Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   clkmon.com öffnet automatisch unerwünschte Websites (https://www.trojaner-board.de/150558-clkmon-com-oeffnet-automatisch-unerwuenschte-websites.html)

Ozelot11 03.03.2014 16:09
clkmon.com öffnet automatisch unerwünschte Websites
 
Guten Tag Miteinander

Ich habe seit kurzem ein lästiges Problem, welches automatisch Websites öffnen möchte.
Wenn ich auf eine Webseite bin und etwas anklicken möchte, gefriert diese Webseite und eine neu webseite clkmon.com möchte sich öffnen. Diese wird aber durch die Bluhell Firewall geblockt.

Im Internet habe ich nach Lösungen gesucht, aber leider noch nichts gefunden. Ich habe es mit dem Programm «Malwarebytes/Anti-Malware versucht, welches leider noch nichts gebracht hat.
Mit dem CCleaner habe ich es ebenfalls versucht, jedoch ebenfalls ohne Erfolg.

Ich weiss nun nicht mehr weiter. :headbang: Ich vermute auch, dass die Anwendung PC Performer evtl. der Grund sein könnte. Allerdings kann ich diese Anwendung nicht deinstallieren.

Ich weiss nun wirklich nicht mehr weiter und wäre für Hilfe sehr dankbar.:dankeschoen:
Kennt jemand dieses problem und weiss, wie man dies wieder los wird?

Vielen Dank schon im Voraus für die Unterstützung!

schrauber 03.03.2014 16:44
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Ozelot11 03.03.2014 16:57
Hallo

Vielen Dank für Deine Hilfe. Ich habe es bereits heruntergeladen und kann die Logdateien posten:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by Ozelot (administrator) on OZELOT-PC on 03-03-2014 16:48:43
Running from C:\Users\Ozelot\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
() C:\Program Files (x86)\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Novatel Wireless) C:\Program Files (x86)\Novatel Wireless\Mobilink\Lite.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Mobilink\Phoenix.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [DVDAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM-x32\...\Run: [TVAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [210216 2009-01-21] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2008-12-10] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [MsnMsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [MobiLink Lite] - C:\Program Files (x86)\Novatel Wireless\MobiLink\Lite.exe [327769 2007-09-07] (Novatel Wireless)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\MountPoints2: {a3d7d92d-a4fb-11de-924b-806e6f6e6963} - F:\LiteAuto.exe
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\Ozelot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM - {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM-x32 - {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKCU - {BCAB4F68-1EAC-4713-B934-3AA08A45DBCB} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Ozelot\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\searchplugins\facebook.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\staged [2014-03-03]
FF Extension: Flagfox - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-25]
FF Extension: WOT - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Speed Test Analysis - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\speedtestanalysis@SpeedAnalysis.com.xpi [2014-01-07]
FF Extension: Bluhell Firewall - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-02-14]
FF Extension: Adblock Plus - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2009-07-20]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2013-11-28]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2008-11-18] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-11-18] (Validity Sensors, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140228.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
S3 IpInIp; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140302.024\ENG64.SYS [126040 2013-12-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140302.024\EX64.SYS [2099288 2013-12-17] (Symantec Corporation)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [113536 2007-07-17] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [113536 2007-07-17] (Novatel Wireless Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMTDIV.SYS [507992 2013-09-26] (Symantec Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
U4 eabfiltr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-03 16:48 - 2014-03-03 16:49 - 00026715 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-03 16:48 - 2014-03-03 16:48 - 00000000 ____D () C:\FRST
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-03 08:57 - 2014-03-03 08:57 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{11221D9A-7A59-4607-8416-BFD23B4184B8}
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-02-28 11:31 - 00000000 ____D () C:\AdwCleaner
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:44 - 2014-02-28 10:44 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{6E85D7E3-DEC4-43CC-AE60-F17C3486275A}
2014-02-28 10:11 - 2014-02-28 10:55 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 ____N (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-27 07:56 - 2014-02-27 07:56 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{21AA1D3C-4010-4ECE-A663-E98BBC915375}
2014-02-26 03:11 - 2014-02-27 03:06 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 08:45 - 2014-02-25 08:45 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{84FD9203-5B92-4500-9B3E-D99F1A5F7B1B}
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-23 16:22 - 2014-02-23 16:22 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{06DAB753-F7E8-4EC5-ABB5-3FB59B238DC5}
2014-02-20 11:20 - 2014-02-20 11:20 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{FC46A700-0E0A-4B3A-8E18-54873E8B9F75}
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 10:22 - 2014-02-17 10:22 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{364566CD-F95C-451E-B71C-9DE6CB1F33E2}
2014-02-14 08:06 - 2014-02-14 08:07 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{44F12243-B9B3-4938-89B5-61D37B386262}
2014-02-14 03:14 - 2014-02-05 11:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:14 - 2014-02-05 11:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:14 - 2014-02-05 11:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 10:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 10:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:14 - 2014-02-05 10:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:14 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:14 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:14 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:14 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:14 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 07:15 - 2013-12-05 05:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:15 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-10 12:14 - 2014-02-10 12:14 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{D8FE404B-C793-400A-86DD-A7EC52ADF15A}
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 09:40 - 2014-02-05 10:32 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{90035CB0-38A1-4972-83F5-5BB0CCA73BB3}
2014-02-03 08:32 - 2014-02-03 08:32 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{C290AB02-8555-4C42-A9A5-A223C2D77746}

==================== One Month Modified Files and Folders =======

2014-03-03 16:49 - 2014-03-03 16:48 - 00026715 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-03 16:48 - 2014-03-03 16:48 - 00000000 ____D () C:\FRST
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 16:45 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-03 16:45 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-03 16:32 - 2009-07-20 01:10 - 01811393 _____ () C:\Windows\WindowsUpdate.log
2014-03-03 16:29 - 2009-09-20 18:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-03 16:08 - 2012-05-13 07:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-03 12:07 - 2009-10-02 15:36 - 00000000 ____D () C:\Users\Ozelot\Tracing
2014-03-03 12:01 - 2011-05-30 20:39 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\CrashDumps
2014-03-03 12:01 - 2009-02-16 08:54 - 00000000 ____D () C:\Windows\panther
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:51 - 2013-12-19 21:06 - 00000000 ____D () C:\Program Files (x86)\Speed Test Analysis
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-03 11:29 - 2009-09-20 18:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 08:59 - 2009-02-16 03:43 - 00003580 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-03-03 08:57 - 2014-03-03 08:57 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{11221D9A-7A59-4607-8416-BFD23B4184B8}
2014-03-03 08:56 - 2012-12-22 14:40 - 00000346 _____ () C:\Windows\Tasks\rbmonitor.job
2014-03-03 08:16 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 22:37 - 2009-07-20 01:10 - 00001076 _____ () C:\Windows\bthservsdp.dat
2014-03-02 22:37 - 2006-11-02 16:42 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-02 22:36 - 2011-04-10 15:48 - 00000500 ____H () C:\Windows\Tasks\Norton Security Scan for Ozelot.job
2014-02-28 11:31 - 2014-02-28 11:18 - 00000000 ____D () C:\AdwCleaner
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:55 - 2014-02-28 10:11 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:44 - 2014-02-28 10:44 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{6E85D7E3-DEC4-43CC-AE60-F17C3486275A}
2014-02-28 10:11 - 2009-02-16 01:46 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 ____N (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-27 14:47 - 2010-01-07 19:18 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-27 07:56 - 2014-02-27 07:56 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{21AA1D3C-4010-4ECE-A663-E98BBC915375}
2014-02-27 03:06 - 2014-02-26 03:11 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 03:06 - 2009-02-16 08:53 - 00705230 _____ () C:\Windows\system32\perfh010.dat
2014-02-27 03:06 - 2009-02-16 08:53 - 00142814 _____ () C:\Windows\system32\perfc010.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00674274 _____ () C:\Windows\system32\perfh007.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00146254 _____ () C:\Windows\system32\perfc007.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00712102 _____ () C:\Windows\system32\perfh00C.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00145710 _____ () C:\Windows\system32\perfc00C.dat
2014-02-27 03:06 - 2006-11-02 13:46 - 03209056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 08:45 - 2014-02-25 08:45 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{84FD9203-5B92-4500-9B3E-D99F1A5F7B1B}
2014-02-25 08:45 - 2011-06-17 21:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Windows Live
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-23 18:08 - 2011-09-15 21:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-23 16:56 - 2013-09-17 18:00 - 00002017 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-23 16:22 - 2014-02-23 16:22 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{06DAB753-F7E8-4EC5-ABB5-3FB59B238DC5}
2014-02-20 11:20 - 2014-02-20 11:20 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{FC46A700-0E0A-4B3A-8E18-54873E8B9F75}
2014-02-17 18:57 - 2013-08-19 17:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:50 - 2006-11-02 13:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-17 18:34 - 2012-10-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 17:44 - 2010-01-09 13:58 - 00005580 _____ () C:\fpRedmon.log
2014-02-17 17:44 - 2010-01-09 13:58 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\FreePDF_XP
2014-02-17 16:51 - 2010-10-10 14:52 - 00000000 ____D () C:\Users\Ozelot\Documents\Bewerbungen_Arbeit
2014-02-17 11:24 - 2009-09-20 18:59 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 11:24 - 2009-09-20 18:59 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 10:25 - 2013-12-12 16:45 - 00001875 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-17 10:22 - 2014-02-17 10:22 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{364566CD-F95C-451E-B71C-9DE6CB1F33E2}
2014-02-14 08:07 - 2014-02-14 08:06 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{44F12243-B9B3-4938-89B5-61D37B386262}
2014-02-10 13:45 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Apple Computer
2014-02-10 13:44 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Apple Computer
2014-02-10 12:14 - 2014-02-10 12:14 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{D8FE404B-C793-400A-86DD-A7EC52ADF15A}
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-05 13:28 - 2009-11-29 11:38 - 00000000 ____D () C:\ProgramData\Apple
2014-02-05 11:19 - 2014-02-14 03:14 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 11:02 - 2014-02-14 03:14 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 11:00 - 2014-02-14 03:14 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 10:52 - 2014-02-14 03:14 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 10:50 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 10:50 - 2014-02-14 03:14 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 10:50 - 2014-02-14 03:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 10:32 - 2014-02-04 09:40 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{90035CB0-38A1-4972-83F5-5BB0CCA73BB3}
2014-02-05 09:58 - 2014-02-14 03:14 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-05 09:56 - 2014-02-14 03:14 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-05 09:53 - 2014-02-14 03:14 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-05 09:51 - 2014-02-14 03:14 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-05 09:50 - 2014-02-14 03:14 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-05 09:49 - 2014-02-14 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 03:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 03:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 03:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 03:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-05 09:20 - 2009-09-26 08:49 - 00007916 _____ () C:\Users\Ozelot\AppData\Local\d3d9caps.dat
2014-02-04 09:55 - 2009-09-12 18:38 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Adobe
2014-02-03 08:32 - 2014-02-03 08:32 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\{C290AB02-8555-4C42-A9A5-A223C2D77746}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-03 08:32

==================== End Of Log ============================
--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014
Ran by Ozelot at 2014-03-03 16:49:24
Running from C:\Users\Ozelot\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.12.10 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader 9 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Air Flashback (HKLM-x32\...\Air Flashback_is1) (Version: 1.0 - MyPlayCity, Inc.)
AOL Toolbar 5.0 (HKLM-x32\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVS Media Player 4.1.6.80 (HKLM-x32\...\AVS Media Player_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.2326 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Designer 2.0 (HKLM-x32\...\bookfactory.ch Designer 2.0_is1) (Version: 7.7.7 - bookfactory.ch)
DigitalPersona Personal 4.0 (HKLM\...\{FC930DA2-760E-4996-B4DA-4BD6560FA666}) (Version: 4.00.3733 - DigitalPersona, Inc.)
DiskAid 4.63 (HKLM-x32\...\DiskAid_is1) (Version: 4.63 - DigiDNA)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPL Ghostscript 8.70 (HKLM-x32\...\GPL Ghostscript 8.70) (Version:  - )
Horizon Assistant (HKLM-x32\...\Horizon Assistant) (Version: 1.4.7.12 - upc cablecom GmbH)
HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2328 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 2.1.2328 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.1.2425 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 2.1.2425 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.1.1219 - Hewlett-Packard)
HP MediaSmart TV (x32 Version: 2.1.1219 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.1.1208 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 2.1.1208 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.13.1 - Hewlett-Packard Company)
HP Total Care Setup (HKLM-x32\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0115 (HKLM-x32\...\{834903BF-7B6E-4C97-891C-AC1AECA91CEC}) (Version: 1.04.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6047.5 - IDT)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216015FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.20.07 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1118 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1118 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mobilink Lite (HKLM-x32\...\{28938B7C-B11B-49BD-84E4-44C8416D4C07}) (Version: 2.08.26 - Novatel Wireless Inc.)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nokia Connectivity Cable Driver (HKLM-x32\...\{52D02A2B-03D2-4E34-A358-DC5D951FD296}) (Version: 7.1.17.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.30.9 - Nokia)
Nokia PC Suite (x32 Version: 7.1.30.9 - Nokia) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.1.0.18 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - NVIDIA Corporation)
OpenOffice.org 3.1 (HKLM-x32\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9420 - OpenOffice.org)
PC Connectivity Solution (HKLM-x32\...\{0C973594-7DDF-4BD0-84ED-3517F7622037}) (Version: 9.23.3.0 - Nokia)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.5615 - CyberLink Corp.) Hidden
PicsAid 1.34 (HKLM-x32\...\PicsAid_is1) (Version: 1.34 - DigiDNA)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2325 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2325 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2317 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2317 - CyberLink Corp.) Hidden
Private Tax 2009 (HKLM-x32\...\Private Tax 2009) (Version: 1.1.7.545 - Abraxas Informatik AG)
ProtectSmart Hard Drive Protection (HKLM\...\{191C1158-D287-4074-B749-D4CDD321E062}) (Version: 3.10.1.7 - Hewlett-Packard)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Safari (HKLM-x32\...\{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}) (Version: 5.33.21.1 - Apple Inc.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Ski Challenge 2010 (SF) (HKCU\...\sc10-CH_SF) (Version:  - )
Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
SPORE Creature Creator Trial Edition (HKLM-x32\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
Uniblue RegistryBooster (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1) (Version: 6.1.1.3 - Uniblue Systems Limited)
Uniblue SystemTweaker (HKLM-x32\...\{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1) (Version:  - Uniblue Systems Ltd)
UPC Fiber Power Optimizer (HKLM-x32\...\UPC Fiber Power Optimizer) (Version:  - Cablecom GmbH)
UPC Fiber Power Optimizer (x32 Version: 2.0.0.2 - Cablecom GmbH) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.109 - Validity Sensors, Inc.)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3) (HKLM\...\F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7) (Version: 06/01/2009 7.01.0.3 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Restore Points  =========================

21-01-2014 07:18:07 Sprachpaketdeinstallation
27-01-2014 07:55:10 Sprachpaketdeinstallation
30-01-2014 08:13:03 Sprachpaketdeinstallation
31-01-2014 15:16:54 Geplanter Prüfpunkt
03-02-2014 07:46:02 Sprachpaketdeinstallation
03-02-2014 15:50:38 Sprachpaketdeinstallation
04-02-2014 08:53:44 Sprachpaketdeinstallation
06-02-2014 08:00:32 Geplanter Prüfpunkt
07-02-2014 09:23:11 Geplanter Prüfpunkt
10-02-2014 11:28:14 Sprachpaketdeinstallation
14-02-2014 02:00:27 Windows Update
14-02-2014 03:05:10 Sprachpaketdeinstallation
17-02-2014 09:35:57 Sprachpaketdeinstallation
17-02-2014 17:49:11 Windows Update
20-02-2014 10:42:58 Sprachpaketdeinstallation
23-02-2014 15:35:15 Sprachpaketdeinstallation
24-02-2014 14:15:53 Geplanter Prüfpunkt
25-02-2014 07:59:03 Sprachpaketdeinstallation
26-02-2014 02:00:21 Windows Update
27-02-2014 02:00:23 Windows Update
27-02-2014 02:51:10 Sprachpaketdeinstallation
28-02-2014 09:38:45 Sprachpaketdeinstallation
28-02-2014 10:49:45 Sprachpaketdeinstallation
02-03-2014 18:05:13 Geplanter Prüfpunkt
03-03-2014 07:32:11 Sprachpaketdeinstallation

==================== Hosts content: ==========================

2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00299CA5-AA37-450E-AA9F-437474C32893} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-20] (Google Inc.)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2C042FC1-D9BB-4C5C-85E1-2D7C07FB85B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {31053A69-9331-41EB-89F4-CB773745710C} - System32\Tasks\{FC518A61-D76D-46FA-92EE-38DC0C8D7950} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {39332325-CEE5-4436-91EC-5FDB7B6FF10A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {396F19C5-41D3-4DF6-A4B6-1ACE6700567E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {39D45D38-4030-49DE-8C65-38C1BB47C090} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {61EF4B69-F11C-4D81-9BEE-94BA16B8B174} - System32\Tasks\rbmonitor => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A5E9C6D0-5CEC-4173-A92D-E53482B63D58} - System32\Tasks\Norton Security Scan for Ozelot => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-04-10] (Symantec Corporation)
Task: {C0BF9564-889A-4BF9-9D6D-4ECC2D1FE96A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-23] (Adobe Systems Incorporated)
Task: {C20727BC-4802-46F3-B10D-D37945084CCB} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {D8570416-58FF-4CF1-AF05-3CB67E319D0B} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {E8B52B65-4927-4B2E-A0F4-6402D1EDFE77} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F3C44515-CB56-42E2-9549-87BC3A1522D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Ozelot.job => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe
Task: C:\Windows\Tasks\rbmonitor.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 13:56 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-02-16 03:36 - 2008-12-17 16:11 - 00365952 _____ () C:\Program Files (x86)\SMINST\BLService.exe
2009-02-16 02:30 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2008-11-26 16:13 - 2008-11-26 16:13 - 00296320 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2008-11-26 16:13 - 2008-11-26 16:13 - 00116096 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2013-10-31 13:47 - 2013-10-31 13:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2008-06-19 12:59 - 2008-06-19 12:59 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-11-26 16:12 - 2008-11-26 16:12 - 00074536 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-16 03:36 - 2008-12-17 16:11 - 00132480 _____ () C:\Program Files (x86)\SMINST\STWmiM.dll
2009-02-16 02:30 - 2008-09-15 15:13 - 00028672 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00263560 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2008-11-26 16:13 - 2008-11-26 16:13 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2007-09-07 17:32 - 2007-09-07 17:32 - 00053340 _____ () C:\Program Files (x86)\Novatel Wireless\Mobilink\Blaze.ocx
2008-08-12 10:16 - 2008-08-12 10:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 13:01 - 2008-07-29 13:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 12:50 - 2008-07-29 12:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 13:11 - 2008-07-29 13:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2008-12-25 12:41 - 2008-12-25 12:41 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2009-08-18 15:54 - 2009-08-18 15:54 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-17 11:12 - 2014-02-17 11:12 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/03/2014 02:37:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5085

Error: (03/03/2014 02:37:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5085

Error: (03/03/2014 02:37:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/03/2014 02:37:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4056

Error: (03/03/2014 02:37:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4056

Error: (03/03/2014 02:37:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/03/2014 02:37:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3057

Error: (03/03/2014 02:37:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3057

Error: (03/03/2014 02:37:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/03/2014 02:37:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2043


System errors:
=============
Error: (03/03/2014 10:43:54 AM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (03/03/2014 08:33:24 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825it-IT

Error: (03/03/2014 08:33:14 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825fr-FR

Error: (03/03/2014 08:17:46 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (02/28/2014 11:51:26 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825it-IT

Error: (02/28/2014 11:51:21 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825fr-FR

Error: (02/28/2014 11:37:58 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (02/28/2014 11:30:34 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (02/28/2014 10:39:51 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825it-IT

Error: (02/28/2014 10:39:43 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x800f0825fr-FR


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-03 16:48:59.666
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:59.417
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:59.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:58.866
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:53.051
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:52.775
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:52.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:52.280
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:52.038
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:48:51.769
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 4062.25 MB
Available physical RAM: 1380.89 MB
Total Pagefile: 8337.77 MB
Available Pagefile: 5298.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.69 GB) (Free:265.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:13.06 GB) (Free:2.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 8B93FA85)
Partition 1: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Vielen Dank!

Grüsse Dani

schrauber 04.03.2014 12:53
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Ozelot11 04.03.2014 16:39
Hallo

Ich habe alles so ausgeführt und sende nun den combofix.txt zu.

Code:
ComboFix 14-03-04.01 - Ozelot 04.03.2014  14:53:36.1.2 - x64
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.41.1031.18.4062.1585 [GMT 1:00]
ausgeführt von:: c:\users\Ozelot\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-02-04 bis 2014-03-04  ))))))))))))))))))))))))))))))
.
.
2014-03-03 15:48 . 2014-03-03 15:52        --------        d-----w-        C:\FRST
2014-03-03 10:58 . 2014-03-03 10:58        --------        d-----w-        c:\program files\CCleaner
2014-03-03 10:30 . 2014-03-03 10:30        --------        d-----w-        c:\users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 10:30 . 2014-03-03 10:30        --------        d-----w-        c:\programdata\Malwarebytes
2014-03-03 10:30 . 2014-03-03 10:30        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-03 10:30 . 2013-04-04 13:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-02-28 10:18 . 2014-02-28 10:31        --------        d-----w-        C:\AdwCleaner
2014-02-28 09:11 . 2014-02-28 09:55        --------        d-----w-        c:\users\Ozelot\AppData\Local\NPE
2014-02-26 02:06 . 2014-02-26 02:06        --------        d-----w-        c:\windows\Migration
2014-02-23 17:08 . 2014-02-23 17:08        17858952        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-17 09:25 . 2014-02-17 09:25        --------        d-----w-        c:\program files\McAfee Security Scan
2014-02-13 06:15 . 2013-12-05 04:48        1869824        ----a-w-        c:\windows\system32\msxml3.dll
2014-02-13 06:15 . 2013-12-05 02:12        1248768        ----a-w-        c:\windows\SysWow64\msxml3.dll
2014-02-05 12:35 . 2014-02-05 12:35        --------        d-----w-        c:\program files\iPod
2014-02-05 12:35 . 2014-02-05 12:36        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 12:35 . 2014-02-05 12:36        --------        d-----w-        c:\program files\iTunes
2014-02-05 12:35 . 2014-02-05 12:36        --------        d-----w-        c:\program files (x86)\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-23 17:08 . 2012-05-13 06:08        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-23 17:08 . 2011-09-15 20:06        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 17:50 . 2006-11-02 12:35        88567024        ----a-w-        c:\windows\system32\mrt.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\\Phone\Skype.exe" [2012-07-13 17418928]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"MobiLink Lite"="c:\program files (x86)\Novatel Wireless\MobiLink\Lite.exe" [2007-09-07 327769]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-10-31 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-10-31 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"TVAgent"="c:\program files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-01-21 210216]
"UCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2008-12-10 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
.
c:\users\Ozelot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 994856]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 08:30        1150280        ----a-w-        c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 17:08]
.
2014-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-20 17:59]
.
2014-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-20 17:59]
.
2014-03-04 c:\windows\Tasks\Norton Security Scan for Ozelot.job
- c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-04-10 14:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.ch/
uLocal Page =
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &AOL Toolbar-Suche - c:\programdata\AOL\ieToolbar\resources\de-CH\local\search.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.ch/
FF - ExtSQL: !HIDDEN! 2009-07-20 03:16; otis@digitalpersona.com; c:\program files (x86)\DigitalPersona\Bin\FirefoxExt
FF - ExtSQL: !HIDDEN! 2009-09-13 12:19; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1 - c:\program files (x86)\Uniblue\SystemTweaker\unins000.exe
AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1 - c:\program files (x86)\Uniblue\RegistryBooster\unins001.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1501000.012\SYMTDIV.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.1.0.18;c:\program files (x86)\Norton 360\Engine64\21.1.0.18"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
c:\program files (x86)\Novatel Wireless\Mobilink\Phoenix.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-04  15:27:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-04 14:27
.
Vor Suchlauf: 12 Verzeichnis(se), 285'735'464'960 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 285'397'876'736 Bytes frei
.
- - End Of File - - A46FD3C68A5B186627BBB99ACF171CDB
588AE8F0C685C02BA11F30D9CD7E61A0
Es ist alles ohne Fehlermeldung gelaufen.

Vielen Dank und Gruss

schrauber 05.03.2014 14:34
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Ozelot11 05.03.2014 16:38
Hier ist das Logfile von Malwarebytes Anti-Malware.
Die weiteren werde ich in einem neuen Tread posten...


Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.05.06

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Ozelot :: OZELOT-PC [Administrator]

Schutz: Aktiviert

05.03.2014 15:05:43
MBAM-log-2014-03-05 (15-12-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 268732
Laufzeit: 5 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis (PUP.Optional.SpeedTestAnalysis.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 8
C:\Users\Ozelot\Desktop\PCPerformerSetup-1-.exe (PUP.Optional.InstallBrain) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\Downloads\MapsSetup.exe (PUP.Optional.Inbox) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\Downloads\rcpsetup2_softonic_soft_util_300_250_ppage.exe (PUP.Optional.RegCleanPro) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\Downloads\SoftonicDownloader_fuer_aiseesoft-ipod-iphone-pc-suite.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\Downloads\SoftonicDownloader_fuer_avs-media-player.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis\speedtestanalysis.crx (PUP.Optional.SpeedTestAnalysis.A) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis\DeskTopIcon.ico (PUP.Optional.SpeedTestAnalysis.A) -> Keine Aktion durchgeführt.
C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis\install_helper.exe (PUP.Optional.SpeedTestAnalysis.A) -> Keine Aktion durchgeführt.

(Ende)
...und hier noch die weiteren Logs:

Code:
# AdwCleaner v3.020 - Bericht erstellt am 05/03/2014 um 15:46:29
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzername : Ozelot - OZELOT-PC
# Gestartet von : C:\Users\Ozelot\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\prefs.js ]


[ Datei : C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\2wzzcx4n.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ Datei : C:\Users\Ozelot\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [58637 octets] - [28/02/2014 11:18:55]
AdwCleaner[R1].txt - [1180 octets] - [28/02/2014 11:29:06]
AdwCleaner[R2].txt - [1029 octets] - [05/03/2014 15:46:29]
AdwCleaner[S0].txt - [56209 octets] - [28/02/2014 11:22:42]
AdwCleaner[S1].txt - [1242 octets] - [28/02/2014 11:31:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1210 octets] ##########



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014
Ran by Ozelot (administrator) on OZELOT-PC on 05-03-2014 16:34:00
Running from C:\Users\Ozelot\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
() C:\Program Files (x86)\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Novatel Wireless) C:\Program Files (x86)\Novatel Wireless\Mobilink\Lite.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Mobilink\Phoenix.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Ozelot\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [DVDAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM-x32\...\Run: [TVAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [210216 2009-01-21] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2008-12-10] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [MobiLink Lite] - C:\Program Files (x86)\Novatel Wireless\MobiLink\Lite.exe [327769 2007-09-07] (Novatel Wireless)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
Startup: C:\Users\Ozelot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM - {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {BCAB4F68-1EAC-4713-B934-3AA08A45DBCB} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Ozelot\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\searchplugins\facebook.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-25]
FF Extension: WOT - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-03]
FF Extension: Speed Test Analysis - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\speedtestanalysis@SpeedAnalysis.com.xpi [2014-01-07]
FF Extension: Bluhell Firewall - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-02-14]
FF Extension: Adblock Plus - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2009-07-20]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2013-11-28]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2008-11-18] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-11-18] (Validity Sensors, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

S1 Beep; No ImagePath
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140303.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
S3 IpInIp; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140304.032\ENG64.SYS [126040 2013-12-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140304.032\EX64.SYS [2099288 2013-12-17] (Symantec Corporation)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [113536 2007-07-17] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [113536 2007-07-17] (Novatel Wireless Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMTDIV.SYS [507992 2013-09-26] (Symantec Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
U4 eabfiltr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 16:29 - 2014-03-05 16:30 - 02157056 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(1).exe
2014-03-05 16:27 - 2014-03-05 16:27 - 00001351 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[S2].txt
2014-03-05 16:20 - 2014-03-05 16:26 - 00076601 _____ () C:\Users\Ozelot\Desktop\JRT.txt
2014-03-05 16:08 - 2014-03-05 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:05 - 2014-03-05 16:05 - 01037734 _____ (Thisisu) C:\Users\Ozelot\Downloads\JRT.exe
2014-03-05 15:51 - 2014-03-05 15:51 - 00001290 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[R2].txt
2014-03-05 15:39 - 2014-03-05 15:39 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner.exe
2014-03-05 09:44 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Leitfaden Verkauf
2014-03-05 09:35 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Nicci_Nani
2014-03-04 15:27 - 2014-03-04 15:27 - 00018273 _____ () C:\ComboFix.txt
2014-03-04 14:50 - 2014-03-04 15:28 - 00000000 ____D () C:\ComboFix
2014-03-04 14:50 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-04 14:50 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-04 14:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-04 14:41 - 2014-03-04 15:28 - 00000000 ____D () C:\Qoobox
2014-03-04 14:40 - 2014-03-04 15:25 - 00000000 ____D () C:\Windows\erdnt
2014-03-04 14:38 - 2014-03-04 14:39 - 05187080 ____R (Swearware) C:\Users\Ozelot\Downloads\ComboFix.exe
2014-03-04 08:34 - 2014-03-04 15:18 - 00001084 _____ () C:\Windows\PFRO.log
2014-03-03 16:49 - 2014-03-03 16:52 - 00039296 _____ () C:\Users\Ozelot\Downloads\Addition.txt
2014-03-03 16:48 - 2014-03-05 16:34 - 00025071 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-03 16:48 - 2014-03-05 16:34 - 00000000 ____D () C:\FRST
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-03-05 15:51 - 00000000 ____D () C:\AdwCleaner
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:11 - 2014-02-28 10:55 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 _____ (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-26 03:11 - 2014-02-27 03:06 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-14 03:14 - 2014-02-05 11:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:14 - 2014-02-05 11:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:14 - 2014-02-05 11:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 10:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 10:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:14 - 2014-02-05 10:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:14 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:14 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:14 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:14 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:14 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 07:15 - 2013-12-05 05:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:15 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-03-05 16:34 - 2014-03-03 16:48 - 00025071 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-05 16:34 - 2014-03-03 16:48 - 00000000 ____D () C:\FRST
2014-03-05 16:30 - 2014-03-05 16:29 - 02157056 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(1).exe
2014-03-05 16:29 - 2009-09-20 18:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-05 16:27 - 2014-03-05 16:27 - 00001351 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[S2].txt
2014-03-05 16:26 - 2014-03-05 16:20 - 00076601 _____ () C:\Users\Ozelot\Desktop\JRT.txt
2014-03-05 16:08 - 2014-03-05 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:08 - 2012-05-13 07:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 16:07 - 2009-07-20 01:10 - 01876416 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 16:05 - 2014-03-05 16:05 - 01037734 _____ (Thisisu) C:\Users\Ozelot\Downloads\JRT.exe
2014-03-05 15:58 - 2009-02-16 03:43 - 00003580 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-03-05 15:54 - 2009-09-20 18:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-05 15:53 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 15:53 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 15:53 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 15:52 - 2009-07-20 01:10 - 00002140 _____ () C:\Windows\bthservsdp.dat
2014-03-05 15:52 - 2006-11-02 16:42 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-05 15:51 - 2014-03-05 15:51 - 00001290 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[R2].txt
2014-03-05 15:51 - 2014-02-28 11:18 - 00000000 ____D () C:\AdwCleaner
2014-03-05 15:39 - 2014-03-05 15:39 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner.exe
2014-03-05 15:14 - 2013-12-19 21:06 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis
2014-03-05 09:44 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Leitfaden Verkauf
2014-03-05 09:44 - 2014-03-05 09:35 - 00000000 ____D () C:\Users\Ozelot\Documents\Nicci_Nani
2014-03-05 08:42 - 2011-05-30 20:39 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\CrashDumps
2014-03-05 08:18 - 2011-06-17 21:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Windows Live
2014-03-05 01:00 - 2011-04-10 15:48 - 00000500 ____H () C:\Windows\Tasks\Norton Security Scan for Ozelot.job
2014-03-04 15:58 - 2011-06-17 22:16 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Windows Live Writer
2014-03-04 15:28 - 2014-03-04 14:50 - 00000000 ____D () C:\ComboFix
2014-03-04 15:28 - 2014-03-04 14:41 - 00000000 ____D () C:\Qoobox
2014-03-04 15:28 - 2006-11-02 14:33 - 00000000 __RHD () C:\Users\Default
2014-03-04 15:27 - 2014-03-04 15:27 - 00018273 _____ () C:\ComboFix.txt
2014-03-04 15:25 - 2014-03-04 14:40 - 00000000 ____D () C:\Windows\erdnt
2014-03-04 15:20 - 2006-11-02 13:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-04 15:18 - 2014-03-04 08:34 - 00001084 _____ () C:\Windows\PFRO.log
2014-03-04 15:16 - 2006-11-02 13:33 - 87818240 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 82575360 _____ () C:\Windows\system32\config\COMPONENTS.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 26738688 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-04 14:39 - 2014-03-04 14:38 - 05187080 ____R (Swearware) C:\Users\Ozelot\Downloads\ComboFix.exe
2014-03-04 10:08 - 2013-09-17 18:00 - 00002017 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 08:36 - 2009-10-02 15:36 - 00000000 ____D () C:\Users\Ozelot\Tracing
2014-03-03 16:52 - 2014-03-03 16:49 - 00039296 _____ () C:\Users\Ozelot\Downloads\Addition.txt
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 12:01 - 2009-02-16 08:54 - 00000000 ____D () C:\Windows\panther
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:55 - 2014-02-28 10:11 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:11 - 2009-02-16 01:46 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 _____ (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-27 14:47 - 2010-01-07 19:18 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-27 03:06 - 2014-02-26 03:11 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 03:06 - 2009-02-16 08:53 - 00705230 _____ () C:\Windows\system32\perfh010.dat
2014-02-27 03:06 - 2009-02-16 08:53 - 00142814 _____ () C:\Windows\system32\perfc010.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00674274 _____ () C:\Windows\system32\perfh007.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00146254 _____ () C:\Windows\system32\perfc007.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00712102 _____ () C:\Windows\system32\perfh00C.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00145710 _____ () C:\Windows\system32\perfc00C.dat
2014-02-27 03:06 - 2006-11-02 13:46 - 03209056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-23 18:08 - 2011-09-15 21:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 18:57 - 2013-08-19 17:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:50 - 2006-11-02 13:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-17 18:34 - 2012-10-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 17:44 - 2010-01-09 13:58 - 00005580 _____ () C:\fpRedmon.log
2014-02-17 17:44 - 2010-01-09 13:58 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\FreePDF_XP
2014-02-17 16:51 - 2010-10-10 14:52 - 00000000 ____D () C:\Users\Ozelot\Documents\Bewerbungen_Arbeit
2014-02-17 11:24 - 2009-09-20 18:59 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 11:24 - 2009-09-20 18:59 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 10:25 - 2013-12-12 16:45 - 00001875 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-10 13:45 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Apple Computer
2014-02-10 13:44 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Apple Computer
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-05 13:28 - 2009-11-29 11:38 - 00000000 ____D () C:\ProgramData\Apple
2014-02-05 11:19 - 2014-02-14 03:14 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 11:02 - 2014-02-14 03:14 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 11:00 - 2014-02-14 03:14 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 10:52 - 2014-02-14 03:14 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 10:50 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 10:50 - 2014-02-14 03:14 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 10:50 - 2014-02-14 03:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:58 - 2014-02-14 03:14 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-05 09:56 - 2014-02-14 03:14 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-05 09:53 - 2014-02-14 03:14 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-05 09:51 - 2014-02-14 03:14 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-05 09:50 - 2014-02-14 03:14 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-05 09:49 - 2014-02-14 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 03:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 03:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 03:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 03:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-05 09:20 - 2009-09-26 08:49 - 00007916 _____ () C:\Users\Ozelot\AppData\Local\d3d9caps.dat
2014-02-04 09:55 - 2009-09-12 18:38 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\Ozelot\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-05 16:00

==================== End Of Log ============================
--- --- ---

--- --- ---



Vielen Dank!!

Ozelot11 05.03.2014 16:41
Das JRT-Log habe ich noch vergessen.

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Ozelot on 05.03.2014 at 16:08:05.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ozelot\AppData\Roaming\getrighttogo"
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0032796B-D916-48C1-91BC-CD86278055DB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0067D3C5-CD03-4BBC-AFB6-0E31D03E8CEA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{006D305D-F47A-4BBC-9F21-7E4EF9A36BB1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0157BDC8-2C95-45A6-9CB8-55C82C13BAE1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0215B0BA-F748-4E88-B30F-910BCAC09C76}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{026D0713-F267-497D-9DF8-8D92649DD4D2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{026F169E-ECDD-45CC-9E53-945FB62CF8FE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{04263A7F-A69F-4129-B981-35F51419FBAF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0531A8FE-AFC1-4C25-B053-EF75E55D3977}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{054437F1-162D-42E3-96AE-5E592F6FA613}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0548A72E-7DFC-47F5-97B2-F82D8E5A1614}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{05997CF0-3EFF-4CA7-AC21-07DE1F2DA1B2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0605F0FF-3463-4CBA-9E4B-6563935F5240}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{06CEADB2-DB7E-4EF2-802E-EA61D6EF8C44}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{06DAB753-F7E8-4EC5-ABB5-3FB59B238DC5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{07803203-F1A6-4F92-9FA6-0EE90DB80D3F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{07A8D2FC-B716-4856-AFCF-7FEEB617829C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{081D9590-66D8-410A-BC29-33A1AE9FFA41}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{08259FC7-7501-44FC-A449-27FDA25BCE1C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{082C16F0-15BD-4221-8F74-F0C1BE78943F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{082CFD34-6668-4579-A8C0-087ACB37914C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{08B363A4-B68A-4B38-AA1C-D1D0016F9A8D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{095FBC01-75E6-4686-A73A-E8CDC7CE6D6B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{099F7636-226A-49D6-82E5-440A7FE431D5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{09AC3DD7-8456-41AE-8C11-F373F4DEFE61}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0A0CC14D-2A15-4494-AF0B-66E68F92DB70}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0A34C133-02AF-438A-97DD-4BBA74BA06BB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0AD79569-4F66-41F1-8FC8-58730DA1F905}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0B4DB313-2900-4C00-ADCA-6A6C81AEBBDD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0B5D38DB-E8CB-4CA4-9A1D-A18A88C6C303}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0B65FA8A-F067-44DC-8620-89F7A8115C43}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0C6C74D2-495A-4303-9F75-F9B6ACFDBB56}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0C8CFC23-40E0-4AAC-B54C-97091237B48F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0C9F35EC-AD2D-4046-B536-D6C5ED4424D5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0D17F15C-C6F6-4323-97B6-EC241886FE40}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0D44DA5B-BA46-41BC-ADF8-B6FEF7315253}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0D4829A0-30A6-4E65-9465-326D7296EC9D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0DCD2EB0-2440-44C0-8DE1-7BB5F7FC61F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0E335C16-5CF8-4316-AF68-8440216744C0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0E42D508-1E83-4BA8-9370-F840B6156217}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0F3B2CCD-0B1E-42C5-A749-A640F654E62D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0F5C38F8-8AAC-484B-A7DD-551B0510260D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0F914951-31D7-4250-B5AC-9B27E431F503}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{0FABA708-21C3-43AC-ABAC-30CF9D6BEB4C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{105E0F97-3DB2-44C0-94C7-79786C09E483}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{10673786-312C-41BD-9824-DAACD419C2F2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{10965BF6-4F99-474F-B4F2-FACC900BB6E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{11221D9A-7A59-4607-8416-BFD23B4184B8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{117B6422-3238-490C-AF1B-ED132244F9CE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{122EB021-0A93-419D-8471-32523300C651}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{12D82574-BF22-41BB-98D2-365E31279578}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{13223CA1-2C90-413C-B525-5848543A5904}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{13746A6D-2C1B-4D71-969D-6FE24D4A5DDC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{13E61336-56C0-427E-B50B-D2C770F06070}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{141B4CB8-A144-41F9-AD8F-7EF2DCAEBAB8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{141C6D0E-5A3C-4C7A-87CE-97E2B0AF711D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{14A6250E-042A-47AC-98B0-AB2D2FD6036C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{14EE834E-A991-408A-8624-53F568C90766}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{158D0A25-8D54-4D09-B664-94D42D0B4579}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{15AACBA8-AB2D-4E83-B90B-76A858168E46}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1638F4B5-907C-434A-9765-EAF9BCCDDA80}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{16706263-7332-408C-8BB2-58CF709FBFAF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{16FD41E7-43D3-454B-B9D2-E7C812451947}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{176CFE1A-8BB6-4340-9343-FD00A2DB882D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{188D70FE-2CC9-4C96-82C9-29C53C5BEFDC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{18DCCDA7-0299-419C-B591-CF84A6D2FA66}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{19274108-B834-47A3-A3E6-9B57E6FA78AA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1A74BAE2-FB30-443D-9AA5-CB33674A0961}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1A780629-9CB4-4AD9-A619-394C4AAB1DEE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1B3CB8CF-2333-49DC-B84A-53A10041CF6B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1BB23123-34A4-42C3-9E86-CAC186F9DEBC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1BF138CC-61B2-48A1-9D9A-A1BEFE2162DB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1C6866DA-E669-4F98-83B6-D9A703E0A118}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1CBA268C-EC2D-4DF2-B53B-BE5232FB9F1D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1CE85D45-F9FB-465C-AEB8-3379F01E3C66}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1CF98F91-CF89-4D7E-9491-6F39D454584C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1D199400-7442-45FD-9170-B48738DDD2E4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1D4956C2-B166-43E9-A1CE-34A19B9A9470}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1D57A2F5-B478-4D9B-ABB9-C9A46917B5F4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1D9B1298-FFB9-4A68-B395-2133742DA273}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1E17AF30-A9F3-4861-95EC-FAB8FC5A768E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1EA22502-9FC2-44FE-ADDF-F61CEC98FACC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1F298F19-656C-441D-82A7-C35755367737}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{1F6050DC-DFEC-45BD-A38A-B9325499A9F2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{203552D3-7DD5-4392-A8FA-35796579F718}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{207A906B-E4D2-4762-90C7-8D23842DE396}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{20804592-4DCA-492D-B3C2-2B4F95FEC5E1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{209444E9-FA04-44C8-B6CF-6C08D9A9EA39}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{209EB646-2011-438A-B8DB-F5997B77E446}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{20E48C6B-C82A-4632-B514-1F9728F58FAD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{210FB6E6-8BFD-49B0-AC9F-630D03CA0C23}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{212973F2-608A-4C8F-AE9A-ECFE81D7D8D2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2197FDCC-9736-4FD8-B9B5-D1BA8E574044}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{219E0DAE-2CC2-4B2F-B985-CFD99773FA17}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{21AA1D3C-4010-4ECE-A663-E98BBC915375}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{223156E3-19B6-4758-8D82-8F26414DC15F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{224867F1-EB20-4420-AC29-32247D3D906E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2394EA2D-09A6-4653-8D3F-6070826E255E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{24603BE3-2281-4C51-921D-D6BF10566D45}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{24BFC24C-64E9-494D-8AFE-121C5F970D4B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{24C93159-57F7-422C-98D1-E0E733DF1E49}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2538E83E-A721-4120-A473-5031B9D70CA4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{25B36721-2254-4E90-BF11-A2433C03E9DA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{26077C60-B7FC-44E4-95A6-58B13F438EB8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{267C3171-9E97-43B5-85DF-6BA69C2FF810}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{26989706-E594-47BC-BA23-8E478480977F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{27BF784C-4C96-4BFD-913E-18551DDA791C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{292566A3-9021-4F4C-9CD0-4B340C1E0AF7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2944D7F0-3BD8-4E20-97DE-311C2E2073D4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{298021EF-4F56-4A7E-80CB-694EA9AC5C88}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2A02F33D-7792-4915-A4F5-A9A6DD1D922A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2A1575B2-1247-4A48-8D28-1B12D0AD0329}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2A350295-7E6A-431E-9011-4E1D4FC751B0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2A9825D6-E115-4719-AF68-E77FF930CDB0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2AA641F8-794B-4D1C-A03F-FD24A15D0103}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2ACEDF4C-1AF1-4A3E-8E85-81C215F28948}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2AF89353-F815-43F7-B866-AFAE11860DA5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2B43041C-7D92-49B7-B043-A5D07361E9CF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2B476A82-8A54-43C3-8480-7BD46DB899ED}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2B5C94E4-DCEF-46EA-AE38-A99DFEA55885}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2BB2D56F-C082-41FD-BF4C-38B3413DA092}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2C1F69C4-7ED9-48D8-8865-884E21C42EFC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2C276B41-82AA-4303-AC82-F21FBEB34FD6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2D2DC76F-4285-472E-8D01-EAB925F1A4C5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2D4FA9C6-8B82-4F38-B3A6-1F462B40F623}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2DB6B8FB-43F2-4429-A51B-1B8E25081401}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2DD01D19-4307-4EA6-95FF-09AC00EAE080}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2DF38B1E-B8D0-4399-A5A1-20DDDD22E827}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2E269E9E-730D-44CF-9823-DCD4ADC27127}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2E463649-14F3-450D-8A2A-3192F88B9AAC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2E93FDD3-B809-4D52-AD41-024F8E9BCEDF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2EBBADBB-1838-44A3-AD18-88010B7ABD06}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2F06F7C7-E6CB-4C58-9259-FB9B5B00DA7C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2F2ED2D5-0D54-47CB-8295-C1D20B64404D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2FC7BFD5-7CC5-4FE0-B71F-9B92F9677676}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{2FDAD5D6-293B-4219-BC8A-6876398770D5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{30034691-588E-4FC3-A43E-30FE6CEB60E0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{306ADE03-90EE-4758-8523-62CBE5DCF66A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{306B37D5-9EEE-435A-A17F-F543FBCE51CD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{30739953-3955-4DF8-88FC-B81769042777}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{309095B5-4E1C-4569-9CC9-92922E483DB9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{30A89518-71F2-4708-9CAA-BACC8D69E382}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{30F56410-EA3E-49F2-81B7-2977B9E71294}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3103C468-5747-4A84-925A-C14C7A14C0F8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{319CF3B6-46FC-4EF9-89D2-1F353582C92B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3210BE62-8944-47AA-8A28-87255B2CF246}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3243A17B-AEF2-44FC-852A-5E845BB25378}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{33348339-516B-4463-BCED-ED1FC8B03C77}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{337310E1-B216-4D14-ADA3-33C50D32975E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{33FA34D2-6FA2-43D7-B4DF-71CCAD8DE28A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{34000698-3E4A-453A-B788-1632D0BC3D35}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{340DCCCF-C7C4-46F8-AF20-01DC8E4CD3E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{341C6658-1B84-4D28-821B-3241683C1B8C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{343EB4C6-54D2-46E5-8065-968202F5A549}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{349CA830-12B0-4436-8CDD-E671D612AD34}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{34F84058-24B8-4B89-A930-84ABB26BC158}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{360F68F6-A811-4EA8-8BF3-DF4A78669BBE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{364566CD-F95C-451E-B71C-9DE6CB1F33E2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{364C2C6A-1544-4329-8655-53BDA9E80F92}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{365DD81B-4A55-4BEB-80BC-2E14FEDEC117}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{368178A5-92EC-4A70-86F2-EBAB458738D4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{36BA2D26-3575-4A79-933F-9A269E2AC03A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{376E4BFE-D3FC-413A-94CD-DA03DA79FA8D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{37CE2891-A669-4186-986C-668E5246FACA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{37FF7527-2D48-49DB-A41E-53979259E824}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{38B12D09-8B21-4628-89D8-FBF32CB0D613}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{38B51D0D-68C0-4FA4-9BB4-910DCE8143CA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{38F680F9-9D78-4D85-A959-AEC42C2B7FAB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{390F5122-14AC-4CD3-906D-54B4C4F5A2E1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{394E576D-688C-400A-9D9C-9513D988FB96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{39A227FA-50F9-4B3D-94EF-E794EECF8A98}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{39EB2450-CB06-4957-A40E-AF11367B248B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3A9F4CDB-4F72-488D-A464-D431B1D206F7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3B2BBF01-7B17-430B-95E9-E01DDF2B69EC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3B972461-2461-4616-B797-B788C71587F6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3BE4B86B-7F43-486F-80B8-21FC3D08CE01}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3C7E574C-C020-4339-B54C-85AF616F2C67}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3D16A694-72F0-4A17-B3D0-E6484A14892B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3D715DDC-9663-465A-B7F7-FD503B05A80A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3DF9B043-B3E3-4B20-BD64-7D474105F69C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E0AEDA3-FCCA-4D71-A373-57615FD2655F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E4502C1-7132-4AFD-AD4D-657E1C1DDE7E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E55F4A8-D7F0-4F7D-8ECE-AC9DB1D62C14}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E62C629-63E4-422C-9431-842D58C2EF37}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E6FB986-C59B-461C-BAF3-CAAE0AECC920}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E710403-670C-47DB-A702-7E555A6B24E1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3E9B2F76-14C3-4FAD-ACCF-8D14DA87CA10}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{3ECD5CEB-0568-4CA4-92F5-90063F97B329}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{40137A56-FA87-4376-B852-F01BA1018A82}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{405CAA4C-A382-40D8-B8A4-3DA17D571A17}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4091BA25-A3F0-4B4C-B032-F107C80E690A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{40A27326-1441-4656-82CB-40D61DC40EFB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{40C2A2FB-0C01-432A-885D-C25F8F657E39}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{40F2F8FB-4692-49EA-8037-11AFA907EDC6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4115EAAC-66AF-4152-8F49-4169E63C79A2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{415A2460-B651-4184-AD5E-FDD412274B71}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4199F3E9-8AEA-4041-8B8D-B89BEFBE62A2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{421146CB-348C-4E70-A2CD-51BAB2AB0301}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{42FB7943-BF0C-4D8D-9AAC-B3FD02ABA6B5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{43166FB2-CAD9-4E6F-A105-B36077DBB0E5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4336788D-C08F-48F3-90A6-C33BC66FB266}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4355D12C-A7D3-431F-954E-32134F7FC661}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{436C20FA-A421-4257-9CF1-4B9EBB02F5C0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{43A452B9-BB8D-45A6-99EB-29EC0CDAD8BE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{443F6766-70E7-4541-9D3D-D0BE245B012D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{449D197F-19C9-4488-A0DA-C9335469A543}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{44A6A7BA-4202-4C8A-8334-C2DFA8C3FD2D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{44F12243-B9B3-4938-89B5-61D37B386262}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{44FAAAF4-69F0-4631-AABD-76B1397B9257}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{451CCDC0-0798-4986-A1A5-F4CF2454CD96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{454F7B7F-AB3C-4D21-97FC-DB0BFBC24D2C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{45E022DE-3ED5-4541-A9B3-5940E06CC860}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4662E2AA-4F43-43F2-B0F5-7833664A0F06}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4668E098-3E46-4E7D-A704-CEF23DC91A0B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{46E1D23C-E13A-4FF0-961D-AADA30632609}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{47046CB2-9179-4A58-A5DD-93908B43A18C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4751096D-3C7C-411D-B902-511E6B8AC888}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{47F4B66E-B73A-433A-B292-D3257ED86120}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4800D662-A6D9-4DD3-9BFD-6BBE0945C987}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{482BD66D-AAA7-4E97-B3FD-C718A39BF805}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{48689A31-0507-4BD5-9044-CA4B3D406D38}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{48F6CA8B-3C91-4D7B-B989-CB346FC40929}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4901E398-6ED8-4A59-A00F-ECF8D60A2FD0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{49251764-0D7B-4050-8FB5-CD9729F9896A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{499B2E9B-FBC7-4EDB-8FCC-C1987643F375}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{49FABE05-BA6C-4A37-A6AF-EA67000F7420}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4AEE0933-5FB8-4E6D-8201-F3DFE18DE2B4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4BD59A8A-F571-4B00-B4BB-7E3B5E00B25F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4CA4FD70-712B-4D0B-BCC8-0B0E98A5EDF3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4CFD225F-9A93-42B2-96BB-6CF4E55C6F69}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4D785070-F77B-42F3-8ABA-B0946E00ACC8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4D9F75FD-B718-4973-AD6C-CE8F5D2C6646}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4E1262CE-6411-4BBE-BE57-77428426687B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4E3BFB28-CB9C-4AD6-9381-33E9DCE9F0A2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4F62E02D-8D87-41E9-AFD9-02A367AEA479}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{4FBC02A9-A7E6-473F-A0A5-9821B9906B3C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5025572F-9B96-4EE7-8AFB-760815C69ED1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{50B808C1-4F8B-4852-A33B-67AA428A22F4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{50C47424-C899-4D51-B486-DAA6720296EF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{52739F9B-E25C-4473-B5E0-15A868F9C4D4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{52D5067B-BD17-4136-89FF-6E80BBB2BC2F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{53446750-C1F4-4E78-AF80-678EE9BB9DBD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{536BC9DB-DFE7-4802-840A-D29D66393FC6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{536D5C09-0B33-4B5A-904C-DC21C6C3D34F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{53B49342-5352-4D55-BBA7-C5159AB36CA2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{53C150F1-508B-429C-85DA-3FAA839A5E80}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{54CB8A3E-B705-4EFA-AA58-A679929143ED}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{550984D0-245E-4348-A166-6FE4E9C7E02D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{554EA0DD-9F8C-4771-818F-F9C8C7622BA7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{55FC913A-A86A-453D-BA0F-3266CF6FCE0B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5620296C-E074-4C1A-88F6-F9E5846EEDCE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{562BFCF4-E5A7-493E-B3C9-4BCA885D8D73}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{563E4666-D234-40F0-A2E5-EE5EFF9D3F15}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{568F0496-A324-46F0-8D52-17FD76030AD5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{569B20A0-D2E8-421E-9F98-ABACDA702E3A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{57C168A7-A40E-4E3F-AEE4-D08B7DB68B6F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{58306063-70B5-470F-A29C-0D67469DE5A6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5860D664-5161-4662-8038-0AD59B9992B9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{58614FDC-5E3B-458B-8D37-C3A30054E272}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{58840EFB-1C92-45B6-AD99-59F569216599}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{59073C77-2DF7-4825-94C2-CD53932C7F78}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5953F749-A6BC-4B12-97D7-91DDA99130B9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5960814D-88A4-41B1-ABAF-86AFAC18039E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{59D35720-4D49-416D-87F6-9CDF6AE04223}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5A151A43-A239-476F-8549-FBA3AA8E555F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5A152345-4408-4D5E-B0E2-61C4AA378DA5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5A5A3013-F25E-4382-B085-1F90D906F794}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5ACFFCE6-EF00-43B5-BCBB-AD1EFD81CE28}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5B19E830-C2C7-4D95-8AB9-18C3BCB0E7F8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5B5673D1-0BEE-4ABE-9512-905F2AE2C1F1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5BB06215-A2E0-41C6-9AC4-9AF5E13595F6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5BDD4C63-C045-4405-80EF-63C3729B9CB7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5BFFC6F6-8C88-4F4C-A20C-97C49C272512}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5C5E4AAC-4619-44BD-9729-B7374B0D5715}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5CA54DC0-02B9-44AF-B8C5-223C51871D9F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5D253B1D-C12A-4369-9D3F-422E64D67EE3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5DDAC483-F84B-4E89-BEA6-CC9D3D69EF8C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5E85AB44-8B25-4F31-9013-FEEE816C7281}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{5F7F7DF3-476A-46B9-8A4A-57DD7CE85944}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{60800A62-04BF-4BCF-B97C-613C096085AF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6103E32A-AA32-4E36-9265-3C57AF9A996F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{61ACD3E3-19E7-40BF-9C9C-574BA42D112E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{61DCD5CE-9D53-44BF-8FA8-20B7B9D7F7BF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{62085467-9C4A-46A5-840E-96F6F8D9C5BE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{62156537-E869-4613-837E-C810181923A4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6273285E-2D41-4ED4-908B-CB7986591F35}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{630861E6-5D8A-4BA8-926C-F452ABBF004B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{63400C03-3C42-4B44-BFE5-F859F3E3D059}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{638A9071-6D76-415D-895F-B3786005FCF9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{63A3F174-69CB-424A-99E3-FD6450FB357A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{63E8F616-8362-4189-B84D-21E4ADCBD5C8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{63FC8EB0-D89B-4B67-8EB5-F789E2EF94C9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{644F6BCA-909A-4F0A-BF7E-72F7959CF75C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{651114FC-AA25-40FC-B8E0-D0758FB76918}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{65151505-26E4-43FD-94A2-C8E63858A541}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{655E3D6C-842B-4C8D-A10C-512D60E51160}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{661D12B4-F220-46EA-9931-64F947EA2193}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{666071E1-8CEE-481E-9F0F-A51A55015643}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{66CC085D-ABC5-4EB3-BBF6-F3C57E44B46E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{67AA46AA-6141-4B38-A188-D4D4B674DA0A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{686BBAEF-2A1D-4B84-9FBC-256BCAB57E36}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{688A49F9-1DA6-49A0-B0CC-70FCB9F15765}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{699B90C2-C292-4DEE-8FAF-558F88C9F72E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{69AD61B8-058B-40D7-B1FD-7DBB17618BB7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6A11F500-A3A3-4945-ADB7-51745F7ED761}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6B785905-191C-42C1-B851-FD84503D42E8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6C4144EE-4A71-42B1-A71C-02B5D94151E4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6C4828DD-101F-4F6C-8C31-63A6359685EA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6CE3B740-1D8B-443E-AFD1-FADD31CDD6C1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6DA11080-1433-44C5-9438-393E97DE8949}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6DA40644-B72F-4C70-90EF-5D1A11F2C6EF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6DC50F43-8580-4C8A-AFFC-4D91D580F8F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6E85D7E3-DEC4-43CC-AE60-F17C3486275A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6FC151D6-9C47-4B17-8D36-83294D108283}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{6FD98007-862D-40C4-B2C0-FB08D7899180}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{70CFCF98-C154-46D3-BB47-B92A98C040C4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7102736E-8AA5-48EA-B187-16E46239C23E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7113B7E1-508E-462B-A94F-26E068ECB62C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7181F141-6CBD-496A-8538-2E7A2B8BE88B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7214BC3C-3009-4C5E-BE17-7AA25C997CCB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{725142D4-ED84-4791-9977-B48A6ADCFE76}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{72582952-3479-4F05-9EAF-30EDCE0864EB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{730A7A97-11C1-4536-8BC5-CA80A2FCC891}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{73336BFA-8FD1-4157-AA8D-DD4D5912891E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7336452F-671E-4DF7-9304-8F36BC8A9E2F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{73AE4657-E889-4794-B552-8073043F9533}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{73D29235-BA56-4C09-AFF2-205A4D1E80E5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{73EEF585-56B8-4A0C-8870-CE1B6E78ACCA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{73EFF2DD-0121-4988-80F6-2B05A7C2C4A1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{74A129EB-8A82-4287-A76C-453B2CF498F7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{74BFBA2B-1168-4BC6-9497-AC8DFB2337D2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{74D7DFEF-5ED0-40F2-9DA2-63B8029956F5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7581BBEA-FDD7-423F-A7A4-6D1F24D25BFA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{75AE6D46-848C-4515-B4A9-F4DD6AEB1804}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{75FEE936-0CBE-480C-A6F0-468391014FA4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{76F35734-FB1B-47FF-A518-B5D60C93F460}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{775FC5EB-3998-47B6-809C-CE8B2E5A773B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{77E016B0-2190-49FB-A677-3CE07E575C96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{788EC087-C3F9-46C7-A0F6-577AC8EE8356}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7898DBCC-E7A7-43DB-A9DC-F199868EC321}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{794E2176-A59C-46D9-AB4B-EC163DDE00F3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{79E613A4-6985-43DB-8521-BC7498E6DB42}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7A5973C8-B75F-44B7-9A07-A616942E8148}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7B2FECFD-5BDF-4FEB-B2EB-A0FE4B9ECA95}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7B6D7325-8F24-4E41-9F1F-F87D489649EE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7BE39993-C046-4FEA-A2EE-47E41F8877D1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7BF36024-54AA-40C2-8CA9-DD3306453B87}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7CF7391D-7ADA-46D6-8461-E4255144757F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7D7C34B2-1C6E-4F1F-BFEE-6A501E5E4675}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7E22E7BB-BEE8-4AC9-BC2A-6BA8EBA537E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7E3898A8-1B9B-4945-9420-0E3B965FCCCD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7E60ECCA-6831-404F-9C13-37D8370921AD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7EDC7325-DB87-4262-8274-B0E3E65A02CD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7F9E9CBD-164E-4401-BD66-0AEB9BCF7DD9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7FBE64A6-6151-49B3-82CA-E3C8E6CE1F22}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{7FE0841E-53B9-416A-B2C7-6D7E45386DA6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8035873E-9AC6-436E-A30C-1646BD049151}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{805CFEB2-1A66-4D74-B7AF-6FC501F3B361}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8083CC3D-4CB1-4DFE-80BA-06FC7BCC2DE4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{809CD698-4D34-466B-AA0D-203EAB714B14}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{80E307E5-A513-495D-BBC0-797F0A61E243}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{80F67A42-0F79-43CC-97B2-8EA42B3F33F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{81044C22-E6D6-4EFE-BBC3-A4DFDC627716}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8143429E-3DBE-42D1-B201-814B156D10DC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{81579DBA-BF0A-41E2-966E-1F2E0A86CA5E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{817731A6-502E-464C-A5F6-1FFC04D2745A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{82A31612-F93F-4B74-9023-5F48E1556279}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{831F73F4-B649-447C-B1BF-D1A7B42BCC90}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{83BE5066-A007-4A5E-B3DE-A1A23A22F9A7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{83E1851E-1334-4A32-ADF7-C62C69ABA8C5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{84391768-4240-429B-94CB-81B85734D952}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{84E959E8-FFF6-4C0F-886D-3DDD11313036}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{84FD9203-5B92-4500-9B3E-D99F1A5F7B1B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{85360627-FF48-44BD-A4D8-7E125DB82BFB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{85C90080-339A-47C1-850F-3FE9BCF0E7A1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{86701780-1D9E-4C5D-AFBA-9CDFF8CD2F42}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{86765046-7BE7-4666-856A-2A43104D609C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{87B7BC43-D4A9-4301-81DE-2DCA367C2814}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8820449A-2287-42DB-9A29-F77A2BED146E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8905A8B1-8D0A-4155-9BDC-E1AD10343E36}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{895EC47D-9EA9-4319-8535-8C5458D0A969}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{89B31351-C8E0-4ACF-8F43-38C594ACEFC3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{89DB32DA-B692-4451-A4D7-9E3785FF6854}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{89DB82A8-8CEA-4343-827D-DCFE277B3EEC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{89DE395A-6E5A-4962-B3E3-A8718421A254}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8A6DA52A-B8F0-4363-BB4C-464007F5CE22}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B324FFD-1149-48D7-950B-4431F20FCC61}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B3E911F-EBF8-49FB-86E8-726D09419D8A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B597D47-8C23-45A4-BE4F-7318793C09F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B6B020C-AABB-4414-8BE6-8840EAF98A36}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B8733B5-CF21-46FD-8616-2E8E2A2C41DA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8B90B49C-5078-4D8D-94FD-7D90FFDA9551}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8BD329AF-350A-4AF7-B0C8-E4FAE705D71D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8BE2449E-2E32-474A-A002-7B433881E1CF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8CAFC64D-3CA4-4FF0-8885-918677F61F39}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8CCACEDA-89F7-4EFF-9AA6-75B69A8CC3A7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8D0C044A-5FE6-4932-90DF-C8931431E8BB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8D13606F-014C-4CDC-8635-E8E8E114A080}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8D39E806-888E-4091-9809-238B282AFA94}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8D53E27B-0536-4C93-A0D1-4A6E45C2692D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8DA8D8C3-523A-4A67-BDD9-239F145FB886}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8DC14660-F63A-49BE-A27A-6D39AEAA6579}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8E434E24-26E7-4B98-879C-5150A12AB4A3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{8F86711E-593D-4345-9067-98E63ED37734}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{90035CB0-38A1-4972-83F5-5BB0CCA73BB3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{900DD2C5-9989-4676-8A33-3222BA37BB03}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{910B217C-7EB0-470F-9017-C79FEF6D8709}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{91567191-0A14-472B-B95C-125C055785CB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{91E435FD-5364-46FB-8851-863FFD12340C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{92A8EC8A-3924-4786-8153-FA34AC0D82DC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{92F189A5-8E06-49D4-97FE-DC392D0B8076}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{930DE1BC-F65D-4116-89AC-C5BEBE1926E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9331D794-5156-4802-8296-B0E8D7AF050E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{936D2B12-DDFE-4B22-B261-E50B43A2167E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9414B54B-DEBA-4AE7-918B-50900DC4ABE3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{94177C92-037C-4184-BF0E-DE2DCE8995F3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{94C0684A-BE12-436C-B717-10BD5E369787}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{94ED6C2C-8E4F-4FEA-B6DE-F1A292A19931}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9535F73A-187C-4BB0-9AC5-1621ADB71995}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{954D9C17-6932-466D-9CF6-222DC166E75E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{957EF8BA-4C76-4056-8990-EE70333FF807}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{95C10FB7-44D9-49A7-A9EA-474F05C512D9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{96C6EC1A-CE99-433E-8F09-5AE261E15EA2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{96E71F71-9205-46EC-BBE3-DAC487933B36}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{96E9CDC3-757A-4C54-9EED-1F854664517B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{97C12CCD-DED0-4A5E-A15E-C2D2404F0CD8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{97C59188-5B5F-4B61-919B-7E51FEE37EDB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{97C89904-E63B-4F94-8B28-4A8B6CA90AFF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9841E843-4191-444B-8C55-C8939B05CE8B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9850BCE6-E343-48D9-B68E-1D2239A79025}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9875BE1B-5A42-4493-923A-AF545F4AAC79}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{98978C25-0A12-430A-8EF0-89E96D82BB87}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{98B7C325-5851-431C-B1BC-E36FB4A195EC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{98C9FF86-0B7D-44D2-8FD0-9074D25FFC99}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{98D3B33B-30D1-4237-8A31-C01EA8911F45}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{99724C58-AFE7-4E32-AA9F-7006E58D6354}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{99F420F4-E20B-4D6B-94F5-1DF734DB8DE8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9A0B2C2C-55EE-40D8-BEC7-01FEB3855E0C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9A2C323E-8B48-4D9B-B9A7-AC9747DAF00E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9A33D594-A214-4F63-9786-F058766D7B03}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9A87A2D5-D89A-4E2E-B6EE-C597DB2BFB86}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9B307E18-357C-4F89-82C9-270289B536A0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9B62FCE1-B5FA-40CB-8E87-F6D751294B25}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9BB4CBAD-26AD-49E9-88A6-BC4A3CA7B667}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9BFBA71A-4A4E-44F6-9179-482123BBB73B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9C551D1C-A5DF-4C3A-93F9-D6FE47E47507}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9C9791CE-FD64-4148-AD83-437FC4440634}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9D3144E8-7474-4E6F-AE7B-13438133299F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9ED5121C-23A0-4712-AD75-F068FCFB7286}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{9F4D3D87-6C48-4A74-92B6-673F1CC37F04}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A038EA2A-3DDD-47C8-A58A-54DE8D3139BD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A0B946DF-CDE1-4073-88E7-83E2DEAD1E69}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A0D94C5D-C3FA-466D-A7D5-E170B6E5EEB3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A145F1A2-671E-4FC6-9061-558350E21012}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A18076B7-FC7F-43FD-BD1A-B1170540C2D9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A19B273B-BC01-42F6-98FE-316EFE033174}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A227E404-CA24-4E38-89F8-AA480E0A2943}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A23C615A-6C41-45EF-8A97-686DEB829C89}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A25974B9-C69B-43F9-A481-0C771D3A9B96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A31B706B-F80C-48D8-91E9-CA2006DA42D9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A31DA374-3083-4FE9-BD71-4243F36FEBF2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A3BC1CD7-0E66-4AB8-911B-7837C065A487}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A42DA0FB-4F99-40E1-8EC2-6EEF08DB2D24}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A4D1632A-0884-43DF-8B1A-AAEC255F7AE1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A51510D9-37FD-4678-A614-8E068059FF6E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A51931CA-6570-4297-864F-29E9702714B1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A5F6ED4C-45E0-48E2-8B85-AED5AC98D54A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A60382B0-B6EE-45EB-8A6C-A42E7A0CAE5E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A603F0C2-ABD7-401F-A288-972D97E65115}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A66A41FD-E130-45D2-917E-66A9A640FCEA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A7110E4A-3A6E-4D7C-B336-1ADFD7BCC14B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A734F345-A99D-4E67-9D03-E464E83C279D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A7C430B3-A479-4C30-B755-179E4AE84881}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{A926C37E-4D59-412D-B6BB-448638E40F2F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AA15D918-0EB2-49EC-A832-B3E6D2F6B1FC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AA5AC501-A409-46CA-8026-6C84575B21CA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AA65425D-0327-4C42-A15E-F5198839C3CE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AAA4E2E1-0E5A-4D3E-8330-B58019FB2556}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AAB4F1FD-9B2B-4E3A-AF58-7B2C3A2D3588}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AB725231-71DB-4594-856E-F882C3988D20}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{ABEAD8E7-3A79-4D77-B96C-395B36C2FB2A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{ABFE4B1F-1448-4839-903F-AC5C34FD3A56}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AC153B00-4A0A-4C9E-9FB1-487485B460BA}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AD219BC7-DEBC-4F17-B8C9-0CBB73794179}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AD5AA9B2-D95A-429A-A833-621A035756C6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AD7E9F01-6679-41E9-91AC-60F88737D87F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{ADA6825F-EBDF-451F-B4F1-4F9D9CFE8B64}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{ADBF6696-43BD-414D-94ED-83C45986FF14}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AEA4A0EA-F78C-4E98-9629-4BB827552535}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AEE5B398-B677-42C9-862D-1CCC61371B8B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AF6D8CAE-BCB2-4529-A3D4-27591712BA99}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AF7361F5-D471-4281-BA5C-72D515210065}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{AFFCDD2E-6EDF-489F-B480-B80D323A132E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B05F62E2-B819-4491-8E6B-F4E7AF75C6F6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B14E077D-2525-406A-B7EC-848CDE4C41A8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B3CB6472-ED0E-49A3-8AE9-38FAF7A5CB0F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B3E2C32C-6F3C-415D-8518-2C5570AF0FEB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B3F37621-176C-4B98-8221-A8E7F3016BC2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B4EEC0BD-F533-4EC1-AA01-E010E32A17E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B56C6E50-F537-406F-B48C-C078FFD07C8F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B5849277-D513-44C3-97F3-9951A4D7D8BE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B620BE8B-7D25-4C39-A878-5DA65614B050}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B6802A95-DC23-4058-954F-AB7CFD29CD26}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B7411A07-39A3-44CD-9374-D8D03AB1F3CB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B7434DEC-D741-46CF-9C3E-3B100CFFF068}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B7D1D89C-1791-4132-BA55-0633A382CAD9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B7F79110-EC33-44A9-8AB1-A5581362B8E2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B83BDC53-AF82-4BF8-AAAD-139522FC31C0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B87863A6-6C5F-474B-999A-0B3463BCB85B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B87B13ED-5086-4734-B78B-D5123DCB428F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B95B8323-2D6A-475C-8B92-F791B7FDB7C3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B96B4AB4-C47A-4705-A4E6-76E9E1EAF953}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B97AE52D-DACC-4158-8B10-525B307AF823}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B99EC9D3-AFA9-4AD9-959A-6122EFDD46E0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{B9BAD710-76BF-4A3E-843D-E6DFD1ED1794}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BA231A87-23A3-4771-A216-EB2849C5DCD3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BA39073A-4E35-4E93-B1B8-A5785144F535}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BA7189D2-0278-4D32-87E8-F8E3DBA63F59}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BAD512DF-6271-4005-A435-15B08EFCC7D4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BB4E9BF2-DAA2-49DE-A1D0-648281C56E10}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BB63966B-0A52-47F5-B962-ED31E84C3142}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BC6C26CE-8D87-47A0-8982-BD1A5C145AD6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BD64F145-BF06-44CE-AB94-E6004D89FA62}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BD91DC3D-FD52-4F60-87F8-C046067EA01B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BDF81A29-AA73-400F-A189-61C7F47DC79A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BE4FD55E-2610-4A31-BA1E-049BD10D065E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BEBE9433-2530-488C-ACE6-080D664DA0D6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BFB9A25F-E903-4C08-9CDE-9B56051A4F96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{BFED2B4A-3CE9-4D45-A652-9584B01B367B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C0535F7D-3E18-4544-9B14-55A5B0B5CB2C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C16416DE-BE79-49D6-9549-9880D165F490}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C226681B-103E-486A-9C2D-4E30A2A59F88}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C228D258-9F24-4FC4-8F86-3B176121928D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C270EAF7-42CB-45FC-AA3C-F48DB62AF512}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C290AB02-8555-4C42-A9A5-A223C2D77746}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C44980FA-5266-434E-B818-10C7F7D78FED}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C4B30529-F51A-49E1-9409-ED38B14979F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C4CACBA5-0C15-4087-8505-23FBBDC829B4}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C58BBDA0-2971-494C-85AD-BBA23177B821}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C64D69A8-E585-4C38-B821-FCAE9A1121BB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C6CD0D8B-7266-4E24-9012-8643440A588A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C708E2DC-7965-4471-9BC0-DD5F48E6A6D7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C7C39E64-5877-4DCB-B5C0-C1F19C89CA60}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C7DA76FA-E90C-4C7D-96B8-84E131B172F2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C8185A56-3C04-48D1-9A1C-FE7D8800F839}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C8186D58-B3AE-4183-8BC4-9A53631A9B4B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C827A11B-5A55-45E7-BDFF-146C56A001DD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C8E4A929-1D87-4603-94BF-8A56307EBBBE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C97DA0F5-453A-44B0-8812-BA3588B39A4A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C98B3E3B-B363-4F80-A043-77056B7F790E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C9AF5B4A-8F4E-423F-A4BD-98D05CA7A2BD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{C9E1756F-A2C2-4F96-86CD-71BE9BB1432E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CA611790-EC12-438E-9C50-68D734DB380E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CA91332F-2C20-45E1-BA29-C1A3EED6C9A0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CAA14FB9-080A-4CFF-9EB5-9D1502EC24DD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CB553A8B-18BB-4382-831A-229D87381DBE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CB966656-AAA1-40FA-A6B9-619146E9C544}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CBCB35B4-64C0-477B-86A8-30F2DCC707C3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CC00CB61-EF9F-4289-9EAF-6870863C6121}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CC1D34E2-0840-4FA5-BC7A-E99B21653D55}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CC65C770-5E89-4A32-8F8F-688C214970D5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CCE6504A-032F-4878-A4DC-2A978C54124F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CD059D6D-7446-4D0A-95DC-F832C854FBB7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CD5508EE-8DA8-4D29-A88B-7B6ABD8471CF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CEA44222-B4DF-4EA8-9F49-AC94DB99BC2C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{CFB0F274-B7C0-4250-8450-E8CD875FABEF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D092DF49-D9EB-43A0-9403-3BFF73649A02}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D0CD4CE4-7CD9-41D6-AF89-51E20A3320DF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D0EFDC70-523D-4860-9565-F5D24C57C015}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D160B83E-E136-40E7-8F79-D08044F31C37}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D1BCB680-34A4-4337-A1ED-7C54E20DCA60}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D1EA2964-3388-484F-A54A-9EC8D59FE7F3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D2193212-A664-45BC-8EAF-F7540EBD9C56}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D278170B-3699-45FC-8026-ADC978BD0214}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D2889B4A-B6B6-407B-957C-3FCE30F3ED96}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D2E08D4C-1EB3-4678-BD15-24AFE3EDD486}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D326ADD7-C9B2-4C3E-81E4-F76166631F78}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D32E6F9B-32D5-4071-BFD5-0CF72DC4F5F9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D3D80A13-8F2E-4DCB-B62C-8573F7FF5EF8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D479B1A7-B4BF-4CB7-A522-4FB8559D8BAC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D4A1CA77-51A2-42EB-91C3-E3E446EC812F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D4A3E99E-DA2A-4D21-8D92-EE3D3E811B87}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D4D958F9-D583-47EE-8117-D817424A1ADD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D520EB7A-C38E-4522-8338-E707637151DB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D5701FAC-6139-44F4-B2D0-1D02F74EC7AB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D5968789-4AAF-40E1-A7B0-FF680DC15FE9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D5C3B943-B749-491D-AC4B-6A6659D402D3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D61AAE27-6AFA-480C-BCAB-27C4DA8C6072}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D61F787B-1157-46B1-9442-61C295818563}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D6B4F65A-851E-4ACD-B4EA-A8A93C2C3B00}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D6CC43C7-99D8-4241-8161-03C5C74815B7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D764158D-44EA-425D-BD0D-EF41A943C8F1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D79CFDA9-EC19-40B0-8DF8-41E658802251}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D802ACEE-E461-4E1F-ABEF-F02A26782430}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D87FE057-6257-42C6-8DDF-7635D46D99A5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D8CF61A6-BF6D-4C08-A25E-89C5992016FC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D8FE404B-C793-400A-86DD-A7EC52ADF15A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{D9247E89-421C-4F76-9D8F-8CB037631E94}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DA08A8F9-0B02-4480-80AE-CEE82A17FD03}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DAA0F116-6492-4B86-807D-757653764DF0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DB00AAAF-C9E2-46E0-839D-91013DA43C35}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DB23F8A5-5ABD-40CD-B38F-835A74C6C954}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DC7E2A47-E76D-477F-9574-32121FB07518}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DCA3FFDE-4643-4083-9503-21FD2FF59890}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DD56071B-CB52-4CEF-ACDE-809E1924D4E7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DD59842B-ADCC-4A47-979E-EE51409909BF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DDF1D398-1CA9-4AA3-9A21-5E4FC2C84EBC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE280082-F049-4908-8444-E8C01C609ADC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE443CDC-272B-4524-BF40-D3B8BC94E1BB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE4CB8FE-1F1E-412B-B44C-4FDF63397DC3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE79EAC3-8C48-4A46-B3AB-4E22607B8707}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE87F45D-5596-4A7E-90A4-21CCF6152DFE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DE9D54D3-0262-4284-8FC7-42366608A28C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DF0A7F0D-D2B1-47FA-91AB-2F4C59D17005}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DF2F7BD1-6301-4355-8009-C8F50D72DE5A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DF75C137-CE81-40FA-89C6-A68355A3B6F2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DF8ADA89-6E57-4877-9AA8-D8145D6F5CD1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{DF8EA85F-03FD-4564-8B89-8BBEA43C34C5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E13977F7-35DB-4ADC-BF9E-7F670B67CA75}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E139A9E2-D110-4486-8D24-D8C6FF09F224}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E189AA7F-857C-4771-8F03-A4D89346DE78}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E1A753F4-7276-403B-B20E-5293B426A78E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E37DFB2B-177A-4568-83D0-1E19B601C48B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E38696C4-A205-468C-AF89-8A840AA945E6}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E387E68F-4D01-4366-815D-A0AF6B7FE603}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E3A7EDB4-7061-4EE5-B2B6-5E16CE723BCC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E47A0087-E394-4B11-AC32-B6B05649509E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E4C7E4DA-B2B0-4F0F-8525-19F061EB4B78}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E502538D-A6F8-4601-9DC7-B949BFC802E3}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E5561084-3BC0-4B93-8C57-9A76AACCA302}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E5730EAE-DBF4-4F68-8966-C15B1A1D3999}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E5AC7A95-079F-47FC-896F-B3BF3BF62C88}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E5BA0248-7F84-4E91-A293-B1C9CD01E760}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E666854E-4C00-4037-A9C9-E107E2562941}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E68EF5BE-7DA3-422E-BBDB-F636ADE55695}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E795755E-D11A-44B5-9195-795D3D195566}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E7B44390-ECCD-49D1-B7D4-1AC325E1D494}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E816361A-73BA-4320-96E5-F2F808D9CB6B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E88D4246-979E-4522-BFC2-57D8848CFC94}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E92DDA9D-FFB7-4E30-B153-62C826F2F9EF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{E959F52E-8D49-4075-85DF-AC662199E6D8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EA17B5F0-4FA7-45CE-BBFC-198C7D49CBB7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EA895466-9F6A-4B66-BD11-B24196330DB9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EBBEE70A-B360-4BDB-BD88-3605754B47BE}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EBE03CBD-BA7A-4A4A-9149-D9FBDF0C486D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EBE88814-1669-4837-A40D-FD6478A6A918}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EBECC6A1-0A0F-43AB-BC89-A467FDAFEE3A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EC15B6F6-09F3-4D3D-B41C-672A34F0C71A}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EC5A550A-3691-4D75-ABD9-23730E591409}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EC6B70C2-910A-4FD9-9164-6CFC61008B16}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{ED207A16-68E0-4115-8B28-1C21E12B18A9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EDB4E8FC-0D1F-425D-A1FE-A2E94F026F9E}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EEACA18C-16F8-4B62-B369-A2A1D73585CC}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EF283C90-BDA3-4DB4-A43D-6F8540DDC6EB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{EFB71C53-658B-4C9D-9B56-5B979BA0F368}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F05C29F5-939C-4920-9DF5-C2B7E817D1CB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F164FD56-9797-4EA3-B481-1345CA9D1140}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F1ABA976-865A-4D47-8073-60BBDCE6A107}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F1B5C832-32B9-44E4-812C-3690DD56B2FF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F1DF0FAC-890C-42C8-A543-2E319C000EC2}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F1E6BE13-F5D1-4B98-ACF0-E8DED368B402}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F27B0917-943A-4076-805C-78B2E15E6CF1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F27EE2F5-3A9E-4311-AE26-A85F4CC8541D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F2A747BB-D1D4-4051-8BD6-E39793C7FB74}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F2D1A12B-C21B-4183-8580-25D2AE43E2A5}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F2E6049B-6B6E-4CCC-AF31-0F115860BF9F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F2FD22F5-AF18-4955-AA98-A069204C379B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F342B040-98D9-48C1-941B-592CB50C46A7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F3728DCE-8CD7-442A-BF37-16E1CFE86A7D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F4AAF868-F69E-41D7-B295-40DE626A4E5D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F4C06F24-E3B4-491B-B89C-DA10B494FE6B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F55A27E8-5628-4C79-AD95-E8BEE271219B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F5BE057C-E3CD-45A8-8557-AFA0EF78929D}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F5E34771-7DEB-4C46-8AFB-123C78274D21}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F62EEB5D-6D41-4C62-87F7-FD3106B7C7A9}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F6CBD12D-44BB-4D5B-94C8-ECF70E5A28B0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F77C28A4-2ADA-4FBF-A8CA-2DD6F980C314}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F8087A9E-6799-400E-988B-A2A2A6D2E8C8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F87D212C-0287-4E62-9357-B9EC98BFD46C}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F8A67B04-64C5-48F1-9650-C0BFD5B9FADD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F9305782-27BA-4F3A-BCB9-1DC21D401479}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F97D2DB1-C978-496A-B534-E73288699E53}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F9D06110-FF48-4CBE-A8D8-4B851D296ED7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{F9DB8966-B688-4384-9D0D-AB0C725D481B}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FA47A240-8A11-4713-A58F-77C12D5006BB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FA6FF1E1-61F4-4F19-BC50-88974BBBE9EB}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FB0CE6ED-B9F4-4627-9822-9BF5F729BFC7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FBB68B01-1DDE-4A39-A3AC-845EB910361F}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FC46A700-0E0A-4B3A-8E18-54873E8B9F75}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FC563AD2-4159-4374-8B28-68049D553156}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FC68163D-4F76-40B5-A04F-65FFAA97DADF}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FC9A9E1F-0365-462A-A4E7-B08188F0DA23}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FE2EA6A4-7F72-4903-9D1D-F1EBE4162D38}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FEA4FD40-78BE-4C70-863B-496BC32490E8}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FEACC578-F066-4EE6-9194-D64318CE0628}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FEFA0388-5281-4855-BB81-A1714B3ED0B1}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FF017938-7E72-43FF-8C4E-9FFBBD751909}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FF7B9FE4-2623-4F5A-945C-CFEF990A03DD}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FF96E41F-1BBC-4F61-BBA9-DA67A6E84CB0}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FF96F30E-14D8-414F-8AD1-A18577D823E7}
Successfully deleted: [Empty Folder] C:\Users\Ozelot\appdata\local\{FF9B704A-F2D1-47B3-BEF4-8640DA742B97}



~~~ FireFox

Emptied folder: C:\Users\Ozelot\AppData\Roaming\mozilla\firefox\profiles\ejiirzsb.default\minidumps [94 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.03.2014 at 16:20:20.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 06.03.2014 13:01

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Ozelot11 07.03.2014 08:33
Guten Tag Schrauber

So, dies ging etwas länger...
Das Problem habe ich leider immer noch...

Hier das ESET.Log:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ee9ab47389d04b40929890de6ea1683e
# engine=17340
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-06 05:24:21
# local_time=2014-03-06 06:24:21 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3592 16777213 100 88 2627230 144789157 0 0
# compatibility_mode=5892 16776574 100 95 132862018 231650567 0 0
# scanned=529184
# found=0
# cleaned=0
# scan_time=14831

Und hier das checkup.txt:

Code:
Results of screen317's Security Check version 0.99.80 
 Windows Vista Service Pack 2 x64 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java(TM) 6 Update 29 
 Java(TM) 6 Update 7 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player        12.0.0.70 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (27.0.1)
 Google Chrome 33.0.1750.117 
 Google Chrome 33.0.1750.146 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
...und hier noch das FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by Ozelot (administrator) on OZELOT-PC on 07-03-2014 08:29:59
Running from C:\Users\Ozelot\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
() C:\Program Files (x86)\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Novatel Wireless) C:\Program Files (x86)\Novatel Wireless\Mobilink\Lite.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Novatel Wireless Inc.) C:\Program Files (x86)\Novatel Wireless\Mobilink\Phoenix.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AOL LLC) c:\program files (x86)\aol\aol toolbar 5.0\AolTbServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
() C:\Users\Ozelot\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Farbar) C:\Users\Ozelot\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [DVDAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM-x32\...\Run: [TVAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [210216 2009-01-21] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2008-12-10] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [MobiLink Lite] - C:\Program Files (x86)\Novatel Wireless\MobiLink\Lite.exe [327769 2007-09-07] (Novatel Wireless)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-773670543-948858840-828668320-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
Startup: C:\Users\Ozelot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_ch&c=91&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKLM - {6C6FA03E-3936-48DD-8FB3-F6A60CB9FDF8} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcnnbie7-de-ch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {BCAB4F68-1EAC-4713-B934-3AA08A45DBCB} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Ozelot\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\searchplugins\facebook.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flagfox - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-25]
FF Extension: WOT - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-03]
FF Extension: Speed Test Analysis - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\speedtestanalysis@SpeedAnalysis.com.xpi [2014-01-07]
FF Extension: Bluhell Firewall - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-02-14]
FF Extension: Adblock Plus - C:\Users\Ozelot\AppData\Roaming\Mozilla\Firefox\Profiles\ejiirzsb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2009-07-20]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2013-11-28]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-12-17] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2008-11-18] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-11-18] (Validity Sensors, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

S1 Beep; No ImagePath
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140306.005\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
S3 IpInIp; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140306.019\ENG64.SYS [126040 2013-12-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140306.019\EX64.SYS [2099288 2013-12-17] (Symantec Corporation)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [113536 2007-07-17] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [113536 2007-07-17] (Novatel Wireless Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMTDIV.SYS [507992 2013-09-26] (Symantec Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
U4 eabfiltr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 08:29 - 2014-03-07 08:29 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(2).exe
2014-03-07 08:06 - 2014-03-07 08:06 - 00987442 _____ () C:\Users\Ozelot\Downloads\SecurityCheck.exe
2014-03-06 14:15 - 2014-03-06 14:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-06 14:14 - 2014-03-06 14:14 - 02347384 _____ (ESET) C:\Users\Ozelot\Downloads\esetsmartinstaller_enu.exe
2014-03-06 03:02 - 2014-03-06 03:02 - 00001892 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 16:29 - 2014-03-05 16:30 - 02157056 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(1).exe
2014-03-05 16:27 - 2014-03-05 16:27 - 00001351 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[S2].txt
2014-03-05 16:20 - 2014-03-05 16:26 - 00076601 _____ () C:\Users\Ozelot\Desktop\JRT.txt
2014-03-05 16:08 - 2014-03-05 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:05 - 2014-03-05 16:05 - 01037734 _____ (Thisisu) C:\Users\Ozelot\Downloads\JRT.exe
2014-03-05 15:51 - 2014-03-05 15:51 - 00001290 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[R2].txt
2014-03-05 15:39 - 2014-03-05 15:39 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner.exe
2014-03-05 09:44 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Leitfaden Verkauf
2014-03-05 09:35 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Nicci_Nani
2014-03-04 15:27 - 2014-03-04 15:27 - 00018273 _____ () C:\ComboFix.txt
2014-03-04 14:50 - 2014-03-04 15:28 - 00000000 ____D () C:\ComboFix
2014-03-04 14:50 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-04 14:50 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-04 14:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-04 14:50 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-04 14:41 - 2014-03-04 15:28 - 00000000 ____D () C:\Qoobox
2014-03-04 14:40 - 2014-03-04 15:25 - 00000000 ____D () C:\Windows\erdnt
2014-03-04 14:38 - 2014-03-04 14:39 - 05187080 ____R (Swearware) C:\Users\Ozelot\Downloads\ComboFix.exe
2014-03-04 08:34 - 2014-03-04 15:18 - 00001084 _____ () C:\Windows\PFRO.log
2014-03-03 16:49 - 2014-03-03 16:52 - 00039296 _____ () C:\Users\Ozelot\Downloads\Addition.txt
2014-03-03 16:48 - 2014-03-07 08:29 - 00025709 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-03 16:48 - 2014-03-07 08:29 - 00000000 ____D () C:\FRST
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-03-05 15:51 - 00000000 ____D () C:\AdwCleaner
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:11 - 2014-02-28 10:55 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 _____ (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-26 03:11 - 2014-02-27 03:06 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-14 03:14 - 2014-02-05 11:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:14 - 2014-02-05 11:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:14 - 2014-02-05 11:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:14 - 2014-02-05 10:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 10:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:14 - 2014-02-05 10:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:14 - 2014-02-05 10:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 10:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:14 - 2014-02-05 10:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:14 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:14 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:14 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:14 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:14 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 03:14 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:14 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 03:14 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:14 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:14 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-14 03:14 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 07:15 - 2013-12-05 05:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:15 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:35 - 2014-02-05 13:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-03-07 08:30 - 2014-03-03 16:48 - 00025709 _____ () C:\Users\Ozelot\Downloads\FRST.txt
2014-03-07 08:29 - 2014-03-07 08:29 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(2).exe
2014-03-07 08:29 - 2014-03-03 16:48 - 00000000 ____D () C:\FRST
2014-03-07 08:29 - 2009-09-20 18:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 08:16 - 2009-07-20 01:10 - 01908727 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 08:09 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 08:09 - 2006-11-02 16:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 08:08 - 2012-05-13 07:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 08:06 - 2014-03-07 08:06 - 00987442 _____ () C:\Users\Ozelot\Downloads\SecurityCheck.exe
2014-03-06 16:04 - 2010-01-09 13:58 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\FreePDF_XP
2014-03-06 14:15 - 2014-03-06 14:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-06 14:14 - 2014-03-06 14:14 - 02347384 _____ (ESET) C:\Users\Ozelot\Downloads\esetsmartinstaller_enu.exe
2014-03-06 12:57 - 2010-01-09 13:58 - 00006120 _____ () C:\fpRedmon.log
2014-03-06 11:29 - 2009-09-20 18:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 10:43 - 2010-01-07 19:18 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-06 09:27 - 2009-02-16 03:43 - 00003580 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-03-06 09:21 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 09:19 - 2009-07-20 01:10 - 00001076 _____ () C:\Windows\bthservsdp.dat
2014-03-06 09:19 - 2006-11-02 16:42 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-06 08:58 - 2011-05-30 20:39 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\CrashDumps
2014-03-06 03:02 - 2014-03-06 03:02 - 00001892 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-06 03:02 - 2009-09-12 16:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 03:02 - 2009-09-12 16:41 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 19:01 - 2010-05-02 17:17 - 00000000 ____D () C:\Users\Ozelot\Documents\Steuern
2014-03-05 16:30 - 2014-03-05 16:29 - 02157056 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64(1).exe
2014-03-05 16:27 - 2014-03-05 16:27 - 00001351 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[S2].txt
2014-03-05 16:26 - 2014-03-05 16:20 - 00076601 _____ () C:\Users\Ozelot\Desktop\JRT.txt
2014-03-05 16:08 - 2014-03-05 16:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:05 - 2014-03-05 16:05 - 01037734 _____ (Thisisu) C:\Users\Ozelot\Downloads\JRT.exe
2014-03-05 15:51 - 2014-03-05 15:51 - 00001290 _____ () C:\Users\Ozelot\Desktop\AdwCleaner[R2].txt
2014-03-05 15:51 - 2014-02-28 11:18 - 00000000 ____D () C:\AdwCleaner
2014-03-05 15:39 - 2014-03-05 15:39 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner.exe
2014-03-05 15:14 - 2013-12-19 21:06 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\SpeedTestAnalysis
2014-03-05 09:44 - 2014-03-05 09:44 - 00000000 ____D () C:\Users\Ozelot\Documents\Leitfaden Verkauf
2014-03-05 09:44 - 2014-03-05 09:35 - 00000000 ____D () C:\Users\Ozelot\Documents\Nicci_Nani
2014-03-05 08:18 - 2011-06-17 21:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Windows Live
2014-03-05 01:00 - 2011-04-10 15:48 - 00000500 ____H () C:\Windows\Tasks\Norton Security Scan for Ozelot.job
2014-03-04 15:58 - 2011-06-17 22:16 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Windows Live Writer
2014-03-04 15:28 - 2014-03-04 14:50 - 00000000 ____D () C:\ComboFix
2014-03-04 15:28 - 2014-03-04 14:41 - 00000000 ____D () C:\Qoobox
2014-03-04 15:28 - 2006-11-02 14:33 - 00000000 __RHD () C:\Users\Default
2014-03-04 15:27 - 2014-03-04 15:27 - 00018273 _____ () C:\ComboFix.txt
2014-03-04 15:25 - 2014-03-04 14:40 - 00000000 ____D () C:\Windows\erdnt
2014-03-04 15:20 - 2006-11-02 13:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-04 15:18 - 2014-03-04 08:34 - 00001084 _____ () C:\Windows\PFRO.log
2014-03-04 15:16 - 2006-11-02 13:33 - 87818240 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 82575360 _____ () C:\Windows\system32\config\COMPONENTS.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 26738688 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-04 15:16 - 2006-11-02 13:33 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-04 14:39 - 2014-03-04 14:38 - 05187080 ____R (Swearware) C:\Users\Ozelot\Downloads\ComboFix.exe
2014-03-04 10:08 - 2013-09-17 18:00 - 00002017 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 08:36 - 2009-10-02 15:36 - 00000000 ____D () C:\Users\Ozelot\Tracing
2014-03-03 16:52 - 2014-03-03 16:49 - 00039296 _____ () C:\Users\Ozelot\Downloads\Addition.txt
2014-03-03 16:46 - 2014-03-03 16:46 - 02156544 _____ (Farbar) C:\Users\Ozelot\Downloads\FRST64.exe
2014-03-03 12:01 - 2009-02-16 08:54 - 00000000 ____D () C:\Windows\panther
2014-03-03 11:58 - 2014-03-03 11:58 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-03 11:58 - 2014-03-03 11:58 - 00000770 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 11:58 - 2014-03-03 11:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 11:57 - 2014-03-03 11:57 - 03645064 _____ (Piriform Ltd) C:\Users\Ozelot\Downloads\ccsetup410_slim.exe
2014-03-03 11:30 - 2014-03-03 11:30 - 00000948 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-03 11:30 - 2014-03-03 11:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 11:29 - 2014-03-03 11:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Ozelot\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-28 11:28 - 2014-02-28 11:28 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0(1).exe
2014-02-28 11:18 - 2014-02-28 11:18 - 01244192 _____ () C:\Users\Ozelot\Downloads\adwcleaner_3.0.2.0.exe
2014-02-28 10:55 - 2014-02-28 10:11 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\NPE
2014-02-28 10:11 - 2009-02-16 01:46 - 00000000 ____D () C:\ProgramData\Norton
2014-02-28 10:06 - 2014-02-28 10:06 - 03057128 _____ (Symantec Corporation) C:\Users\Ozelot\Downloads\NPE.exe
2014-02-27 03:06 - 2014-02-26 03:11 - 03209056 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 03:06 - 2009-02-16 08:53 - 00705230 _____ () C:\Windows\system32\perfh010.dat
2014-02-27 03:06 - 2009-02-16 08:53 - 00142814 _____ () C:\Windows\system32\perfc010.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00674274 _____ () C:\Windows\system32\perfh007.dat
2014-02-27 03:06 - 2009-02-16 08:43 - 00146254 _____ () C:\Windows\system32\perfc007.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00712102 _____ () C:\Windows\system32\perfh00C.dat
2014-02-27 03:06 - 2009-02-16 08:34 - 00145710 _____ () C:\Windows\system32\perfc00C.dat
2014-02-27 03:06 - 2006-11-02 13:46 - 03209056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 18:08 - 2014-02-23 18:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-23 18:08 - 2012-05-13 07:08 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-23 18:08 - 2011-09-15 21:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 18:57 - 2013-08-19 17:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 18:50 - 2006-11-02 13:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-17 18:34 - 2012-10-07 17:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 16:51 - 2010-10-10 14:52 - 00000000 ____D () C:\Users\Ozelot\Documents\Bewerbungen_Arbeit
2014-02-17 11:24 - 2009-09-20 18:59 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 11:24 - 2009-09-20 18:59 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-17 11:12 - 2014-02-17 11:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 10:25 - 2014-02-17 10:25 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 10:25 - 2013-12-12 16:45 - 00001875 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-10 13:45 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Roaming\Apple Computer
2014-02-10 13:44 - 2009-11-29 11:43 - 00000000 ____D () C:\Users\Ozelot\AppData\Local\Apple Computer
2014-02-05 13:36 - 2014-02-05 13:36 - 00001694 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iTunes
2014-02-05 13:36 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-05 13:35 - 2014-02-05 13:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-05 13:28 - 2009-11-29 11:38 - 00000000 ____D () C:\ProgramData\Apple
2014-02-05 11:19 - 2014-02-14 03:14 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 11:02 - 2014-02-14 03:14 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 11:00 - 2014-02-14 03:14 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 10:54 - 2014-02-14 03:14 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 10:52 - 2014-02-14 03:14 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 10:52 - 2014-02-14 03:14 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 10:51 - 2014-02-14 03:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 10:50 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 10:50 - 2014-02-14 03:14 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 10:50 - 2014-02-14 03:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:58 - 2014-02-14 03:14 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-05 09:56 - 2014-02-14 03:14 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-05 09:53 - 2014-02-14 03:14 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-05 09:51 - 2014-02-14 03:14 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-05 09:50 - 2014-02-14 03:14 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-05 09:49 - 2014-02-14 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 03:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-05 09:48 - 2014-02-14 03:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 03:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 03:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 03:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 03:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-05 09:20 - 2009-09-26 08:49 - 00007916 _____ () C:\Users\Ozelot\AppData\Local\d3d9caps.dat

Some content of TEMP:
====================
C:\Users\Ozelot\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-06 09:29

==================== End Of Log ============================
--- --- ---

--- --- ---



Vielen Dank und Gruss

schrauber 08.03.2014 12:22
Java, Flash und adobe updaten.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Ozelot11 10.03.2014 16:48
Hallo Schrauber

Vielen Dank für den grossen wohlwollenden Support in der Fehlerfindung.
Ist wirklich eine super Sache! :applaus:

Leider habe ich aber immer noch das selbe Problem...
Gibt es noch weiter Möglichkeiten das Problem ausfindig zu machen?

Vielen Dank und beste Grüsse

Frage: Dann würdest Du den Uniblue Registrybooster deinstallieren?

Gruss

schrauber 11.03.2014 12:26
Ja, Finger weg von Registry Cleanern. In welchem Browser hast Du das Problem?

Ozelot11 11.03.2014 14:47
Hatte den Registry Booster von Uniblue, welches sehr schlechte Kritik hat (WOT).

Das Problem habe ich nur beim Mozilla Firefox. Der IE funktioniert problemlos.
Allerdings arbeite ich lieber mit dem Firefox. Mir hatte auch mal jemand gesagt, dass Firefox sicherer sei.

Was könnte dies sein? Soll ich den Browser deinstallieren und neu downloaden?

Danke und Gruss

schrauber 12.03.2014 12:01
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Ozelot11 14.03.2014 09:24
Guten Tag Schrauber

Super, jetzt ist alles wieder in Ordnung und macht wieder Spass um mit dem Laptop zu arbeiten. :huepp:

Vielen Dank für die grosse Unterstützung!! :dankeschoen:

Ich werde Euch natürlich auch gerne unterstützen.
Ist wirklich eine tolle Sache!!

Schöne Grüsse
Dani

schrauber 15.03.2014 11:30
Gern Geschehen :)

Ozelot11 18.03.2014 08:35
Hallo Schrauber

Letzte Frage: Von Malwarebytes und Anti-Malware ist die Testversion abgelaufen.
Brauche ich diese Schutzsoftware oder genügt da der Norton 360 aus?
Ist es gut, wenn man ab und zu einen Scan mit Malwarebytes und Anti-Malware macht?

Vielen Dank für Deine Antwort.

Wünsche eine gute Woche

Gruss Dani

schrauber 19.03.2014 08:46
Behalte MBAm doch einfach in der Free-Version zum ab und zu scannen. Und such dir was besseres als Norton.


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131