:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.08.15 12:24:33 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2012.08.15 12:24:31 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2012.08.15 12:24:31 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2012.08.15 12:24:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe

[2012.08.15 12:24:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll

[2012.08.15 12:24:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll

[2012.08.15 12:24:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll

[2012.08.15 12:24:22 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

[2012.08.15 12:18:25 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FBAB629C-70E8-4E82-B2F5-051B0F7D227E}

[2012.08.15 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1C2983D9-8BD0-4D4A-A2F2-09CA52E1D2DB}

[2012.08.14 12:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{120E1B53-3E8A-439E-9FDB-88A9FCDF7620}

[2012.08.14 12:27:08 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{10A5DFF7-257C-4BF5-966A-FBA8C63A7D61}

[2012.08.13 14:59:03 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{B88C0121-B152-4C2C-9B45-445F8A406D12}

[2012.08.13 14:58:44 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{83E7DE35-5E31-4CFD-99E0-57B346922B9C}

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.09.10 18:35:08 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job

[2012.09.10 18:33:14 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.09.10 18:33:14 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.09.10 18:21:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.09.10 18:21:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.09.10 18:21:04 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys

[2012.09.09 19:07:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.09.09 18:11:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.09.08 13:35:02 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job

[2012.09.07 00:37:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a85909d9-bb36-4a34-a2e3-db853af4d57d.job

[2012.09.04 19:35:03 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job

[2012.09.04 19:35:03 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job

[2012.09.04 08:35:54 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012.09.04 08:35:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012.09.04 08:35:53 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2012.09.04 08:35:53 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012.09.04 08:35:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012.09.04 08:35:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012.09.01 16:42:31 | 000,165,376 | ---- | M] () -- C:\Users\Jens\Desktop\SystemLook_x64.exe

[2012.08.31 09:16:07 | 000,511,265 | ---- | M] () -- C:\Users\Jens\Desktop\adwcleaner (1).exe

[2012.08.30 15:29:02 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task bd6f88a2-f48a-44e2-8ca6-69f52e1d5c40.job

[2012.08.30 08:31:51 | 018,720,152 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Jens\Desktop\SUPERAntiSpyware.exe

[2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe

[2012.08.26 17:11:43 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.08.26 17:11:43 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.08.26 10:22:59 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.08.26 10:22:59 | 000,654,478 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.08.26 10:22:59 | 000,616,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.08.26 10:22:59 | 000,130,536 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.08.26 10:22:59 | 000,106,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.08.25 09:39:01 | 000,412,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.08.22 21:01:48 | 000,001,013 | ---- | M] () -- C:\Users\Jens\Desktop\TimeComX.lnk

[2012.08.22 04:58:13 | 000,002,525 | ---- | M] () -- C:\Users\Jens\Desktop\Evernote.lnk

[2012.08.15 13:26:20 | 000,001,113 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.09.01 16:42:36 | 000,165,376 | ---- | C] () -- C:\Users\Jens\Desktop\SystemLook_x64.exe

[2012.08.31 09:16:25 | 000,511,265 | ---- | C] () -- C:\Users\Jens\Desktop\adwcleaner (1).exe

[2012.08.30 08:37:49 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a85909d9-bb36-4a34-a2e3-db853af4d57d.job

[2012.08.30 08:37:48 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task bd6f88a2-f48a-44e2-8ca6-69f52e1d5c40.job

[2012.08.25 09:38:52 | 000,412,568 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.08.22 04:58:13 | 000,002,525 | ---- | C] () -- C:\Users\Jens\Desktop\Evernote.lnk

[2012.08.21 19:48:45 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2012.08.21 19:46:14 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2012.08.15 13:34:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012.08.15 13:26:20 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

[2012.08.15 13:26:20 | 000,001,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

[2012.05.24 09:04:44 | 000,007,800 | ---- | C] () -- C:\Windows\cadx2.ini

[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.03.18 19:59:54 | 000,012,754 | ---- | C] () -- C:\ProgramData\mxnhytee.feu

[2012.03.16 11:08:34 | 000,017,408 | ---- | C] () -- C:\Users\Jens\AppData\Local\WebpageIcons.db

[2011.11.13 17:13:15 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll

[2011.11.13 17:13:15 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl

[2011.11.13 17:12:49 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini

[2011.11.13 17:12:49 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg

[2011.11.13 17:12:49 | 000,000,222 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi

[2011.10.17 11:28:43 | 000,007,606 | ---- | C] () -- C:\Users\Jens\AppData\Local\Resmon.ResmonCfg

[2011.10.02 14:04:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011.09.10 08:27:04 | 000,000,680 | RHS- | C] () -- C:\Users\Jens\ntuser.pol

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.06.17 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\.kde

[2011.11.16 10:00:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Adobe

[2012.08.01 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Bitdreamers

[2011.09.16 12:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Canneverbe Limited

[2012.04.10 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\COMPUTERBILD Cloud

[2011.10.09 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\DivX

[2012.08.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox

[2012.09.04 13:21:45 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\dvdcss

[2011.09.10 09:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Engelmann Media

[2012.07.05 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\EPSON

[2011.09.28 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!

[2011.09.27 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2011.09.14 10:19:14 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Google

[2011.10.24 11:14:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\HP

[2011.09.09 17:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Identities

[2011.10.24 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\InstallShield

[2012.03.28 07:19:16 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Logitech

[2011.09.09 18:46:46 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Macromedia

[2012.08.25 10:05:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Malwarebytes

[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Media Center Programs

[2012.05.01 23:31:23 | 000,000,000 | --SD | M] -- C:\Users\Jens\AppData\Roaming\Microsoft

[2012.07.10 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Miranda

[2011.12.29 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Motorola

[2012.08.22 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mozilla

[2012.08.26 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mp3tag

[2012.01.15 18:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Nero

[2011.09.10 08:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\NetSpeedMonitor

[2011.09.18 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Rovio

[2012.03.28 10:44:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\S.A.D

[2012.09.05 13:40:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Spotify

[2012.08.02 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\STRATO

[2012.08.30 08:37:33 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\SUPERAntiSpyware.com

[2012.03.30 18:19:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\tor

[2011.10.14 22:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\TuneUp Software

[2012.09.04 16:21:54 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\vlc

[2011.09.11 15:28:47 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\WinRAR

[2012.03.23 17:41:44 | 000,000,000 | -HSD | M] -- C:\Users\Jens\AppData\Roaming\wyUpdate AU

[2011.10.09 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\XMedia Recode

[2011.10.22 12:25:02 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Yahoo!

[2012.08.30 08:24:10 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\YoWindow

 
 < %APPDATA%\*.exe /s >

[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2012.08.30 08:38:48 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\Jens\AppData\Roaming\Spotify\spotify.exe

[2012.08.30 08:38:48 | 000,114,904 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\SpotifyLauncher.exe

[2012.08.30 08:38:47 | 001,193,176 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.* >

[2012.07.12 04:54:17 | 000,000,174 | -HS- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

[2012.05.04 11:37:45 | 000,001,134 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

[2012.08.02 11:09:47 | 000,001,260 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk

 
 < %APPDATA%\*AcroIEH*.* >

 
 < %APPDATA%\*.exe >

 
 < %APPDATA%\*.tmp >

 
 < {74F475FA-6C75-43BD-AAB9-ECDA6184F600} /RS >

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
 

< End of report >

--- --- ---

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.

Code:

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;192.168.*.* 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118 

IE - HKU\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found 

CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ 

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 

O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 

O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found 

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.) 

O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) 

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2) 

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 

O32 - HKLM CDRom: AutoRun - 1 

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell - "" = AutoRun 

O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell\AutoRun\command - "" = H:\pushinst.exe 

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () 
 

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] 

 

@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1 
 

:reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]

"DllName"=-
 

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
 

:Files
 

C:\ProgramData\*.exe

C:\ProgramData\TEMP

C:\Users\Jens\AppData\Local\{*}

C:\Users\Jens\AppData\Local\Temp\*.exe

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

ipconfig /flushdns /c

:Commands

[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hier der LOG. Superfish ist immer noch da.....zu sehen wenn ich die Trojaner-Board Seite aufrufe....weiß der Teufel was das ist.

Code:

All processes killed

========== OTL ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKU\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!

HKU\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\zh-Hant folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\zh folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\vi folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\tr folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\sv folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\sr-Latn folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\sr-Cyrl folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\sr folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\ru folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\ro folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\pt-BR folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\pt folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\pl folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\nl folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\nb folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\lv folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\lt folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\ko folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\kk folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\ja folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\it folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\id folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\hu folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\fr folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\fi folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\fa folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\et folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\es-MX folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\es folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\en folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\el folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\de folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\da folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\cs folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\bg folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales\ar folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\_locales folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\images folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\content_scripts folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\background folder moved successfully.

C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0 folder moved successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.

Registry value HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_USERS\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a864a12c-3ec5-11e1-829c-001e90f5448d}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a864a12c-3ec5-11e1-829c-001e90f5448d}\ not found.

File H:\pushinst.exe not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DivXUpdate\ not found.

C:\Windows\SysNative\SET1707.tmp deleted successfully.

C:\Windows\SysNative\SETEBE9.tmp deleted successfully.

ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ not found.

========== FILES ==========

File\Folder C:\ProgramData\*.exe not found.

C:\ProgramData\TEMP folder moved successfully.

C:\Users\Jens\AppData\Local\{001FF3BE-D84F-4121-A621-916722D8EAEE} folder moved successfully.

C:\Users\Jens\AppData\Local\{0058524C-9071-40FE-A393-A2C0F938C049} folder moved successfully.

C:\Users\Jens\AppData\Local\{0084CB98-D152-4CF1-9841-3609C4A1A7BC} folder moved successfully.

C:\Users\Jens\AppData\Local\{00CB94BD-A8CE-4D50-BC29-BB4FA810EE46} folder moved successfully.

C:\Users\Jens\AppData\Local\{01865C64-D4D6-4787-BF44-4BA252A5E903} folder moved successfully.

C:\Users\Jens\AppData\Local\{01C8FED0-9366-4CA3-A2E9-D37F61ED0437} folder moved successfully.

C:\Users\Jens\AppData\Local\{021B21E3-B7A5-4DC9-A1F8-66EA7C5D884C} folder moved successfully.

C:\Users\Jens\AppData\Local\{02CB3699-76DB-4CD7-9457-F333C3AF34B5} folder moved successfully.

C:\Users\Jens\AppData\Local\{02F7FBFE-5AE0-40DD-9CD5-8EA5AC769D42} folder moved successfully.

C:\Users\Jens\AppData\Local\{03A4C39C-664D-4B7E-809F-1889DA72DB08} folder moved successfully.

C:\Users\Jens\AppData\Local\{03A77AA0-1889-4282-A297-E05ECF86F376} folder moved successfully.

C:\Users\Jens\AppData\Local\{03EA2C8E-9B08-4810-A22F-B172C552F87A} folder moved successfully.

C:\Users\Jens\AppData\Local\{05349CBA-51A5-47CD-B333-E6A55876B25B} folder moved successfully.

C:\Users\Jens\AppData\Local\{066BECAA-433E-418C-AE51-6976EF624948} folder moved successfully.

C:\Users\Jens\AppData\Local\{06CCD503-1655-4ED2-9205-84E6D925F3E0} folder moved successfully.

C:\Users\Jens\AppData\Local\{08E7E5BC-3FD5-4D18-A675-8DA33454776C} folder moved successfully.

C:\Users\Jens\AppData\Local\{095F8934-A3A6-48D7-82F3-3DE76364EF28} folder moved successfully.

C:\Users\Jens\AppData\Local\{09C22764-D6ED-4A11-960E-03BBF53CCD4E} folder moved successfully.

C:\Users\Jens\AppData\Local\{0BABBD2B-AF99-4FE1-BCFC-505669E63690} folder moved successfully.

C:\Users\Jens\AppData\Local\{0C124614-8F93-4439-993B-9B97EE42D8ED} folder moved successfully.

C:\Users\Jens\AppData\Local\{0C7E5DBA-599C-4EC5-A8BA-8CFC8216A1E5} folder moved successfully.

C:\Users\Jens\AppData\Local\{0CD7A16A-0321-4A32-9F84-3483533E19D8} folder moved successfully.

C:\Users\Jens\AppData\Local\{0CEDC3CA-3BD4-47E9-9D19-3189AC1172AB} folder moved successfully.

C:\Users\Jens\AppData\Local\{0D342983-6D2B-4E4A-A666-36312D132C28} folder moved successfully.

C:\Users\Jens\AppData\Local\{0D709960-3D7E-48D3-9554-643EF656309C} folder moved successfully.

C:\Users\Jens\AppData\Local\{0D83A101-7729-4927-BC72-B5E39AB36B3D} folder moved successfully.

C:\Users\Jens\AppData\Local\{0DAA19D2-9F0D-4613-8F3E-5BE7C97EA567} folder moved successfully.

C:\Users\Jens\AppData\Local\{0DC0FABB-D2F7-4025-929A-3CDF49D9F9DE} folder moved successfully.

C:\Users\Jens\AppData\Local\{0DEC1B92-98EB-4A77-A89A-E443F0C62245} folder moved successfully.

C:\Users\Jens\AppData\Local\{0E1CE501-7F76-41EE-8884-870FB8BE26CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{0FA87188-6CD1-44C2-B619-1C88FAD084D1} folder moved successfully.

C:\Users\Jens\AppData\Local\{0FAF5F3A-44AD-42F7-B2BD-4012EF9A87DA} folder moved successfully.

C:\Users\Jens\AppData\Local\{0FB205D3-47C4-4500-B449-62D1635AB931} folder moved successfully.

C:\Users\Jens\AppData\Local\{0FE94930-BD33-4B4B-A744-36897B80EA29} folder moved successfully.

C:\Users\Jens\AppData\Local\{109B3907-6AF1-4E69-A7D5-99327D376320} folder moved successfully.

C:\Users\Jens\AppData\Local\{10A5DFF7-257C-4BF5-966A-FBA8C63A7D61} folder moved successfully.

C:\Users\Jens\AppData\Local\{10D1419C-D523-4C40-88F6-7386B5765D9A} folder moved successfully.

C:\Users\Jens\AppData\Local\{11160445-5C8C-424A-AF32-4A26000B50DC} folder moved successfully.

C:\Users\Jens\AppData\Local\{113A9297-4391-44E0-BFDD-073918634951} folder moved successfully.

C:\Users\Jens\AppData\Local\{11652CF1-34BF-4929-BCEC-510B9B9D900F} folder moved successfully.

C:\Users\Jens\AppData\Local\{118D2CC0-B6EE-4F1E-94C6-DB353DDFE395} folder moved successfully.

C:\Users\Jens\AppData\Local\{120E1B53-3E8A-439E-9FDB-88A9FCDF7620} folder moved successfully.

C:\Users\Jens\AppData\Local\{1237742D-DF4A-4DB1-B087-2AD2B3B6032A} folder moved successfully.

C:\Users\Jens\AppData\Local\{1350F1DE-BD11-41C5-9646-80F4EB57D12F} folder moved successfully.

C:\Users\Jens\AppData\Local\{135A9E42-45E9-442C-9D27-CB6261A60B77} folder moved successfully.

C:\Users\Jens\AppData\Local\{1371CF72-AB46-4B47-9137-937AFD49011A} folder moved successfully.

C:\Users\Jens\AppData\Local\{1380DDC8-0877-4C9B-9BDD-7569AABC7673} folder moved successfully.

C:\Users\Jens\AppData\Local\{142AE2A9-8393-4B5D-BDBA-EBB6C26F19C8} folder moved successfully.

C:\Users\Jens\AppData\Local\{145A84A3-1044-4753-A923-93CFF95524EE} folder moved successfully.

C:\Users\Jens\AppData\Local\{14D585FC-AF1B-4862-92E8-2224D77B58CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{15780AEA-6037-4829-AD52-1B3B67C69560} folder moved successfully.

C:\Users\Jens\AppData\Local\{1578C826-B430-43D3-834B-810DDDA4D5FC} folder moved successfully.

C:\Users\Jens\AppData\Local\{15C2B359-C305-49BD-8541-405A3E225776} folder moved successfully.

C:\Users\Jens\AppData\Local\{15E8F307-D7EB-4422-9FF5-AB5E4B122A4B} folder moved successfully.

C:\Users\Jens\AppData\Local\{16D2C45E-2DC0-48C5-BD34-418DF9E2CC02} folder moved successfully.

C:\Users\Jens\AppData\Local\{1722CF33-5482-41E9-ADB8-61BDC40773FE} folder moved successfully.

C:\Users\Jens\AppData\Local\{174C2DC2-7837-4588-8738-EB8FBB6C0FC0} folder moved successfully.

C:\Users\Jens\AppData\Local\{181E4F7B-08E8-4157-BB06-7B15B0FCE6E3} folder moved successfully.

C:\Users\Jens\AppData\Local\{1889D3C3-538A-4D80-8F9D-C3EF7B050FB6} folder moved successfully.

C:\Users\Jens\AppData\Local\{19061D45-57A7-4032-8F18-C61A67A05A42} folder moved successfully.

C:\Users\Jens\AppData\Local\{199B7100-A3C8-4BE1-9156-4F0F41706879} folder moved successfully.

C:\Users\Jens\AppData\Local\{19C20BFD-2B47-4221-B0E9-087E1BD30339} folder moved successfully.

C:\Users\Jens\AppData\Local\{1A15D424-D8A1-4A3D-8C22-D0F095369B10} folder moved successfully.

C:\Users\Jens\AppData\Local\{1A48B073-8690-49F9-AF6B-F37DAAB5D29B} folder moved successfully.

C:\Users\Jens\AppData\Local\{1A820CC9-3E55-49D3-961C-2EE5E555656C} folder moved successfully.

C:\Users\Jens\AppData\Local\{1AC3642E-036E-421A-97E5-45C455CFA9D1} folder moved successfully.

C:\Users\Jens\AppData\Local\{1B3B56EB-4BCA-4A59-8B13-729CCA55A341} folder moved successfully.

C:\Users\Jens\AppData\Local\{1B5D1266-AF1F-495D-9E0D-E2EF0B57E65B} folder moved successfully.

C:\Users\Jens\AppData\Local\{1B7AF694-FE3F-4A24-933C-64F8E972E84B} folder moved successfully.

C:\Users\Jens\AppData\Local\{1B7B1003-50B3-4F0D-98DE-1958CADF4E30} folder moved successfully.

C:\Users\Jens\AppData\Local\{1BD48813-DF47-4674-8147-4C86E9700391} folder moved successfully.

C:\Users\Jens\AppData\Local\{1BF26201-DEE2-454E-A195-9E14EBE852B4} folder moved successfully.

C:\Users\Jens\AppData\Local\{1C2983D9-8BD0-4D4A-A2F2-09CA52E1D2DB} folder moved successfully.

C:\Users\Jens\AppData\Local\{1C74FB9A-F924-4DE8-AA54-3F3421B5F0AB} folder moved successfully.

C:\Users\Jens\AppData\Local\{1CFEA0F8-B8BA-44E9-8531-37A275FA0728} folder moved successfully.

C:\Users\Jens\AppData\Local\{1D7B341B-C234-4C28-826E-4DB96B23B60C} folder moved successfully.

C:\Users\Jens\AppData\Local\{1DD9A0C1-020A-472E-AA26-4A9826C53912} folder moved successfully.

C:\Users\Jens\AppData\Local\{1E914AAE-C89C-4365-ACCE-2C38E7B9F6A2} folder moved successfully.

C:\Users\Jens\AppData\Local\{1EE907C7-B22E-4AEE-8A6A-567DB06C4F58} folder moved successfully.

C:\Users\Jens\AppData\Local\{1F041510-267B-4DF8-A2E3-D60A5065E813} folder moved successfully.

C:\Users\Jens\AppData\Local\{1F190FD2-5558-4FA1-BFEA-9413A4E67CC8} folder moved successfully.

C:\Users\Jens\AppData\Local\{1F9535A3-B1CF-4168-A66A-425AE62EB849} folder moved successfully.

C:\Users\Jens\AppData\Local\{1FAAD5C0-4987-4F4A-A9DE-8082B8EA0759} folder moved successfully.

C:\Users\Jens\AppData\Local\{1FBEEFC6-0E0F-4BB6-B156-FF9AAD6684D7} folder moved successfully.

C:\Users\Jens\AppData\Local\{20996254-CFCE-4F45-BA7A-53B7B65B4150} folder moved successfully.

C:\Users\Jens\AppData\Local\{21B0AA54-6922-4209-AB83-7F7A648CDC9F} folder moved successfully.

C:\Users\Jens\AppData\Local\{225D3257-AF51-4CA8-B050-11FB2FC6AC54} folder moved successfully.

C:\Users\Jens\AppData\Local\{2273BA1E-A9FC-4CCF-97A2-348B5EF0A2CC} folder moved successfully.

C:\Users\Jens\AppData\Local\{22FA9F05-8598-4503-8261-36E5E8C06A49} folder moved successfully.

C:\Users\Jens\AppData\Local\{234E0E65-2270-4C5B-8895-E58A40CD9A45} folder moved successfully.

C:\Users\Jens\AppData\Local\{255EAF5B-B13D-4014-BC60-78DE339C57D9} folder moved successfully.

C:\Users\Jens\AppData\Local\{25873A28-30F4-422F-924D-D2F889DB72E0} folder moved successfully.

C:\Users\Jens\AppData\Local\{25FEA537-BB74-4EFE-BFDF-E9F52B6131D9} folder moved successfully.

C:\Users\Jens\AppData\Local\{264AD8D8-E49D-4030-9FC2-D6B936A6325F} folder moved successfully.

C:\Users\Jens\AppData\Local\{26657911-0D7F-4B13-9201-C02A88011DE0} folder moved successfully.

C:\Users\Jens\AppData\Local\{266938C4-C42A-4890-9F5B-CA75F87A804F} folder moved successfully.

C:\Users\Jens\AppData\Local\{26E7225C-BB7D-415B-B870-3E674F206EA0} folder moved successfully.

C:\Users\Jens\AppData\Local\{274C9E77-B266-4AD8-BE79-233A7415EDDF} folder moved successfully.

C:\Users\Jens\AppData\Local\{2755D3DC-8244-4AA4-9DA4-24DFBCD73518} folder moved successfully.

C:\Users\Jens\AppData\Local\{279F35EA-6304-456D-A96E-C90C7B2DCAFC} folder moved successfully.

C:\Users\Jens\AppData\Local\{27CB84A4-F8BD-4B16-B9B1-23736796AF7C} folder moved successfully.

C:\Users\Jens\AppData\Local\{27E314D5-6913-403C-8541-639FC4B17AB0} folder moved successfully.

C:\Users\Jens\AppData\Local\{2875F6FA-7413-4CDC-A7A3-3F34B0EB7222} folder moved successfully.

C:\Users\Jens\AppData\Local\{2949A122-6DAA-4FE5-ACF0-C1F3FA335F4F} folder moved successfully.

C:\Users\Jens\AppData\Local\{29ED3956-3AFC-4B8E-9E96-18008F1D0CFF} folder moved successfully.

C:\Users\Jens\AppData\Local\{2A3A28CE-EC65-4AB9-A412-735D170E8036} folder moved successfully.

C:\Users\Jens\AppData\Local\{2A93CBFC-D0D7-4D1A-83EB-5F5F35E95F26} folder moved successfully.

C:\Users\Jens\AppData\Local\{2AA352F2-2AFE-4769-9CF5-01674AFF898B} folder moved successfully.

C:\Users\Jens\AppData\Local\{2AE53CCE-8345-4F63-8B3A-F7DEE012FF5C} folder moved successfully.

C:\Users\Jens\AppData\Local\{2B0D17C1-EA4C-42C6-B020-B5094FD59402} folder moved successfully.

C:\Users\Jens\AppData\Local\{2B86F6BE-7AFE-4E2F-AC40-2A10E9DDB634} folder moved successfully.

C:\Users\Jens\AppData\Local\{2B892B99-F856-4752-959A-DB940200A0B1} folder moved successfully.

C:\Users\Jens\AppData\Local\{2BC699D5-7657-4E04-B937-4107D3160307} folder moved successfully.

C:\Users\Jens\AppData\Local\{2CCAB01F-08FA-4012-9938-C33D71B12F06} folder moved successfully.

C:\Users\Jens\AppData\Local\{2D967E4B-F0E7-42B7-847B-0F000FAF7485} folder moved successfully.

C:\Users\Jens\AppData\Local\{2DE63034-08A6-4102-AC4C-D64AA7B715A2} folder moved successfully.

C:\Users\Jens\AppData\Local\{2DF0D5F8-D845-4E02-ACA8-89E29633FBC2} folder moved successfully.

C:\Users\Jens\AppData\Local\{2EA0B3FB-DC1D-4E1F-8AD9-8D2079EDC813} folder moved successfully.

C:\Users\Jens\AppData\Local\{2EB309B1-973D-4171-B984-BAD92805093A} folder moved successfully.

C:\Users\Jens\AppData\Local\{2F281554-915C-464F-BF11-50241D8FC190} folder moved successfully.

C:\Users\Jens\AppData\Local\{2F2F2640-DA3F-4CCE-9761-3CF588715A73} folder moved successfully.

C:\Users\Jens\AppData\Local\{2FE91C5A-0069-48B4-89BE-8DBB34710110} folder moved successfully.

C:\Users\Jens\AppData\Local\{30122FC6-29C1-4E7D-8875-355CF18FAE62} folder moved successfully.

C:\Users\Jens\AppData\Local\{30E05953-B010-4F55-9821-B62FA02E9C23} folder moved successfully.

C:\Users\Jens\AppData\Local\{31910250-DE43-4575-A4B9-CA74AAF2622A} folder moved successfully.

C:\Users\Jens\AppData\Local\{31D69CFA-AE60-42F3-8553-43062373DEFE} folder moved successfully.

C:\Users\Jens\AppData\Local\{32041FD5-41EE-49D8-B181-F27531C8D71F} folder moved successfully.

C:\Users\Jens\AppData\Local\{3238CB4A-20C6-46DB-8AEC-CE52F6E71B87} folder moved successfully.

C:\Users\Jens\AppData\Local\{3252F1B2-D267-4384-A85B-AE00B78802B7} folder moved successfully.

C:\Users\Jens\AppData\Local\{32C0162E-4CD9-43BF-A73D-AFA71504D823} folder moved successfully.

C:\Users\Jens\AppData\Local\{34A1F18B-605B-4A27-AD68-A11CB3A9AF92} folder moved successfully.

C:\Users\Jens\AppData\Local\{34FC166E-BEAC-4B31-B244-1224C460365F} folder moved successfully.

C:\Users\Jens\AppData\Local\{3516E141-75AA-4A3D-B8E9-072A443D22B9} folder moved successfully.

C:\Users\Jens\AppData\Local\{357EE351-FD58-40F7-B06B-E2499B9B90A9} folder moved successfully.

C:\Users\Jens\AppData\Local\{35971639-B9E6-4C77-BCFD-8CA4801D9DC0} folder moved successfully.

C:\Users\Jens\AppData\Local\{35E123D9-77EF-474C-A6A7-DB13C6B17A5B} folder moved successfully.

C:\Users\Jens\AppData\Local\{374BD8F4-DB50-4E7D-847D-4A1C43B306AF} folder moved successfully.

C:\Users\Jens\AppData\Local\{37C4A89F-DDE2-4B53-8A9A-E772A21DD592} folder moved successfully.

C:\Users\Jens\AppData\Local\{37DDEB0D-438D-4C15-9C98-F36C3E8D0FA8} folder moved successfully.

C:\Users\Jens\AppData\Local\{38B1E2BD-3EAD-4D20-BC03-8429161CF94B} folder moved successfully.

C:\Users\Jens\AppData\Local\{39233CD9-D7FB-4C09-91D1-1CB3E277FC9E} folder moved successfully.

C:\Users\Jens\AppData\Local\{3929E47E-9902-430B-BC06-D1DD7AB7B2A2} folder moved successfully.

C:\Users\Jens\AppData\Local\{3975A39F-D7CE-48DE-AD71-35D59A33453F} folder moved successfully.

C:\Users\Jens\AppData\Local\{39BF2583-1CDA-4DE9-9080-4987B4DB9797} folder moved successfully.

C:\Users\Jens\AppData\Local\{3A2D6515-1088-4AEE-9DE3-23BB34F7B290} folder moved successfully.

C:\Users\Jens\AppData\Local\{3A30B3BC-B2A0-491D-B0DC-C9F87C258ECD} folder moved successfully.

C:\Users\Jens\AppData\Local\{3A52F2D7-1EA8-4274-8BA2-3B600B9FBCA7} folder moved successfully.

C:\Users\Jens\AppData\Local\{3A999F16-A786-4C52-A969-3DA3A1A59908} folder moved successfully.

C:\Users\Jens\AppData\Local\{3B29C823-D9AF-4FB7-8013-28524CBA4D36} folder moved successfully.

C:\Users\Jens\AppData\Local\{3C54EDB0-2F7C-432A-90AC-2BE83493B80D} folder moved successfully.

C:\Users\Jens\AppData\Local\{3C6D2052-2430-482E-9574-0206E326D96D} folder moved successfully.

C:\Users\Jens\AppData\Local\{3C90ABFD-09D3-49E6-B9F4-046B897A1E15} folder moved successfully.

C:\Users\Jens\AppData\Local\{3C964CA2-FA3A-4A59-A34A-5420F88DA290} folder moved successfully.

C:\Users\Jens\AppData\Local\{3CE7D5E3-7AA6-46DC-B323-2C6AF431814F} folder moved successfully.

C:\Users\Jens\AppData\Local\{3D0BCF3E-F238-432F-832C-A7267A331A45} folder moved successfully.

C:\Users\Jens\AppData\Local\{3D2C64AB-9608-41CB-B8BD-3159C359932C} folder moved successfully.

C:\Users\Jens\AppData\Local\{3D695279-B71E-4C1E-91C5-689BC15C7B1C} folder moved successfully.

C:\Users\Jens\AppData\Local\{3DC61111-C99C-4646-B3E9-4AA5A74F314A} folder moved successfully.

C:\Users\Jens\AppData\Local\{3DFFD5D0-77DD-4599-BB87-E51A3EA93D3B} folder moved successfully.

C:\Users\Jens\AppData\Local\{3E8FB497-C8C6-4BA0-96CF-1CE316CB1C3B} folder moved successfully.

C:\Users\Jens\AppData\Local\{3EBF8159-FC8B-4FD4-8109-FDB5EFC1A86C} folder moved successfully.

C:\Users\Jens\AppData\Local\{3EE4BB3A-655C-4CF8-81D3-37915B908D8B} folder moved successfully.

C:\Users\Jens\AppData\Local\{3F2C636A-D18F-4CFB-87E7-916D406E2F40} folder moved successfully.

C:\Users\Jens\AppData\Local\{3F850D85-F481-4B6B-878D-F3CEB04FE0BC} folder moved successfully.

C:\Users\Jens\AppData\Local\{3FF7251A-B1F3-414F-96D4-C4D0A15BCED7} folder moved successfully.

C:\Users\Jens\AppData\Local\{4053BBC1-588C-46D9-AFE4-437D9FB151C0} folder moved successfully.

C:\Users\Jens\AppData\Local\{4059FA1E-8665-4216-85C6-1527BB4C076C} folder moved successfully.

C:\Users\Jens\AppData\Local\{40B4A066-56A9-4869-86FD-4DC3C8073EC4} folder moved successfully.

C:\Users\Jens\AppData\Local\{41236D31-F7D4-4BF6-8FC0-D2F2E470CA8C} folder moved successfully.

C:\Users\Jens\AppData\Local\{4191272E-168B-41D8-9E1B-424BB3D83F88} folder moved successfully.

C:\Users\Jens\AppData\Local\{42299980-AA96-461E-A4FB-BA78EE73FD81} folder moved successfully.

C:\Users\Jens\AppData\Local\{42379C40-9A70-431E-925D-43511935888A} folder moved successfully.

C:\Users\Jens\AppData\Local\{4294B45E-0478-46C9-B3E3-F4AB5D31E908} folder moved successfully.

C:\Users\Jens\AppData\Local\{42ACC4BF-CAD5-4B03-9F2A-A997D81DB933} folder moved successfully.

C:\Users\Jens\AppData\Local\{42C9932A-A0F6-4A23-BCA1-D6B948266465} folder moved successfully.

C:\Users\Jens\AppData\Local\{430BF742-8B16-4AA8-B7DF-A11CB324B691} folder moved successfully.

C:\Users\Jens\AppData\Local\{4348ED0A-8B0F-4143-8A58-F32C2E901AFA} folder moved successfully.

C:\Users\Jens\AppData\Local\{4355D2B0-5E28-4E40-BB31-452804AE1BB3} folder moved successfully.

C:\Users\Jens\AppData\Local\{43658EC4-84F8-4A32-87B9-D6D1C6E81721} folder moved successfully.

C:\Users\Jens\AppData\Local\{43768F34-4756-4FC2-836A-B686A83FD48D} folder moved successfully.

C:\Users\Jens\AppData\Local\{43DC571A-66BB-4A4A-A9FE-5CC43FCC59EA} folder moved successfully.

C:\Users\Jens\AppData\Local\{44C5BCB4-C4DB-40B8-A941-F013863F056B} folder moved successfully.

C:\Users\Jens\AppData\Local\{44F16850-B1E6-4105-BBF7-EDC484954CF3} folder moved successfully.

C:\Users\Jens\AppData\Local\{45069CD9-0276-4C27-81DC-BBE77D7070C3} folder moved successfully.

C:\Users\Jens\AppData\Local\{46350AFC-A9BA-4019-AC1B-06399F5C441B} folder moved successfully.

C:\Users\Jens\AppData\Local\{4638B86A-4E75-4439-89A1-5BA1090C1713} folder moved successfully.

C:\Users\Jens\AppData\Local\{465D9B58-4361-40AF-BEBF-A60091F5BAE3} folder moved successfully.

C:\Users\Jens\AppData\Local\{471E0E3B-4398-4238-85E5-E6FD182DFEE0} folder moved successfully.

C:\Users\Jens\AppData\Local\{476B15BB-145D-46C8-83F6-0D9252428337} folder moved successfully.

C:\Users\Jens\AppData\Local\{4836F7BA-2677-4EFE-B81A-12BB97FBA7CC} folder moved successfully.

C:\Users\Jens\AppData\Local\{486B014C-99B9-4E62-9B3A-9E911D944C9A} folder moved successfully.

C:\Users\Jens\AppData\Local\{4899A9D1-C507-4341-9211-F5B9EC3D6274} folder moved successfully.

C:\Users\Jens\AppData\Local\{48A33FC0-F0E5-4DCC-B1B6-FD827F3C15A3} folder moved successfully.

C:\Users\Jens\AppData\Local\{4A65FC7C-13D4-44F0-8C7E-7C565402D535} folder moved successfully.

C:\Users\Jens\AppData\Local\{4A8B3515-486E-42C4-B626-906EB2082DB1} folder moved successfully.

C:\Users\Jens\AppData\Local\{4B5C12EE-BB31-47B2-B565-FC638DD6722B} folder moved successfully.

C:\Users\Jens\AppData\Local\{4B5F3432-49A4-4A92-85C2-0EB41D24930D} folder moved successfully.

C:\Users\Jens\AppData\Local\{4B7F1847-1339-401A-A2B5-B7B064934262} folder moved successfully.

C:\Users\Jens\AppData\Local\{4B93F492-7937-4B93-B993-A0A2371C19A0} folder moved successfully.

C:\Users\Jens\AppData\Local\{4C17378D-A0F8-4F75-8EC5-27128B3E9054} folder moved successfully.

C:\Users\Jens\AppData\Local\{4C2D5663-54BA-4D3F-9004-68C29848F43C} folder moved successfully.

C:\Users\Jens\AppData\Local\{4C6ABED8-8F9F-4FF8-8EFF-AD0B32DEDE19} folder moved successfully.

C:\Users\Jens\AppData\Local\{4CFBDB84-AE3B-4754-A91E-D29296CAC4B5} folder moved successfully.

C:\Users\Jens\AppData\Local\{4D00F123-C3C4-4E5E-B70A-49F1E2DA6EE2} folder moved successfully.

C:\Users\Jens\AppData\Local\{4D5D58E9-894F-4A47-BDF8-EE82178BD007} folder moved successfully.

C:\Users\Jens\AppData\Local\{4D974B5F-D7D8-4D30-89F2-4D7A419DC416} folder moved successfully.

C:\Users\Jens\AppData\Local\{4E203684-01B0-4E40-8129-B112BCCCC8E4} folder moved successfully.

C:\Users\Jens\AppData\Local\{4E56BD96-6A9E-4FCC-A8DF-F3A62E419F33} folder moved successfully.

C:\Users\Jens\AppData\Local\{4E78D3E2-A097-4CB9-8C18-2B8492A37F61} folder moved successfully.

C:\Users\Jens\AppData\Local\{4E98517C-87D1-4CE3-9822-B3331592055E} folder moved successfully.

C:\Users\Jens\AppData\Local\{4FA76AA4-A986-4950-9F4E-E62F20A9885B} folder moved successfully.

C:\Users\Jens\AppData\Local\{51267A5C-8C02-4BB1-86C6-FFB3D0FFD9BA} folder moved successfully.

C:\Users\Jens\AppData\Local\{51BBEF05-9042-41F4-AFE8-4CB2FE49E07B} folder moved successfully.

C:\Users\Jens\AppData\Local\{52361C85-244F-41DC-B1C9-B7E07A72FAB6} folder moved successfully.

C:\Users\Jens\AppData\Local\{52933EFF-0D0F-4F53-8CA5-C8021867AFBC} folder moved successfully.

C:\Users\Jens\AppData\Local\{52DC5E56-9731-4F39-8E6F-B2C77CD5BFA3} folder moved successfully.

C:\Users\Jens\AppData\Local\{5350BAF0-2F8E-4FDE-AF4B-C447163728D1} folder moved successfully.

C:\Users\Jens\AppData\Local\{5373F071-EFC7-43E2-8F54-FA0D31F3FA32} folder moved successfully.

C:\Users\Jens\AppData\Local\{53B5BAC4-36E2-4421-A93A-1FD67A239337} folder moved successfully.

C:\Users\Jens\AppData\Local\{53CCC431-DF70-449E-BE46-C4A95EEE02BA} folder moved successfully.

C:\Users\Jens\AppData\Local\{5429FDFA-5B4A-435A-8249-6BE84A8AEB7B} folder moved successfully.

C:\Users\Jens\AppData\Local\{545389EB-2A08-4AE9-8C03-FDF8B16CA714} folder moved successfully.

C:\Users\Jens\AppData\Local\{545AFF17-8BE1-42BC-AABF-A604527744FD} folder moved successfully.

C:\Users\Jens\AppData\Local\{5496F105-4622-4B6D-A847-1000B6B0E3E4} folder moved successfully.

C:\Users\Jens\AppData\Local\{5528C1D0-7C2E-4027-BA62-7EAD492F7619} folder moved successfully.

C:\Users\Jens\AppData\Local\{553F24AD-3171-4535-9681-C5123F5E6033} folder moved successfully.

C:\Users\Jens\AppData\Local\{554469E2-A8BD-450F-91BD-A7960CE83E51} folder moved successfully.

C:\Users\Jens\AppData\Local\{55640373-6936-4598-8E89-4C037229DCB8} folder moved successfully.

C:\Users\Jens\AppData\Local\{5593CEE9-2AFF-4A35-A052-97E00565AA9D} folder moved successfully.

C:\Users\Jens\AppData\Local\{55CFE075-E1B9-4365-BA10-ABC988DF92A6} folder moved successfully.

C:\Users\Jens\AppData\Local\{55E7C1E8-9480-49B5-92D0-71AED075D7AB} folder moved successfully.

C:\Users\Jens\AppData\Local\{55F85693-0ECE-4305-B71B-04BED09CF275} folder moved successfully.

C:\Users\Jens\AppData\Local\{569E3217-FD1B-45F9-B7D2-F4C13B9B4CCC} folder moved successfully.

C:\Users\Jens\AppData\Local\{56CBE70D-1220-44D2-B323-7C91A5E502DA} folder moved successfully.

C:\Users\Jens\AppData\Local\{57140229-0C80-4D4B-A60D-5FF55B1C2513} folder moved successfully.

C:\Users\Jens\AppData\Local\{581E7B0F-DB4C-46C0-98C0-49F50519256C} folder moved successfully.

C:\Users\Jens\AppData\Local\{593B1C04-0F64-4DF3-856E-10E5BF5CC733} folder moved successfully.

C:\Users\Jens\AppData\Local\{5963D706-15BC-4B52-9795-014061C172F3} folder moved successfully.

C:\Users\Jens\AppData\Local\{5A0C0EC0-9DAF-49E8-81DF-BC6F52E0B916} folder moved successfully.

C:\Users\Jens\AppData\Local\{5A8DFE66-4999-4EC0-818F-323139C88767} folder moved successfully.

C:\Users\Jens\AppData\Local\{5B28AC8E-B7A7-48F1-9F9D-B5A28E3218EA} folder moved successfully.

C:\Users\Jens\AppData\Local\{5B4D3927-96CB-465A-B71E-215FDC70CC75} folder moved successfully.

C:\Users\Jens\AppData\Local\{5C460E31-8AE7-4DB6-B87A-A8E816A5EC21} folder moved successfully.

C:\Users\Jens\AppData\Local\{5C6ED679-4238-4E59-9C55-88A28831ED8E} folder moved successfully.

C:\Users\Jens\AppData\Local\{5CBD855E-02C2-421F-9635-ACAD7D181B51} folder moved successfully.

C:\Users\Jens\AppData\Local\{5CD4E1C5-C3B3-458F-AAE7-958508BB7ABA} folder moved successfully.

C:\Users\Jens\AppData\Local\{5D0BD643-AE78-45F3-ABBE-95DD5423E6E9} folder moved successfully.

C:\Users\Jens\AppData\Local\{5D0DC1E5-03F6-4930-9F4F-94334B3E6754} folder moved successfully.

C:\Users\Jens\AppData\Local\{5D1B97D5-7171-493B-B624-891948AEE114} folder moved successfully.

C:\Users\Jens\AppData\Local\{5D6809A7-ABCB-4CF5-B384-A958B75ABE93} folder moved successfully.

C:\Users\Jens\AppData\Local\{5D96787F-6141-43CE-A060-B491D808FE0C} folder moved successfully.

C:\Users\Jens\AppData\Local\{5DBA7F96-A1CE-4A11-9316-75A19D023BB3} folder moved successfully.

C:\Users\Jens\AppData\Local\{5DCCAADD-DCF5-4853-BB8F-8BA6E01EDC21} folder moved successfully.

C:\Users\Jens\AppData\Local\{5E0057BB-C6D1-46D6-A2C7-EF1CDCF90E54} folder moved successfully.

C:\Users\Jens\AppData\Local\{5E5CAFD7-5F24-4871-934A-1DE5C2A567CD} folder moved successfully.

C:\Users\Jens\AppData\Local\{5EF98A9E-7044-4523-B7D8-50CEC8C5B0C7} folder moved successfully.

C:\Users\Jens\AppData\Local\{5F42C8FE-C4A3-4E50-A71D-1B50A14B3531} folder moved successfully.

C:\Users\Jens\AppData\Local\{5FD14785-FF4D-43FF-A77A-C1DA95DB164D} folder moved successfully.

C:\Users\Jens\AppData\Local\{5FD7190E-7E3A-4BB2-8052-842CB2B7D288} folder moved successfully.

C:\Users\Jens\AppData\Local\{60091E52-270D-4F3C-BF44-5B64A3341B51} folder moved successfully.

C:\Users\Jens\AppData\Local\{6029620D-6AF9-43FD-BD6B-D91E9D9259B9} folder moved successfully.

C:\Users\Jens\AppData\Local\{60BB3704-A5B8-485C-B9E0-E40011CE718D} folder moved successfully.

C:\Users\Jens\AppData\Local\{61F8E0D7-51EB-4ABE-8286-205CA3C5F83B} folder moved successfully.

C:\Users\Jens\AppData\Local\{623BD254-357C-48B7-A462-C8C0FB6ECEC2} folder moved successfully.

C:\Users\Jens\AppData\Local\{625CC438-0BB4-4A91-9B94-92E81A4B21FC} folder moved successfully.

C:\Users\Jens\AppData\Local\{6273E5D6-AC52-450F-92DC-188B21F46AD9} folder moved successfully.

C:\Users\Jens\AppData\Local\{6296C885-D860-45B4-A51A-660AA8D4A579} folder moved successfully.

C:\Users\Jens\AppData\Local\{62A7A78A-3088-4067-A4F2-A98104667BEE} folder moved successfully.

C:\Users\Jens\AppData\Local\{63722044-7168-4912-8BC9-FC531E518ECD} folder moved successfully.

C:\Users\Jens\AppData\Local\{63C35EE8-032A-41DA-BEA4-136F2403B203} folder moved successfully.

C:\Users\Jens\AppData\Local\{63D25AD8-989E-4861-94BD-50C3F4B2ED19} folder moved successfully.

C:\Users\Jens\AppData\Local\{641C3D34-3850-4E36-BDB3-4CB9BEBE4C7A} folder moved successfully.

C:\Users\Jens\AppData\Local\{6476F609-3920-409C-9FCB-214FD75447AF} folder moved successfully.

C:\Users\Jens\AppData\Local\{64D3AB74-0493-42D3-9F4C-628F8F757F87} folder moved successfully.

C:\Users\Jens\AppData\Local\{654B8975-1A6B-4BBA-8DEC-4780BFD67173} folder moved successfully.

C:\Users\Jens\AppData\Local\{6607C3B7-8B81-4CEB-BD8D-3F412A908EFD} folder moved successfully.

C:\Users\Jens\AppData\Local\{663001FD-7FE0-4627-B1F0-980D81A0AABF} folder moved successfully.

C:\Users\Jens\AppData\Local\{66615769-56B7-49D5-B150-B14009E841AC} folder moved successfully.

C:\Users\Jens\AppData\Local\{67083E96-9B7B-47B6-AAEC-635FB7C8A9CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{674CAC56-CD33-47CE-936E-FC57C013F35E} folder moved successfully.

C:\Users\Jens\AppData\Local\{67A09AAC-0F2E-4921-9C28-8B66D46A05A4} folder moved successfully.

C:\Users\Jens\AppData\Local\{67E56F25-AC1D-4B27-BE7C-B99423948855} folder moved successfully.

C:\Users\Jens\AppData\Local\{6825D715-9706-4927-8A58-4EDC145E7CFC} folder moved successfully.

C:\Users\Jens\AppData\Local\{684A57B7-D045-4215-AFB0-1B46A2815935} folder moved successfully.

C:\Users\Jens\AppData\Local\{68E3DC75-1370-4BBD-9385-22551B56FDAE} folder moved successfully.

C:\Users\Jens\AppData\Local\{69D742AC-2BDC-496F-9EEF-0AEE1A652FD0} folder moved successfully.

C:\Users\Jens\AppData\Local\{69D8B80E-6B55-4D26-BC5A-F624CD4518E6} folder moved successfully.

C:\Users\Jens\AppData\Local\{69E6A65E-0AF1-45BC-8EC0-132D4537D3CA} folder moved successfully.

C:\Users\Jens\AppData\Local\{6A2FA279-E594-4644-BD6E-24E0E339DC37} folder moved successfully.

C:\Users\Jens\AppData\Local\{6A4A5732-93F7-48CA-ADF9-2B5FFF9C57F3} folder moved successfully.

C:\Users\Jens\AppData\Local\{6A59EC89-B357-4B96-9AA4-1886E8414B5D} folder moved successfully.

C:\Users\Jens\AppData\Local\{6AA23D91-5940-440B-810B-7E0F82D969A6} folder moved successfully.

C:\Users\Jens\AppData\Local\{6B2735C9-163D-4574-A9E7-266C54A29A35} folder moved successfully.

C:\Users\Jens\AppData\Local\{6B72C40F-C08F-4CA9-9198-458FEF2C64C3} folder moved successfully.

C:\Users\Jens\AppData\Local\{6C1D6026-DF0A-4F11-8B11-5F9C33D4794F} folder moved successfully.

C:\Users\Jens\AppData\Local\{6C4754B6-3F15-4122-94A9-CA7CE646798A} folder moved successfully.

C:\Users\Jens\AppData\Local\{6C80968E-2BBC-4162-A0F3-D22C45574B52} folder moved successfully.

C:\Users\Jens\AppData\Local\{6CA5E5BF-9335-49A7-AEB2-43DDAF671E53} folder moved successfully.

C:\Users\Jens\AppData\Local\{6E3504A4-248B-4C06-93BB-3E25A21C44EF} folder moved successfully.

C:\Users\Jens\AppData\Local\{6E484120-5ACF-49A3-B3E9-90BA7F24444E} folder moved successfully.

C:\Users\Jens\AppData\Local\{6E7584C9-AD5C-4D70-8DCE-0DB8D1D3FB97} folder moved successfully.

C:\Users\Jens\AppData\Local\{6E9B3AF6-F67E-4D94-B9F1-FC73E73E00DC} folder moved successfully.

C:\Users\Jens\AppData\Local\{6F912EB1-FE8E-470B-9241-90D77093DBFD} folder moved successfully.

C:\Users\Jens\AppData\Local\{6FB5085E-391B-46D2-AF77-A1BB23EFBB58} folder moved successfully.

C:\Users\Jens\AppData\Local\{6FDE6CF9-D6F9-435A-A15F-C6A67ACFB694} folder moved successfully.

C:\Users\Jens\AppData\Local\{703D9CBD-3AA2-46A7-96DA-0B87906AF2D7} folder moved successfully.

C:\Users\Jens\AppData\Local\{7085EF9C-CF13-488C-AB62-0AE75BD3E6C0} folder moved successfully.

C:\Users\Jens\AppData\Local\{70C5FB03-42E8-4166-B4C8-18B27D05FCED} folder moved successfully.

C:\Users\Jens\AppData\Local\{70E470DB-D9C1-4A3C-92BB-5FEE5B4C74BB} folder moved successfully.

C:\Users\Jens\AppData\Local\{71EC614F-D7B3-46A9-A4CE-02743689D553} folder moved successfully.

C:\Users\Jens\AppData\Local\{71EEFDDD-7A0A-4E91-8442-6FFE11C2E70C} folder moved successfully.

C:\Users\Jens\AppData\Local\{72299F8B-947B-4EEB-B99D-E649E05D5B2A} folder moved successfully.

C:\Users\Jens\AppData\Local\{7260883A-71A7-4BC9-88D0-431F1AA9C152} folder moved successfully.

C:\Users\Jens\AppData\Local\{7277C869-A6BF-4E57-BFE5-D6171E0A9427} folder moved successfully.

C:\Users\Jens\AppData\Local\{72D74FE3-2EF6-47F8-BA19-12BDE9E1B2AC} folder moved successfully.

C:\Users\Jens\AppData\Local\{730020B9-D70C-4BD3-ABCF-BC85D5A1E7F1} folder moved successfully.

C:\Users\Jens\AppData\Local\{731D29F1-E1B4-4962-BD89-8D2074353493} folder moved successfully.

C:\Users\Jens\AppData\Local\{733A83B0-9FCD-46A7-83A8-D3BE6F631B8F} folder moved successfully.

C:\Users\Jens\AppData\Local\{73A84A92-80F8-4A26-84E6-0A841DE173B2} folder moved successfully.

C:\Users\Jens\AppData\Local\{753E62EC-595D-41A8-8769-FF06822B4392} folder moved successfully.

C:\Users\Jens\AppData\Local\{759A43E9-415B-4149-93BF-6B3C24711315} folder moved successfully.

C:\Users\Jens\AppData\Local\{7629E59E-A109-44B8-94BD-850865F7D490} folder moved successfully.

C:\Users\Jens\AppData\Local\{76952295-F994-4693-A6E5-E1F2435C207C} folder moved successfully.

C:\Users\Jens\AppData\Local\{76E48E78-037D-4C94-AAC0-4F67F99C34FC} folder moved successfully.

C:\Users\Jens\AppData\Local\{7717FEF8-193C-49CF-AF4F-6C39BB1A0B08} folder moved successfully.

C:\Users\Jens\AppData\Local\{77C9A797-3116-4E0D-9779-D07C82780475} folder moved successfully.

C:\Users\Jens\AppData\Local\{7837433B-D2F0-4D58-B222-4777A81347F7} folder moved successfully.

C:\Users\Jens\AppData\Local\{7842AA1F-B9C7-444F-9DFB-2DCC4D9204DC} folder moved successfully.

C:\Users\Jens\AppData\Local\{7896C2C2-C8EA-4511-BE1F-5A903D135EFC} folder moved successfully.

C:\Users\Jens\AppData\Local\{78AB672D-C6FD-4900-9E5A-779935797CB4} folder moved successfully.

C:\Users\Jens\AppData\Local\{78B2A2CE-0D01-4797-8B73-8DDE4D6AEE5C} folder moved successfully.

C:\Users\Jens\AppData\Local\{78B6BCA4-DB7F-4427-B307-D6B4B2A23E76} folder moved successfully.

C:\Users\Jens\AppData\Local\{78C05ED4-4788-446E-8174-79E50D324546} folder moved successfully.

C:\Users\Jens\AppData\Local\{79D29A4A-39AA-4974-AC32-3098BEFFC33C} folder moved successfully.

C:\Users\Jens\AppData\Local\{7ACF956A-763B-487D-9175-0BB3E9E8CFAB} folder moved successfully.

C:\Users\Jens\AppData\Local\{7AFA6BF9-A734-4FF9-AD59-12DAA2A92D6E} folder moved successfully.

C:\Users\Jens\AppData\Local\{7B7FFF3D-5715-4C1D-A169-95BC1C54559B} folder moved successfully.

C:\Users\Jens\AppData\Local\{7B95B885-B8FF-42DA-9EF2-7B8AE9048DB6} folder moved successfully.

C:\Users\Jens\AppData\Local\{7BF2A1F8-E68B-4B77-8CF1-A3C3634305B3} folder moved successfully.

C:\Users\Jens\AppData\Local\{7C28860B-48B0-4DA1-BFDE-3B8B3C8C6983} folder moved successfully.

C:\Users\Jens\AppData\Local\{7C523525-CBE0-4428-A40E-A46794FF976A} folder moved successfully.

C:\Users\Jens\AppData\Local\{7D9193AE-3BF0-44AB-B98C-0EAF6A55E518} folder moved successfully.

C:\Users\Jens\AppData\Local\{7E033D9E-9EF7-4D45-81E4-274DA6286362} folder moved successfully.

C:\Users\Jens\AppData\Local\{7E86B8B9-E5F3-4F24-9527-2684233CE4B9} folder moved successfully.

C:\Users\Jens\AppData\Local\{7E9FDDCC-81B8-4B1C-A66E-4716809CB211} folder moved successfully.

C:\Users\Jens\AppData\Local\{7F3A0750-3C10-41EB-93EE-B6BB81125967} folder moved successfully.

C:\Users\Jens\AppData\Local\{7F3C53C8-7B23-4AE6-8890-5264EF88BADA} folder moved successfully.

C:\Users\Jens\AppData\Local\{7F3DCDEF-3BDC-4594-B6D2-A232132E3E50} folder moved successfully.

C:\Users\Jens\AppData\Local\{7FD4A0E3-1B08-4289-8A68-1092C2CCF26F} folder moved successfully.

C:\Users\Jens\AppData\Local\{80030ECF-485A-4D7E-8567-BF39DF93507C} folder moved successfully.

C:\Users\Jens\AppData\Local\{801DBAB9-9190-4604-9D8E-98B07C0CF8B4} folder moved successfully.

C:\Users\Jens\AppData\Local\{803007BF-16FD-442E-B9DB-AB7370D581D8} folder moved successfully.

C:\Users\Jens\AppData\Local\{80596715-CF87-4A2F-854B-FAB39466B7B9} folder moved successfully.

C:\Users\Jens\AppData\Local\{80661AA3-5103-4498-8D6E-CBF37D729E60} folder moved successfully.

C:\Users\Jens\AppData\Local\{807C547A-AC74-456E-BB4A-2FF6DC06BF48} folder moved successfully.

C:\Users\Jens\AppData\Local\{80F2DFBB-242E-42AE-A3C8-E75740442FFE} folder moved successfully.

C:\Users\Jens\AppData\Local\{81218A6D-3BAC-4A0A-86BD-08E5957F4FD7} folder moved successfully.

C:\Users\Jens\AppData\Local\{81723D49-94F8-4466-9084-8D43B7B7076E} folder moved successfully.

C:\Users\Jens\AppData\Local\{82017DF4-CBDD-45FD-B5BF-401B7013327C} folder moved successfully.

C:\Users\Jens\AppData\Local\{8203414B-D2AE-407E-8096-BCEAC8C8493C} folder moved successfully.

C:\Users\Jens\AppData\Local\{828483FB-2171-4831-A4F1-6631BE9B601D} folder moved successfully.

C:\Users\Jens\AppData\Local\{82CE22CE-1DC5-40B2-B3B3-B231365EFB26} folder moved successfully.

C:\Users\Jens\AppData\Local\{8371EA09-4616-4C5E-B9DC-984278368654} folder moved successfully.

C:\Users\Jens\AppData\Local\{8382FEF8-FB8B-4014-9128-38422A7A5C65} folder moved successfully.

C:\Users\Jens\AppData\Local\{83C348A4-2545-4E13-A9B2-2B44625D830E} folder moved successfully.

C:\Users\Jens\AppData\Local\{83E7DE35-5E31-4CFD-99E0-57B346922B9C} folder moved successfully.

C:\Users\Jens\AppData\Local\{842D9553-900E-4C40-8B7B-0C0AD7699180} folder moved successfully.

C:\Users\Jens\AppData\Local\{84A6B38A-1E85-44C5-BBA5-E1A6232A1A21} folder moved successfully.

C:\Users\Jens\AppData\Local\{8547DC7D-D889-413B-BF4E-1025FF4963F3} folder moved successfully.

C:\Users\Jens\AppData\Local\{8570C137-0FD2-407C-9D30-462CC2E8183E} folder moved successfully.

C:\Users\Jens\AppData\Local\{85DFB423-18ED-469A-8773-2EEF3B6A1C84} folder moved successfully.

C:\Users\Jens\AppData\Local\{85FD22D1-BAA8-41F5-B6F4-BD79454F1F00} folder moved successfully.

C:\Users\Jens\AppData\Local\{86D9AEEC-19CE-4FCA-87BC-0EA90F1B9FA2} folder moved successfully.

C:\Users\Jens\AppData\Local\{8724F6C3-4998-4A71-B7C7-BAAA7A0D40AE} folder moved successfully.

C:\Users\Jens\AppData\Local\{8810DA0A-FED9-4C76-83AB-B144E12B92DA} folder moved successfully.

C:\Users\Jens\AppData\Local\{88542BAD-60A9-4FCC-836F-7563A77086AC} folder moved successfully.

C:\Users\Jens\AppData\Local\{8986E0A8-3690-4ADD-9056-C9E48A84BF68} folder moved successfully.

C:\Users\Jens\AppData\Local\{89B82793-0444-4BF9-8E0F-81EF06EF9EE2} folder moved successfully.

C:\Users\Jens\AppData\Local\{89BB5D00-9462-4897-AAE2-8651AD897151} folder moved successfully.

C:\Users\Jens\AppData\Local\{89E8B950-A660-4D17-8868-39ED4D21D928} folder moved successfully.

C:\Users\Jens\AppData\Local\{8A0C5380-8A09-4766-9929-6EDA7461D8D8} folder moved successfully.

C:\Users\Jens\AppData\Local\{8C276998-C313-434C-994E-7E3E43FF4FCC} folder moved successfully.

C:\Users\Jens\AppData\Local\{8C6D1859-C0A7-40F8-96AB-5A1989A0C3C6} folder moved successfully.

C:\Users\Jens\AppData\Local\{8D315E51-F808-4E09-8BFF-F1C64948B024} folder moved successfully.

C:\Users\Jens\AppData\Local\{8D589F00-3B2E-4CAB-A54F-BA184B2C5CB3} folder moved successfully.

C:\Users\Jens\AppData\Local\{8D8C99DC-DE7D-44D9-892A-BD116DC17387} folder moved successfully.

C:\Users\Jens\AppData\Local\{8DB3A537-E4EF-42C5-896A-4DBDB518DB86} folder moved successfully.

C:\Users\Jens\AppData\Local\{8F3C3A02-AFB3-48CD-B151-BE4644D92129} folder moved successfully.

C:\Users\Jens\AppData\Local\{8F3D68C7-6C1F-4E1C-BD98-6697EBAC8BC0} folder moved successfully.

C:\Users\Jens\AppData\Local\{8F5FFA88-0E9F-4587-BCEE-5A26520DEF31} folder moved successfully.

C:\Users\Jens\AppData\Local\{90925B45-8229-484F-8C48-38FB98D7FEB3} folder moved successfully.

C:\Users\Jens\AppData\Local\{90A10DC3-E550-4E8F-9EE2-740F621DA5F0} folder moved successfully.

C:\Users\Jens\AppData\Local\{9120253A-7C67-4839-AAC9-BF3777C251AA} folder moved successfully.

C:\Users\Jens\AppData\Local\{91202CE1-E90D-4F6D-9FCE-AEDC96DBF0AC} folder moved successfully.

C:\Users\Jens\AppData\Local\{918DEF90-778E-44EB-BE14-19EAD88C1CC5} folder moved successfully.

C:\Users\Jens\AppData\Local\{92015500-FDB3-46A8-99D3-F7497C484A4A} folder moved successfully.

C:\Users\Jens\AppData\Local\{923D2EC9-6F79-45B9-9DB3-029831FC2331} folder moved successfully.

C:\Users\Jens\AppData\Local\{92797B74-2F48-48C3-A7B1-F3EA06CE8908} folder moved successfully.

C:\Users\Jens\AppData\Local\{927A99E3-1C3F-40C0-9477-C560D6B6DDC8} folder moved successfully.

C:\Users\Jens\AppData\Local\{929FC807-E7BB-411A-821E-562A343EBC19} folder moved successfully.

C:\Users\Jens\AppData\Local\{92A38849-F3D7-4249-A111-03671067AA2A} folder moved successfully.

C:\Users\Jens\AppData\Local\{92E69174-483D-4FE6-98D6-27D2777BC70F} folder moved successfully.

C:\Users\Jens\AppData\Local\{930BC027-6D5A-4A06-8798-4BD93516722E} folder moved successfully.

C:\Users\Jens\AppData\Local\{939AAE38-F7BA-4322-BAA3-C6FBCACD373C} folder moved successfully.

C:\Users\Jens\AppData\Local\{93AC7D5D-2339-4CDA-B490-6F49BD3C2105} folder moved successfully.

C:\Users\Jens\AppData\Local\{93CEBD82-45A9-407B-BD43-6850A4A5FE77} folder moved successfully.

C:\Users\Jens\AppData\Local\{940D8A3F-818D-4CB3-AD69-FD65BB689E4E} folder moved successfully.

C:\Users\Jens\AppData\Local\{9458E9E8-7856-4593-B74E-E3EE1394C011} folder moved successfully.

C:\Users\Jens\AppData\Local\{948D07A5-7B2E-4BFA-AC62-2B176FAE108C} folder moved successfully.

C:\Users\Jens\AppData\Local\{955F3673-4C6B-4EA1-ACE8-9C0BBAE050B5} folder moved successfully.

C:\Users\Jens\AppData\Local\{957FE2A2-6034-411B-A199-611DA9B9B866} folder moved successfully.

C:\Users\Jens\AppData\Local\{95CD78AD-2D06-4BFF-B828-668E61EC03C9} folder moved successfully.

C:\Users\Jens\AppData\Local\{9718FE9E-8EDB-46A1-9F7F-6740438A4803} folder moved successfully.

C:\Users\Jens\AppData\Local\{97258F49-C8BE-4B57-8776-3ED1DCC049A3} folder moved successfully.

C:\Users\Jens\AppData\Local\{979C8C1C-C877-4DD8-8911-F0EF0A2BEA71} folder moved successfully.

C:\Users\Jens\AppData\Local\{98C6277F-21DB-4525-B69B-41F504468953} folder moved successfully.

C:\Users\Jens\AppData\Local\{990E1263-5B07-40A0-B033-9827E4FBA2E2} folder moved successfully.

C:\Users\Jens\AppData\Local\{9A743DC0-3566-4E8D-A969-EF1D23CD06E2} folder moved successfully.

C:\Users\Jens\AppData\Local\{9B48A5D4-6910-4735-956B-EDF63A52D20F} folder moved successfully.

C:\Users\Jens\AppData\Local\{9B775FC8-80FA-439E-9288-7C76A543FB8B} folder moved successfully.

C:\Users\Jens\AppData\Local\{9CA3D36A-9342-43BD-9FFF-65EB101A1B85} folder moved successfully.

C:\Users\Jens\AppData\Local\{9D21AF06-DD03-474D-A3F1-1EAA3F0678F8} folder moved successfully.

C:\Users\Jens\AppData\Local\{9E2D16E5-3F1A-4BDD-AD0A-DD22B025C91A} folder moved successfully.

C:\Users\Jens\AppData\Local\{9E6D1321-8443-4056-9693-F1B234A7869F} folder moved successfully.

C:\Users\Jens\AppData\Local\{9F122886-068A-4867-A238-F94AF7CF98EC} folder moved successfully.

C:\Users\Jens\AppData\Local\{9F26DD39-0705-419D-AD8F-26507ED00F60} folder moved successfully.

C:\Users\Jens\AppData\Local\{9F4D4309-E363-4622-AF7A-422566FDEB48} folder moved successfully.

C:\Users\Jens\AppData\Local\{9F4F124E-1D86-423B-B681-C8AE8B3205E9} folder moved successfully.

C:\Users\Jens\AppData\Local\{9FAD8A9A-DB81-4F42-83C0-D3975DCE9641} folder moved successfully.

C:\Users\Jens\AppData\Local\{A0082A61-360A-4023-B735-61FC338281D6} folder moved successfully.

C:\Users\Jens\AppData\Local\{A029CCCB-F8F8-4CAA-A499-9AC4525F1E70} folder moved successfully.

C:\Users\Jens\AppData\Local\{A0D415EE-381A-4D54-B074-8DC85060F9BE} folder moved successfully.

C:\Users\Jens\AppData\Local\{A1ECF2EE-854B-4961-82D0-AC2FF5FD75B6} folder moved successfully.

C:\Users\Jens\AppData\Local\{A2337C2E-B1D4-4A36-8AD8-2EC46D9AE5DA} folder moved successfully.

C:\Users\Jens\AppData\Local\{A29FD24E-5542-4D4C-9E2B-5807028C91BB} folder moved successfully.

C:\Users\Jens\AppData\Local\{A2AF29D2-3B4D-4B8D-8CDD-BE03A1C84EB0} folder moved successfully.

C:\Users\Jens\AppData\Local\{A2E61FF8-DA05-45C3-8CEF-4C46BD1374DF} folder moved successfully.

C:\Users\Jens\AppData\Local\{A32483C4-962F-49AF-B358-6943FA052A0F} folder moved successfully.

C:\Users\Jens\AppData\Local\{A34A0BD4-C452-4267-A670-262AB12AB9FE} folder moved successfully.

C:\Users\Jens\AppData\Local\{A3EA943B-BBF0-44EA-8018-CB32362D669C} folder moved successfully.

C:\Users\Jens\AppData\Local\{A43AFC95-6FC8-42C7-AC35-A8682E97EFE3} folder moved successfully.

C:\Users\Jens\AppData\Local\{A447B640-6FDB-4FE0-9FC8-FAAE158AFE52} folder moved successfully.

C:\Users\Jens\AppData\Local\{A4611B0C-9065-43F0-ABE2-19A68A504234} folder moved successfully.

C:\Users\Jens\AppData\Local\{A4E314E5-0F6A-4030-B56D-84B70750583E} folder moved successfully.

C:\Users\Jens\AppData\Local\{A50570E1-AFB3-460E-8E8E-41B5E2D093C6} folder moved successfully.

C:\Users\Jens\AppData\Local\{A51C4EE8-2266-45A2-8E09-FBAFE9C03C46} folder moved successfully.

C:\Users\Jens\AppData\Local\{A5A0D513-1EFB-425F-97C2-3ADD45FFACF7} folder moved successfully.

C:\Users\Jens\AppData\Local\{A5A46B67-2295-4D26-A362-EB2832572950} folder moved successfully.

C:\Users\Jens\AppData\Local\{A6055B7C-A09E-4BD1-A71A-75DA8F6E52AA} folder moved successfully.

C:\Users\Jens\AppData\Local\{A6A57617-DF13-47C3-A219-51617E2E9B10} folder moved successfully.

C:\Users\Jens\AppData\Local\{A7101CEB-26D5-457C-B5B5-AA6624893045} folder moved successfully.

C:\Users\Jens\AppData\Local\{A766CED6-FB55-4B56-8AE3-1DD973D7C434} folder moved successfully.

C:\Users\Jens\AppData\Local\{A88F6BEE-2650-4977-BCDF-1B10E4E1D03C} folder moved successfully.

C:\Users\Jens\AppData\Local\{A8998F40-50DA-4C02-AFD1-4E55E86EB246} folder moved successfully.

C:\Users\Jens\AppData\Local\{A97C3934-982C-4AF2-BF63-EDEA76B73519} folder moved successfully.

C:\Users\Jens\AppData\Local\{A97FCB28-2A2D-4C97-8CDA-816E9B9B37A7} folder moved successfully.

C:\Users\Jens\AppData\Local\{A9FF4638-CDC2-4233-81D8-AB654FA11B78} folder moved successfully.

C:\Users\Jens\AppData\Local\{AA2A3F82-D93B-4E5B-9035-8A2F20594A34} folder moved successfully.

C:\Users\Jens\AppData\Local\{AA6A606F-418E-495A-95E6-BC5A79B20110} folder moved successfully.

C:\Users\Jens\AppData\Local\{AA817EFE-4BA6-4D87-834E-A5D30DDA346B} folder moved successfully.

C:\Users\Jens\AppData\Local\{AA89E2ED-39AC-4074-A8AA-3DCAF79BAF66} folder moved successfully.

C:\Users\Jens\AppData\Local\{AA9712D3-943E-4B76-9961-AE08CBEB0744} folder moved successfully.

C:\Users\Jens\AppData\Local\{AAA2D193-B963-46CC-9380-E13415F0C232} folder moved successfully.

C:\Users\Jens\AppData\Local\{AAACD1B0-973F-4F52-8968-1B374BDC2BF7} folder moved successfully.

C:\Users\Jens\AppData\Local\{ABA64515-0133-489B-9A13-B9125F5EDBBD} folder moved successfully.

C:\Users\Jens\AppData\Local\{ABDE3817-3E6E-4187-805C-21F341CC4AD8} folder moved successfully.

C:\Users\Jens\AppData\Local\{AC6C46D9-7F96-4421-B5BF-6A55878AF223} folder moved successfully.

C:\Users\Jens\AppData\Local\{AC9D68FD-0FF2-4C4E-912A-AA48583D8FDC} folder moved successfully.

C:\Users\Jens\AppData\Local\{AE059D87-96BE-4CCA-9E76-07ADA6B6F7BB} folder moved successfully.

C:\Users\Jens\AppData\Local\{AE140506-EA5C-475D-9AF9-EF897033F6EE} folder moved successfully.

C:\Users\Jens\AppData\Local\{AE2FF6C6-0484-483A-8FBD-A4E3C28CFD25} folder moved successfully.

C:\Users\Jens\AppData\Local\{AE6150CE-AA30-476F-969F-822F349A3913} folder moved successfully.

C:\Users\Jens\AppData\Local\{AEE81889-542A-4F86-8183-AD578F3A40C0} folder moved successfully.

C:\Users\Jens\AppData\Local\{AEFAE25B-10FD-4E6E-BBE6-D8D4D6E2FC06} folder moved successfully.

C:\Users\Jens\AppData\Local\{AEFC1529-B8BA-4054-809A-0D2EA4304CAA} folder moved successfully.

C:\Users\Jens\AppData\Local\{AF105235-0C84-40FF-B9ED-CB09B058D5E4} folder moved successfully.

C:\Users\Jens\AppData\Local\{AFE39201-C25A-4726-9DAB-D023E2DDD431} folder moved successfully.

C:\Users\Jens\AppData\Local\{B00D3A44-DFC9-437A-8819-583FE68E60C5} folder moved successfully.

C:\Users\Jens\AppData\Local\{B0D8A3DD-267D-4A74-9DE5-D64D0EB0318E} folder moved successfully.

C:\Users\Jens\AppData\Local\{B1508D4D-24EA-4E03-AA14-4F0E812160B7} folder moved successfully.

C:\Users\Jens\AppData\Local\{B1518945-91B9-4159-AF44-FA1693B72CEE} folder moved successfully.

C:\Users\Jens\AppData\Local\{B1B34639-9519-420B-9434-B670CF39D115} folder moved successfully.

C:\Users\Jens\AppData\Local\{B1DE621C-DF18-48BB-834E-DA435EFFD830} folder moved successfully.

C:\Users\Jens\AppData\Local\{B2004B3C-911F-44F3-89B1-11DA14D06E16} folder moved successfully.

C:\Users\Jens\AppData\Local\{B3092ACB-63DE-471A-A6A0-40EB368C729B} folder moved successfully.

C:\Users\Jens\AppData\Local\{B38A61AD-0634-4408-AF28-6AC6BF60EF71} folder moved successfully.

C:\Users\Jens\AppData\Local\{B414CC81-824B-4E28-8596-F62E47C82A3B} folder moved successfully.

C:\Users\Jens\AppData\Local\{B464D145-C586-4D37-99A0-D12224BD5AEB} folder moved successfully.

C:\Users\Jens\AppData\Local\{B4A43F72-C3A4-46F3-A456-4333231AA5CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{B5B9F7D3-A10A-4460-A67F-E8876CA94165} folder moved successfully.

C:\Users\Jens\AppData\Local\{B6BEDFE9-8916-4B21-B3E6-8FD670B681C3} folder moved successfully.

C:\Users\Jens\AppData\Local\{B6CC7FC2-F57B-4FA2-A072-D6EA85AAE686} folder moved successfully.

C:\Users\Jens\AppData\Local\{B6F2038E-8F0E-4192-A97C-16D1CAA797B0} folder moved successfully.

C:\Users\Jens\AppData\Local\{B752398E-FB8C-4631-AEF4-C39A06492012} folder moved successfully.

C:\Users\Jens\AppData\Local\{B88C0121-B152-4C2C-9B45-445F8A406D12} folder moved successfully.

C:\Users\Jens\AppData\Local\{B93DD517-8121-44DE-ABCE-D584CB6F51BC} folder moved successfully.

C:\Users\Jens\AppData\Local\{B9BC555B-5FA0-4392-8CAF-E5CC0EA4B3E7} folder moved successfully.

C:\Users\Jens\AppData\Local\{BA5293DD-96D5-44EC-BA5C-A822E61F2FE1} folder moved successfully.

C:\Users\Jens\AppData\Local\{BA745BCF-F42C-4DCA-AFAB-19A7BD3DC979} folder moved successfully.

C:\Users\Jens\AppData\Local\{BAC1C579-BB23-4249-9A03-989D8193AF84} folder moved successfully.

C:\Users\Jens\AppData\Local\{BB6EC188-1DF1-4A64-9E8B-B0F728FDEDF5} folder moved successfully.

C:\Users\Jens\AppData\Local\{BB771302-416C-4708-9697-802F65C558AF} folder moved successfully.

C:\Users\Jens\AppData\Local\{BB982FAF-AEFE-4408-BE4A-E6B3F9D9D8CA} folder moved successfully.

C:\Users\Jens\AppData\Local\{BC297112-04D1-48A2-84C4-9DB56FB04E20} folder moved successfully.

C:\Users\Jens\AppData\Local\{BD215C65-CE59-4DC8-8DD2-2866108B7C61} folder moved successfully.

C:\Users\Jens\AppData\Local\{BDED8BC2-F2F6-4B65-B9AF-0AD51440CD40} folder moved successfully.

C:\Users\Jens\AppData\Local\{BE58A2F9-AC1A-4DFF-8CCE-B724E1B3109E} folder moved successfully.

C:\Users\Jens\AppData\Local\{BE85EFEB-956E-4245-BBA7-9DE999DB20A5} folder moved successfully.

C:\Users\Jens\AppData\Local\{BEC1387F-EA46-42FF-AF57-24C8118389A5} folder moved successfully.

C:\Users\Jens\AppData\Local\{BF13C2AB-5025-4F4C-B17A-3280DC59862D} folder moved successfully.

C:\Users\Jens\AppData\Local\{BF1A033C-B51C-4831-AA37-2E2ED459DAEF} folder moved successfully.

C:\Users\Jens\AppData\Local\{BF4FC639-0D22-4A30-B873-3F5B5134FF03} folder moved successfully.

C:\Users\Jens\AppData\Local\{BF764815-912E-4375-849D-7E8A286DF726} folder moved successfully.

C:\Users\Jens\AppData\Local\{BFDEF74B-A8EA-4AAA-BA9C-2A62F1C69279} folder moved successfully.

C:\Users\Jens\AppData\Local\{C04ECCAF-C642-4A5B-B323-749D35F6D61B} folder moved successfully.

C:\Users\Jens\AppData\Local\{C079FF17-4132-414F-BD0A-39421361C638} folder moved successfully.

C:\Users\Jens\AppData\Local\{C0FC3047-B09D-4E1C-8FE7-06CD4A75DB25} folder moved successfully.

C:\Users\Jens\AppData\Local\{C1800641-3BDA-4EE9-84F9-F56203F24027} folder moved successfully.

C:\Users\Jens\AppData\Local\{C2087CF6-D37F-401E-81A0-91EE0479B140} folder moved successfully.

C:\Users\Jens\AppData\Local\{C21C7AF9-8D82-45FB-B83C-4D269A3A8236} folder moved successfully.

C:\Users\Jens\AppData\Local\{C2244F20-DE48-4B7C-B361-B53569025870} folder moved successfully.

C:\Users\Jens\AppData\Local\{C26ED091-86CA-4636-98BD-6F181EE008E0} folder moved successfully.

C:\Users\Jens\AppData\Local\{C2864AF6-8810-43C1-BD8C-051E1C058F10} folder moved successfully.

C:\Users\Jens\AppData\Local\{C2A6FE87-0300-4458-842B-C81527EA0C9E} folder moved successfully.

C:\Users\Jens\AppData\Local\{C2DBB25C-AD47-4E33-9365-397B35975B24} folder moved successfully.

C:\Users\Jens\AppData\Local\{C359F680-4F05-411E-A1FF-F3C594CA6B30} folder moved successfully.

C:\Users\Jens\AppData\Local\{C35E9ADD-5429-459A-881F-DB2220543E3E} folder moved successfully.

C:\Users\Jens\AppData\Local\{C3BA0D7B-935B-4332-A8D2-8F95337D156F} folder moved successfully.

C:\Users\Jens\AppData\Local\{C4A657FF-554F-47DF-8E81-5632EF7B0FAC} folder moved successfully.

C:\Users\Jens\AppData\Local\{C5505F4B-E53C-4638-92F8-49C2D12240EC} folder moved successfully.

C:\Users\Jens\AppData\Local\{C593B90C-864D-4A61-A40A-59287205A47F} folder moved successfully.

C:\Users\Jens\AppData\Local\{C67E4667-ACD2-4200-8094-F4903DF26B82} folder moved successfully.

C:\Users\Jens\AppData\Local\{C77CF8DC-516E-4D3B-8F9B-8FADE0028342} folder moved successfully.

C:\Users\Jens\AppData\Local\{C81E51E5-79C9-4FB5-AEDC-33C181C05203} folder moved successfully.

C:\Users\Jens\AppData\Local\{C894FA72-7FE9-4429-9B6B-E9AA541E9B0C} folder moved successfully.

C:\Users\Jens\AppData\Local\{C8B28E98-5906-4D14-8621-08F8223CCFAC} folder moved successfully.

C:\Users\Jens\AppData\Local\{C8E688C4-69C0-4572-AE2A-D9B6088B0314} folder moved successfully.

C:\Users\Jens\AppData\Local\{C8E8E7EB-361C-4B57-9835-5BB59F5D8CE4} folder moved successfully.

C:\Users\Jens\AppData\Local\{C99583E9-81A7-4C2C-B7BE-56170924FB18} folder moved successfully.

C:\Users\Jens\AppData\Local\{C997947A-96E2-4B33-AA15-9C95FE3AAE59} folder moved successfully.

C:\Users\Jens\AppData\Local\{C9BD4807-F6A2-48C6-89BD-653BE3E0FA70} folder moved successfully.

C:\Users\Jens\AppData\Local\{C9E58D3E-8CFD-46A7-9E62-294BF13479DD} folder moved successfully.

C:\Users\Jens\AppData\Local\{CA26BC7C-6BEF-460D-A33D-4CB59499A1B0} folder moved successfully.

C:\Users\Jens\AppData\Local\{CAAE2EEA-19B6-49E7-A730-56077B07E82F} folder moved successfully.

C:\Users\Jens\AppData\Local\{CB711E40-ADE2-4771-A052-FE148CD96255} folder moved successfully.

C:\Users\Jens\AppData\Local\{CB85BA41-DAAE-4A45-9B59-73F8C341C8CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{CB933865-6FC5-44FA-9B47-82DE596FC1DA} folder moved successfully.

C:\Users\Jens\AppData\Local\{CBAF930B-4A32-4342-95DB-7C3BAF64B458} folder moved successfully.

C:\Users\Jens\AppData\Local\{CBFDDD61-3ACA-47A6-9E4F-71EFF78DF2E5} folder moved successfully.

C:\Users\Jens\AppData\Local\{CC74CF85-4201-4AB6-8576-9DDFB2236145} folder moved successfully.

C:\Users\Jens\AppData\Local\{CD086698-B3C5-4B36-A7D2-23CBD2E460BF} folder moved successfully.

C:\Users\Jens\AppData\Local\{CD2D325E-2FA9-4469-8080-02CEA1E099EF} folder moved successfully.

C:\Users\Jens\AppData\Local\{CD983F73-0800-49A9-B3BE-273037C1C359} folder moved successfully.

C:\Users\Jens\AppData\Local\{CEC415F9-8E4A-4834-ABD9-2E9FD3B9B429} folder moved successfully.

C:\Users\Jens\AppData\Local\{CF6CDE88-DAFE-4265-9792-416397277BB5} folder moved successfully.

C:\Users\Jens\AppData\Local\{CF7A50FD-2B05-4F7D-B61C-E98DBB5EA02F} folder moved successfully.

C:\Users\Jens\AppData\Local\{CF89C503-AAA2-430E-8E00-3B86969A4898} folder moved successfully.

C:\Users\Jens\AppData\Local\{D01A5943-2656-42AC-A8C0-DE5C3DA3CAB1} folder moved successfully.

C:\Users\Jens\AppData\Local\{D03CB75A-E7D0-4C80-A349-17C7FEE024D5} folder moved successfully.

C:\Users\Jens\AppData\Local\{D1161F19-0831-4CA6-A348-EE5F7EA3E358} folder moved successfully.

C:\Users\Jens\AppData\Local\{D161BCC5-12FD-4A43-9534-0F979BAB8B06} folder moved successfully.

C:\Users\Jens\AppData\Local\{D17DE986-0AEF-40DE-896F-09131D7C5702} folder moved successfully.

C:\Users\Jens\AppData\Local\{D18AA156-244C-4A8F-8F8D-60B7990B4C8F} folder moved successfully.

C:\Users\Jens\AppData\Local\{D19A7D93-66B0-4DBA-ADCC-B9491C5FFFFF} folder moved successfully.

C:\Users\Jens\AppData\Local\{D32734B3-9E45-47A0-848B-169958DA4BDF} folder moved successfully.

C:\Users\Jens\AppData\Local\{D39D7950-20D6-49C6-BC7F-C53489141093} folder moved successfully.

C:\Users\Jens\AppData\Local\{D4C595BF-5C1A-4F95-9F80-DC233A9A32D5} folder moved successfully.

C:\Users\Jens\AppData\Local\{D5802ED4-8F81-451F-94B0-75F93B36C3CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{D5A0D965-96BB-4FAD-A50A-0C2FE650B99B} folder moved successfully.

C:\Users\Jens\AppData\Local\{D5E69CA9-2BFB-45DC-880C-8B658625EE73} folder moved successfully.

C:\Users\Jens\AppData\Local\{D634424B-D367-45DE-B3C7-1C162E916220} folder moved successfully.

C:\Users\Jens\AppData\Local\{D6ECDCAE-3ADC-48E9-AAF6-A7F932728652} folder moved successfully.

C:\Users\Jens\AppData\Local\{D705A7D9-C044-4F8C-BA69-53471DEC2018} folder moved successfully.

C:\Users\Jens\AppData\Local\{D70C0ED2-D10D-4E8C-9254-39B402189139} folder moved successfully.

C:\Users\Jens\AppData\Local\{D7A15CD5-5A79-4DDA-8696-B5F95F9EA9A6} folder moved successfully.

C:\Users\Jens\AppData\Local\{D82DEF7A-53DB-48E2-9261-6A11F3DDA85F} folder moved successfully.

C:\Users\Jens\AppData\Local\{D8412147-6A15-48B4-A317-8E1FC5AB194F} folder moved successfully.

C:\Users\Jens\AppData\Local\{D8618C89-112B-449E-A989-804DDF1CE086} folder moved successfully.

C:\Users\Jens\AppData\Local\{D86EF0F0-3377-4F34-AF15-92C1D83A22B2} folder moved successfully.

C:\Users\Jens\AppData\Local\{D8FFDF7B-46E6-4CC1-AAAC-7C1D2D7CA6A3} folder moved successfully.

C:\Users\Jens\AppData\Local\{D964ACDB-F56A-448A-9063-AB3096E50CDF} folder moved successfully.

C:\Users\Jens\AppData\Local\{D9AE364E-2C4F-4277-9A2D-4751AC395980} folder moved successfully.

C:\Users\Jens\AppData\Local\{D9AE7803-9F8A-4C1A-8DEF-238E2A35D455} folder moved successfully.

C:\Users\Jens\AppData\Local\{DA41C2BF-C882-46BF-9A3E-95C8318CD59D} folder moved successfully.

C:\Users\Jens\AppData\Local\{DA8C3ED1-83DA-4D99-9D56-26A98B377C07} folder moved successfully.

C:\Users\Jens\AppData\Local\{DAA865A9-830A-48AB-AA24-71A8927DFB67} folder moved successfully.

C:\Users\Jens\AppData\Local\{DAC1E528-04A3-452C-8302-79DA75F4A9C8} folder moved successfully.

C:\Users\Jens\AppData\Local\{DACF1DEB-FE66-4157-B622-BE699C8E5D3F} folder moved successfully.

C:\Users\Jens\AppData\Local\{DC44E683-D968-42BF-BAB6-A6619F83C99A} folder moved successfully.

C:\Users\Jens\AppData\Local\{DC46A58D-AF4C-4EAE-A32D-14F9AAD1C0BC} folder moved successfully.

C:\Users\Jens\AppData\Local\{DC949791-1FBA-4A04-A064-7B3C395F0E82} folder moved successfully.

C:\Users\Jens\AppData\Local\{DC94FF1A-D2C3-44AB-8DC8-8DD1DBAE01E8} folder moved successfully.

C:\Users\Jens\AppData\Local\{DD43BE8E-B13D-480A-99FF-458690B576E5} folder moved successfully.

C:\Users\Jens\AppData\Local\{DE040BC0-F208-4725-9FD9-3371649FBE94} folder moved successfully.

C:\Users\Jens\AppData\Local\{DE222A12-933C-412B-876F-714703AEC068} folder moved successfully.

C:\Users\Jens\AppData\Local\{DE809FCA-A4CF-4081-BCE5-2870E8C61B1D} folder moved successfully.

C:\Users\Jens\AppData\Local\{DF67C955-1779-4C08-B278-5F97D0E32D69} folder moved successfully.

C:\Users\Jens\AppData\Local\{DFB8510F-C486-4A8A-8EA5-BAE73BD28D2B} folder moved successfully.

C:\Users\Jens\AppData\Local\{DFC0021C-E6AF-4A5C-803D-0EE27DCDAD6A} folder moved successfully.

C:\Users\Jens\AppData\Local\{DFC0369E-910F-4D40-9C9F-9787CA75344A} folder moved successfully.

C:\Users\Jens\AppData\Local\{E057CCD7-93F7-4006-A7EE-7448FAF945E4} folder moved successfully.

C:\Users\Jens\AppData\Local\{E07188D0-ED4F-462A-9C9A-1996593DD0B7} folder moved successfully.

C:\Users\Jens\AppData\Local\{E083CE72-D3E6-4C91-8309-B390267E4DE8} folder moved successfully.

C:\Users\Jens\AppData\Local\{E18A751C-16CE-470C-8AC3-A8111DF319FA} folder moved successfully.

C:\Users\Jens\AppData\Local\{E18BE485-3F0E-41B5-835B-3D0C42014939} folder moved successfully.

C:\Users\Jens\AppData\Local\{E1B8CBB2-9EBF-40A2-A01D-3BC73E21B3A7} folder moved successfully.

C:\Users\Jens\AppData\Local\{E20C4D27-602E-49EF-ADB8-B9348D18B886} folder moved successfully.

C:\Users\Jens\AppData\Local\{E23D3F4A-8CAC-44D2-8E32-22AD6B18BA21} folder moved successfully.

C:\Users\Jens\AppData\Local\{E2786838-1004-45C2-887B-84576919EFAE} folder moved successfully.

C:\Users\Jens\AppData\Local\{E27BF153-9336-42FF-9CEF-769CAE71CB94} folder moved successfully.

C:\Users\Jens\AppData\Local\{E2A7F2A6-4025-4088-8530-29466FC6D90C} folder moved successfully.

C:\Users\Jens\AppData\Local\{E2B905DA-4191-4ACC-AE9E-617FA7D5675D} folder moved successfully.

C:\Users\Jens\AppData\Local\{E2C82172-416F-4C57-9884-AF049A096554} folder moved successfully.

C:\Users\Jens\AppData\Local\{E328A529-DBDD-4290-B0C7-9DD0367DFDBE} folder moved successfully.

C:\Users\Jens\AppData\Local\{E3C0C291-5D99-46AF-9EEF-55BE023B1EA4} folder moved successfully.

C:\Users\Jens\AppData\Local\{E48284E3-4D70-47B8-9709-C49BF84AE332} folder moved successfully.

C:\Users\Jens\AppData\Local\{E4ECBC53-C6A3-4111-8B1F-8D4698364648} folder moved successfully.

C:\Users\Jens\AppData\Local\{E5063A18-8385-4D0D-BD5E-42D093777EA5} folder moved successfully.

C:\Users\Jens\AppData\Local\{E5970E5F-FA06-47B9-8FD5-8C44F7C716DB} folder moved successfully.

C:\Users\Jens\AppData\Local\{E6CEEBCB-E62E-4FF3-BBB9-FEAB6E70F42B} folder moved successfully.

C:\Users\Jens\AppData\Local\{E6F575FD-0F01-497C-B380-A6DC15F73005} folder moved successfully.

C:\Users\Jens\AppData\Local\{E7693AAF-18F9-4599-8624-059814D184AB} folder moved successfully.

C:\Users\Jens\AppData\Local\{E7F8DA5E-4F2F-4440-A83D-CD676F643FC7} folder moved successfully.

C:\Users\Jens\AppData\Local\{E877041A-2916-482C-9E79-0B04CBD0320D} folder moved successfully.

C:\Users\Jens\AppData\Local\{E8C77B16-8C45-492A-B829-695CA71FFE8D} folder moved successfully.

C:\Users\Jens\AppData\Local\{E931BD5B-92B7-45EB-A02C-473FDF2A0223} folder moved successfully.

C:\Users\Jens\AppData\Local\{E989704B-5606-484C-A807-1B94993CF7D8} folder moved successfully.

C:\Users\Jens\AppData\Local\{E9B2FC71-24C7-4B1C-A8C3-0DB3A7EF6A78} folder moved successfully.

C:\Users\Jens\AppData\Local\{E9BDD2B6-6231-47EF-ADC3-87CBAE1CE981} folder moved successfully.

C:\Users\Jens\AppData\Local\{EA21EE33-DFAF-4243-A09C-B6302E5A3EC8} folder moved successfully.

C:\Users\Jens\AppData\Local\{EA5E59A7-DB93-422B-B880-FBD25AC914C4} folder moved successfully.

C:\Users\Jens\AppData\Local\{EAB36440-480B-4387-AD6B-81586896D16D} folder moved successfully.

C:\Users\Jens\AppData\Local\{EAC9B962-DC2A-471F-8F36-9E4DEBE0864E} folder moved successfully.

C:\Users\Jens\AppData\Local\{EAD8CCD4-60F8-4C40-99D3-8708E7A185A8} folder moved successfully.

C:\Users\Jens\AppData\Local\{EB6FD1EE-0A72-4420-9F6D-91F1C12BB8CD} folder moved successfully.

C:\Users\Jens\AppData\Local\{EBAAACA6-3617-4D0F-913F-7FE1FD25F523} folder moved successfully.

C:\Users\Jens\AppData\Local\{ED2657A7-F39F-4AE9-BC92-8B0D2AFCE6F0} folder moved successfully.

C:\Users\Jens\AppData\Local\{EDD9B8D2-706F-42A9-A6D5-8F099855DE39} folder moved successfully.

C:\Users\Jens\AppData\Local\{EE88E43F-67FC-4C6C-8B52-0DD71F782A88} folder moved successfully.

C:\Users\Jens\AppData\Local\{EFA0A98A-CC2D-4A0A-A673-D1B0DC2BC7D3} folder moved successfully.

C:\Users\Jens\AppData\Local\{F06FA789-66B0-4261-BA93-A1CA9FB0F2CE} folder moved successfully.

C:\Users\Jens\AppData\Local\{F0C9BD0D-A4A2-4C96-91B7-6274C2503222} folder moved successfully.

C:\Users\Jens\AppData\Local\{F152633D-2C46-4BC9-B834-A86CFB57FFCD} folder moved successfully.

C:\Users\Jens\AppData\Local\{F165047C-728B-4241-9270-4C7AA8A9C2D9} folder moved successfully.

C:\Users\Jens\AppData\Local\{F1A88761-776E-4BFF-B917-4937B34A0781} folder moved successfully.

C:\Users\Jens\AppData\Local\{F22859BF-C83D-4C34-B8A1-0F6D0F6B4A2D} folder moved successfully.

C:\Users\Jens\AppData\Local\{F338D239-B1D9-4872-8F9E-51ECB42B4538} folder moved successfully.

C:\Users\Jens\AppData\Local\{F3869D5A-2272-470A-AEBB-7660D68CE805} folder moved successfully.

C:\Users\Jens\AppData\Local\{F42DC517-FA05-46B7-A321-188F6E40C3E6} folder moved successfully.

C:\Users\Jens\AppData\Local\{F4336489-61B0-4BB5-B15D-12E83C63EAE7} folder moved successfully.

C:\Users\Jens\AppData\Local\{F443CF1E-08A6-4C45-9635-2ECB8B095E03} folder moved successfully.

C:\Users\Jens\AppData\Local\{F47AC842-12E5-4ED5-BD1A-C5FAE22A3BF2} folder moved successfully.

C:\Users\Jens\AppData\Local\{F492BDBD-8246-4873-8D35-8D80F6FB4F27} folder moved successfully.

C:\Users\Jens\AppData\Local\{F52F50AF-0E18-4958-BE4D-16B6626507A3} folder moved successfully.

C:\Users\Jens\AppData\Local\{F5C63CFC-295E-4EE1-8194-A6513809743A} folder moved successfully.

C:\Users\Jens\AppData\Local\{F669BEEB-DC5A-493B-AE3D-F5EF61FFA997} folder moved successfully.

C:\Users\Jens\AppData\Local\{F6880E66-0FED-484B-839A-97A295741845} folder moved successfully.

C:\Users\Jens\AppData\Local\{F6F8D627-2429-4D20-B31D-1DABE0D9BD2F} folder moved successfully.

C:\Users\Jens\AppData\Local\{F710ADE5-995C-4969-927A-A4661EF78DE4} folder moved successfully.

C:\Users\Jens\AppData\Local\{F747DE8D-9409-41BE-8C86-F6F8C44B7662} folder moved successfully.

C:\Users\Jens\AppData\Local\{F7482EA5-7C24-4FB0-ABFD-29DCAD5730FD} folder moved successfully.

C:\Users\Jens\AppData\Local\{F76A3D00-8FC8-4740-9187-520AEBEE1EF0} folder moved successfully.

C:\Users\Jens\AppData\Local\{F76C0366-3675-4259-8524-C7DE8E4BEBF0} folder moved successfully.

C:\Users\Jens\AppData\Local\{F77C3350-D6AB-4A2E-83E8-A058B6CF0AD4} folder moved successfully.

C:\Users\Jens\AppData\Local\{F7E3CB48-1F9E-4E51-BA37-D2DFF89036D9} folder moved successfully.

C:\Users\Jens\AppData\Local\{F7F9631C-89E7-4ACA-A4FF-52FF19E08F65} folder moved successfully.

C:\Users\Jens\AppData\Local\{F9B9B277-F7CC-468F-AA88-69FA43617CE5} folder moved successfully.

C:\Users\Jens\AppData\Local\{FA0898B7-EF4D-41CA-BF6F-394BF750B911} folder moved successfully.

C:\Users\Jens\AppData\Local\{FA35DBE4-22C5-4E2C-957C-96CBA5DA346D} folder moved successfully.

C:\Users\Jens\AppData\Local\{FB3CF779-0662-4265-9A5A-695777A57260} folder moved successfully.

C:\Users\Jens\AppData\Local\{FB5E36F5-63C4-493E-BF62-0C6098B1E8D2} folder moved successfully.

C:\Users\Jens\AppData\Local\{FBAB629C-70E8-4E82-B2F5-051B0F7D227E} folder moved successfully.

C:\Users\Jens\AppData\Local\{FBB8400F-7942-4413-9461-CADC0A6B065B} folder moved successfully.

C:\Users\Jens\AppData\Local\{FBF01B82-C3DB-4896-B4EA-18D83341C82D} folder moved successfully.

C:\Users\Jens\AppData\Local\{FC947C5A-A4C1-4D9E-A39E-3BD087D97C37} folder moved successfully.

C:\Users\Jens\AppData\Local\{FCED3F05-037A-40A7-A8EF-3B349C9E542D} folder moved successfully.

C:\Users\Jens\AppData\Local\{FDB3884C-76C3-45EA-A2D7-3660720BE270} folder moved successfully.

C:\Users\Jens\AppData\Local\{FE7DA10A-AB2C-43DA-8275-6662B68EF1F0} folder moved successfully.

C:\Users\Jens\AppData\Local\{FEB4EBE5-1A92-45D7-8026-775ED5D1A678} folder moved successfully.

C:\Users\Jens\AppData\Local\{FEBB7300-D0C6-4EF2-8122-B8566505E3DF} folder moved successfully.

C:\Users\Jens\AppData\Local\{FEF831DF-1E72-4240-9AB5-EDEE4A6C4B25} folder moved successfully.

C:\Users\Jens\AppData\Local\{FF24148F-80D2-4C11-8CC2-72E240AAF3BE} folder moved successfully.

C:\Users\Jens\AppData\Local\{FF9EEAA7-4162-4F29-9D5B-648FE8EE99A3} folder moved successfully.

File\Folder C:\Users\Jens\AppData\Local\Temp\*.exe not found.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.

C:\Users\Jens\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.

File/Folder C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\Jens\Desktop\cmd.bat deleted successfully.

C:\Users\Jens\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Charline

->Temp folder emptied: 305494 bytes

->Temporary Internet Files folder emptied: 102973 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 356654851 bytes

->Flash cache emptied: 6755 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Jens

->Temp folder emptied: 164767475 bytes

->Temporary Internet Files folder emptied: 124988752 bytes

->Google Chrome cache emptied: 383711993 bytes

->Flash cache emptied: 492 bytes

 

User: NeroMediaHomeUser.4

->Temp folder emptied: 35840 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 7462809 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes

RecycleBin emptied: 11802022322 bytes

 

Total Files Cleaned = 12.245,00 mb

 

 

OTL by OldTimer - Version 3.2.59.1 log created on 09112012_183945
 

Files\Folders moved on Reboot...

C:\Users\Jens\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
 

PendingFileRenameOperations files...
 

Registry entries deleted on Reboot...

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

Schau mal im IE unter Extras > Addons und mache bitte mal ein Screenshot.

Hallo,

so, AntiMalware läuft gerade durch.

Im IE finde ich keinen Punkt Extras. Ich denke du meinst sicher AddOns verwalten. Ich nutze den IE nicht. Ich nutze immer Chrome.

Habe da jetzt aber mal geschaut und es gibt etliches was ich da posten könnte. Gerade aktive AddOns, ohne Berechtigungen ausführende Addons etc....

Ne Idee wonach ich ungefähr schauen soll?

*edit*

Ich glaube ich habe den Übertäter gerade gefunden. Es ist eine Erweiterung in Chrome. Und zwar X-notifier. Das ruft meine Mails bei Google ab. Wenn ich das deaktiviere dann taucht kein Superfish mehr auf....hmmm!!!

Bitte das Malwarebytes Logfile posten!
(Reiter Logberichte)

Zitat:

Es ist eine Erweiterung in Chrome. Und zwar X-notifier.

das ist interessant.

und du scheinst den Uebeltaeter auch richtig gefuden zu haben! :)

Zitat:

The extension causing this for me was X Notifier... And there was NO option to deselect superfish (or Setega powered by superfish).

Zitat:

Same here, but there is a way to disable Setega (only that is hiding) you need to right click in the content area of the browser go to "X-notifier(Gm..." and un-check "Setaga Services" and you are done

Brauchst du das LOG noch?

Code:

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.09.12.05
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jens :: TOWER [Administrator]
 

12.09.2012 18:37:12

mbam-log-2012-09-12 (18-37-12).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 400303

Laufzeit: 1 Stunde(n), 10 Minute(n), 58 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Habe mich jetzt für ein anderes AddOn entschieden und das scheint nichts "verstecktes" drin zu haben.

Ich danke dir für deine Hilfe und Geduld..... :dankeschoen::dankeschoen::dankeschoen:

Noch ein Tipp:

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.

Downloade dir bitte die neueste Java-Version von hier
Speichere die jxpiinstall.exe
Schließe alle laufenden Programme. Speziell deinen Browser.
Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 7 ) herunter laden.
Wenn die Installation beendet wurde
Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.

Nach dem Neustart

Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
Klicke auf Dateien löschen....
Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
Klicke erneut OK.

Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck

Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck

und Aufraeumen:

Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)

adwCleaner entfernen

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Uninstall.
Bestätige mit Ja.

Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.

Aufräumen mit CCleaner

Lasse mit CCleaner (Download) (Anleitung) Fehler in der

Registry beheben (mehrmals, solange bis keine Fehler mehr gefunden werden) und
temporäre Dateien löschen.

Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
PC wird immer langsamer - was tun?

OK Java ist aktuell.

Und hier die beiden Screens.

Einmal nach dem Einstellen von Java und einmal nach dem deaktivieren.

Wenn ich Java aber deaktiviert habe dann kann ich es ja auf keiner Seite mehr nutzen, oder?? Naja, das surfen im Netz wird es zeigen :wtf:

Zitat:

kann ich es ja auf keiner Seite mehr nutzen, oder??

wo nutzt du es denn? ;)

Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)

adwCleaner entfernen

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Uninstall.
Bestätige mit Ja.

Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html

Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.

Aufräumen mit CCleaner

Lasse mit CCleaner (Download) (Anleitung) Fehler in der

Registry beheben (mehrmals, solange bis keine Fehler mehr gefunden werden) und
temporäre Dateien löschen.