Internet Explorer und alle Programme und Downloads die über ihn laufen funktionieren nicht

Sumajo · 17.09.2012, 18:18

Moin,

Ich habe nun seit ein paar Monaten das Probleme, dass mein Internet Explorer nicht funktioniert. Ursprünglich zeigte Steam bei mir den "Fehlercode:-137" was zurfolge hatte das bei Steam nurnoch meine Bibliothek funktionierte nicht aber der Shop, die Community und die Neuigkeiten, bei diesen drei wird nur der Fehlercode gezeigt. Ausserdem habe ich Probleme Programme wie z.B. Metin2 oder Dead Rising2 und andere zu downloaden. Bei Dead Rising2 kam dann, nachdem ein Freund es mir auf dem USB Stick mitgegeben hat, auch noch das Problem, dass die Windows Live Authentifizierung fehlschlug dazu

Ich kann mich auch bei manchen Browsergames nicht mehr anmelden (z.B. Wewaii).
Ich habe alle Anweisungen von diesem Thread beachtet: http://www.trojaner-board.de/69886-a...-beachten.html
Und hänge euch noch die logfiles an diesen Thread an.

Ich hoffe ihr könnt mir helfen.
Ich bedanke mich auch schonmal im Vorfeld für eure Hilfe.

MfG Philipp

Hier das OTL.txt:
OTL logfile created on: 17.09.2012 18:26:21 - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Philipp\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,43% Memory free
8,00 Gb Paging File | 6,44 Gb Available in Paging File | 80,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 115,26 Gb Total Space | 14,45 Gb Free Space | 12,54% Space Free | Partition Type: NTFS
Drive D: | 569,60 Gb Total Space | 316,97 Gb Free Space | 55,65% Space Free | Partition Type: NTFS
Drive H: | 29,70 Gb Total Space | 2,88 Gb Free Space | 9,70% Space Free | Partition Type: FAT32

Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.09.17 18:25:26 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
PRC - [2012.09.16 20:15:19 | 055,791,928 | ---- | M] (PC Cleaners Inc.) -- C:\Program Files (x86)\PC Cleaners\PCCleaners.exe
PRC - [2012.08.16 15:32:32 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.19 20:52:14 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.19 20:52:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.19 20:52:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.03.29 17:29:40 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2012.03.13 17:39:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Users\Philipp\temp\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.08.05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010.08.05 08:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2011.12.14 13:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.09.15 11:20:36 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programme\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.05.19 20:52:14 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.19 20:52:14 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.19 20:52:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.05 19:49:46 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.11 02:06:10 | 000,077,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2012.04.11 01:59:14 | 000,542,552 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012.04.02 20:46:58 | 000,329,544 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012.03.29 17:29:40 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.03.13 17:39:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.14 13:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 13:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.11.15 20:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Users\Philipp\temp\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.04.24 22:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.08.05 08:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.25 16:46:18 | 000,117,640 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.28 21:25:34 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.07.24 02:25:28 | 000,626,208 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009.07.24 02:25:28 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.03.30 05:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV - [2009.03.30 05:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)
SRV - [2008.07.10 06:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.05.19 20:52:14 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.19 20:52:14 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.11 17:40:28 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2012.04.06 20:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.04.13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.04.12 13:01:38 | 000,052,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.28 20:32:30 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.01.07 09:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009.08.25 16:46:19 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2009.08.25 16:46:19 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.01 06:20:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.06.26 09:55:10 | 000,083,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 19:47:48 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.05.08 16:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.01.19 20:32:22 | 000,334,344 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV - [2011.10.13 17:33:58 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE393
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={1FD881CE-7978-4333-BFCD-9284834087E4}&mid=a10471d01e1c47d18ac9d1482a88dd4d-06ce4fc639803a2e3563922518183d8e94088cb9&lang=&ds=&pr=&d=2011-12-16 17:47:01&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\..\SearchScopes\{FBDF4F0D-B043-496F-93AC-AF87B65617BF}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=110000&tt=270312_n&babsrc=SP_ss&mntrId=ecbee03200000000000000016c6c34be
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2903601&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20110939,16981,0,19,0"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.137.0
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB10&ctid=CT2319825&SearchSource=2&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.26 12:44:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.08 09:59:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.03.18 21:17:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2012.02.02 15:18:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.26 12:44:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.03.18 21:17:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2012.02.02 15:18:04 | 000,000,000 | ---D | M]

[2010.08.17 19:23:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2012.09.16 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions
[2012.08.25 14:34:11 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2012.05.19 18:59:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.11 17:35:09 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.20 16:04:47 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\battlefieldheroespatcher@ea.com
[2012.03.12 18:34:39 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\battlefieldplay4free@ea.com
[2012.09.15 15:14:16 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\tw18pwvz.default\extensions\ich@maltegoetz.de
[2012.07.26 12:37:17 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.05.12 09:51:26 | 000,000,949 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\conduit.xml
[2012.09.12 17:37:36 | 000,000,950 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin-1.xml
[2012.06.26 13:08:36 | 000,000,950 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin-2.xml
[2012.08.22 20:53:06 | 000,000,950 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin-3.xml
[2012.09.02 11:17:09 | 000,000,950 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin-4.xml
[2012.09.08 10:00:01 | 000,000,950 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin-5.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin.src
[2012.05.08 13:55:02 | 000,001,056 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\icqplugin.xml
[2012.05.21 17:04:59 | 000,003,741 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\spieletippsde.xml
[2011.10.13 15:11:55 | 000,002,057 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\tw18pwvz.default\searchplugins\youtube-videosuche.xml
[2012.04.19 17:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.19 17:36:52 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2012.09.08 09:59:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.27 14:11:46 | 000,002,348 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.09.02 11:16:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.21 16:42:20 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = hxxp://isearch.avg.com/search?cid={1FD881CE-7978-4333-BFCD-9284834087E4}&mid=a10471d01e1c47d18ac9d1482a88dd4d-06ce4fc639803a2e3563922518183d8e94088cb9&lang=&ds=&pr=&d=2011-12-16 17:47:01&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: Battlefield Heroes = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.67.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [PC Cleaners] C:\Program Files (x86)\PC Cleaners\PCCleaners.exe (PC Cleaners Inc.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKCU..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\anwender\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\anwender\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - DD:\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000022 - DD:\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000023 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{700AC33A-9244-4276-B492-7F9716478E77}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CF91807-55A5-4684-A97D-3DE531A9909B}: NameServer = 10.74.120.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA4180F2-C015-4E51-9126-C8505A6D3D2E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\openvpntray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninstall.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\openvpntray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninstall.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ab29ed83-f7d3-11df-bff4-00016c6c34be}\Shell - "" = AutoRun
O33 - MountPoints2\{ab29ed83-f7d3-11df-bff4-00016c6c34be}\Shell\AutoRun\command - "" = G:\datas\autorun.exe
O33 - MountPoints2\{d8b49920-e2c1-11df-a5b3-00016c6c34be}\Shell - "" = AutoRun
O33 - MountPoints2\{d8b49920-e2c1-11df-a5b3-00016c6c34be}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.09.17 18:25:25 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2012.09.17 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012.09.16 20:15:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\PC Cleaners
[2012.09.16 20:15:20 | 004,571,960 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2012.09.16 20:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaners
[2012.09.16 20:15:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\PCPro
[2012.09.16 20:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2012.09.16 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Cleaners
[2012.09.15 21:42:19 | 000,000,000 | ---D | C] -- C:\f1_2011_patch_1
[2012.09.15 20:31:58 | 000,000,000 | ---D | C] -- C:\f1_2011_patch
[2012.09.15 16:08:54 | 000,000,000 | ---D | C] -- C:\Dirt_3_patch
[2012.09.14 16:16:29 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.09.14 16:16:29 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.09.11 15:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2012.09.03 19:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012.09.02 11:36:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac
[2012.09.01 20:59:52 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\LogMeIn Hamachi
[2012.09.01 20:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.08.26 16:27:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\syncdb
[2012.08.25 18:05:57 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012.08.25 15:06:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.08.25 14:40:49 | 000,000,000 | ---D | C] -- C:\test
[2012.08.24 19:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2009.08.25 16:17:48 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.09.17 18:30:40 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 18:30:40 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 18:25:26 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2012.09.17 18:22:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.17 18:21:34 | 000,000,020 | ---- | M] () -- C:\Users\Philipp\defogger_reenable
[2012.09.17 18:20:39 | 000,050,477 | ---- | M] () -- C:\Users\Philipp\Desktop\Defogger.exe
[2012.09.17 17:54:13 | 000,002,965 | ---- | M] () -- C:\Users\Philipp\Desktop\HiJackThis.lnk
[2012.09.17 13:33:44 | 001,390,432 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.16 20:15:20 | 000,000,984 | ---- | M] () -- C:\Users\Philipp\Desktop\PC Cleaner Pro.lnk
[2012.09.16 20:15:08 | 004,571,960 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2012.09.14 16:16:29 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.09.14 16:16:29 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.09.11 19:44:19 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike Source.lnk
[2012.09.06 13:58:34 | 000,000,802 | ---- | M] () -- C:\Users\Philipp\Desktop\Minecraft_Server - Verknüpfung.lnk
[2012.09.03 19:15:40 | 000,001,318 | ---- | M] () -- C:\Users\Philipp\Desktop\Free YouTube Download.lnk
[2012.09.03 19:03:53 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.02 11:36:37 | 000,000,945 | ---- | M] () -- C:\Users\Philipp\Desktop\The Binding of Isaac.lnk
[2012.08.30 14:36:06 | 000,086,528 | ---- | M] () -- C:\Windows\bnetunin.exe
[2012.08.30 14:36:06 | 000,061,440 | ---- | M] () -- C:\Windows\diabunin.exe
[2012.08.30 14:36:06 | 000,000,855 | ---- | M] () -- C:\Users\Philipp\Desktop\Diablo.lnk
[2012.08.27 21:47:24 | 000,369,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.25 16:43:01 | 001,390,432 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.24 15:58:36 | 000,405,152 | ---- | M] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.08.20 17:56:20 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.08.20 17:56:20 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.20 17:54:15 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.17 18:21:34 | 000,000,020 | ---- | C] () -- C:\Users\Philipp\defogger_reenable
[2012.09.17 18:20:39 | 000,050,477 | ---- | C] () -- C:\Users\Philipp\Desktop\Defogger.exe
[2012.09.17 17:54:13 | 000,002,965 | ---- | C] () -- C:\Users\Philipp\Desktop\HiJackThis.lnk
[2012.09.16 20:15:20 | 000,000,984 | ---- | C] () -- C:\Users\Philipp\Desktop\PC Cleaner Pro.lnk
[2012.09.11 15:00:50 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike Source.lnk
[2012.09.06 13:58:35 | 000,000,802 | ---- | C] () -- C:\Users\Philipp\Desktop\Minecraft_Server - Verknüpfung.lnk
[2012.09.03 19:15:40 | 000,001,318 | ---- | C] () -- C:\Users\Philipp\Desktop\Free YouTube Download.lnk
[2012.09.03 19:03:53 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.03 19:03:53 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.09.02 11:36:37 | 000,000,945 | ---- | C] () -- C:\Users\Philipp\Desktop\The Binding of Isaac.lnk
[2012.07.26 12:41:53 | 000,181,704 | ---- | C] () -- C:\Windows\hpoins28.dat
[2012.07.26 12:41:53 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2012.05.19 20:23:01 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012.05.19 20:23:01 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012.04.30 20:12:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.03.05 18:47:57 | 000,000,098 | ---- | C] () -- C:\Windows\h3maped.INI
[2012.01.03 18:14:26 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.12.29 16:15:52 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.07.13 12:34:28 | 001,390,432 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.24 18:58:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\StellarProfile.dll
[2011.05.24 18:58:36 | 000,000,070 | ---- | C] () -- C:\Windows\spwdrhag.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.01 14:50:43 | 000,001,186 | ---- | C] () -- C:\Program Files (x86)\16-44100d.wav
[2011.04.01 14:50:43 | 000,000,956 | ---- | C] () -- C:\Program Files (x86)\16-44100u.wav
[2011.04.01 14:50:43 | 000,000,652 | ---- | C] () -- C:\Program Files (x86)\16-22050d.wav
[2011.04.01 14:50:43 | 000,000,587 | ---- | C] () -- C:\Program Files (x86)\8-44100d.wav
[2011.04.01 14:50:43 | 000,000,442 | ---- | C] () -- C:\Program Files (x86)\16-22050u.wav
[2011.04.01 14:50:43 | 000,000,421 | ---- | C] () -- C:\Program Files (x86)\8-44100u.wav
[2011.04.01 14:50:43 | 000,000,340 | ---- | C] () -- C:\Program Files (x86)\16-11025d.wav
[2011.04.01 14:50:43 | 000,000,326 | ---- | C] () -- C:\Program Files (x86)\16-11025u.wav
[2011.04.01 14:50:43 | 000,000,317 | ---- | C] () -- C:\Program Files (x86)\8-22050d.wav
[2011.04.01 14:50:43 | 000,000,260 | ---- | C] () -- C:\Program Files (x86)\16-8000d.wav
[2011.04.01 14:50:43 | 000,000,225 | ---- | C] () -- C:\Program Files (x86)\8-22050u.wav
[2011.04.01 14:50:43 | 000,000,220 | ---- | C] () -- C:\Program Files (x86)\16-8000u.wav
[2011.04.01 14:50:43 | 000,000,183 | ---- | C] () -- C:\Program Files (x86)\8-11025d.wav
[2011.04.01 14:50:43 | 000,000,151 | ---- | C] () -- C:\Program Files (x86)\8-8000d.wav
[2011.04.01 14:50:43 | 000,000,135 | ---- | C] () -- C:\Program Files (x86)\8-11025u.wav
[2011.04.01 14:50:43 | 000,000,127 | ---- | C] () -- C:\Program Files (x86)\8-8000u.wav
[2011.03.03 18:33:53 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.07 18:19:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.27 19:32:01 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.11.24 16:08:17 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.11.17 19:16:10 | 000,001,682 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.11.17 19:16:10 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B5A24A05A6.sys
[2010.10.28 17:54:01 | 000,033,134 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\UserTile.png
[2010.10.22 20:35:57 | 000,001,548 | ---- | C] () -- C:\Windows\SysWow64\nogoapp.dat
[2010.10.17 14:03:29 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.10.10 21:55:33 | 000,000,145 | -H-- | C] () -- C:\Windows\SysWow64\CTLSW.INI
[2010.10.10 21:55:00 | 000,000,156 | ---- | C] () -- C:\Windows\SysWow64\swctl.dll

========== LOP Check ==========

[2010.10.28 17:41:08 | 000,000,000 | -HSD | M] -- C:\Users\Philipp\AppData\Roaming\.#
[2012.09.06 13:56:18 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\.minecraft
[2012.03.27 14:11:43 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Babylon
[2012.02.04 11:26:22 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Canneverbe Limited
[2012.04.21 18:10:07 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010.10.06 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
[2012.01.08 18:40:01 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DerStyle & Co
[2011.12.15 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Dexpot
[2012.09.03 19:15:45 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
[2012.09.03 19:15:42 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.02 21:43:59 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\EvaBox
[2010.10.17 12:33:24 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\GARMIN
[2012.09.09 09:24:51 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\ICQ
[2012.03.29 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\ICQ Search
[2011.07.23 14:10:48 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\InterTrust
[2011.08.14 16:54:31 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Kalypso Media
[2012.08.27 20:52:48 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\loadtbs
[2011.04.14 17:07:08 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Notepad++
[2011.01.26 19:44:27 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\OpenArena
[2012.04.30 20:08:23 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\OpenCandy
[2011.12.13 18:37:09 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Origin
[2011.10.24 18:58:03 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Packard Bell
[2012.09.16 20:15:24 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PC Cleaners
[2012.09.16 20:15:25 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PCPro
[2012.04.22 13:05:11 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PDAppFlex
[2010.10.30 20:10:32 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PlayFirst
[2012.04.13 20:44:32 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\ProtectDisc
[2010.12.27 20:01:07 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Registry Mechanic
[2011.08.17 18:13:15 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\ScummVM
[2012.05.26 18:43:26 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Sierra Entertainment
[2010.08.25 15:25:02 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\SPORE
[2011.07.13 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Stardock
[2012.01.27 15:10:15 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TeamViewer
[2011.02.17 17:27:22 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TS3Client
[2011.10.24 19:17:48 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TuneUp Software
[2012.06.26 13:04:25 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\uTorrent
[2011.08.29 16:23:11 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Wireshark
[2012.09.17 18:22:53 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.11.08 19:27:23 | 000,000,240 | ---- | M] () -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
[2011.11.05 16:21:16 | 000,000,198 | ---- | M] () -- C:\Windows\Tasks\{A120EFC4-7E8C-478E-8555-8BC94DABEABA}.job
[2011.07.17 20:32:32 | 000,000,198 | ---- | M] () -- C:\Windows\Tasks\{FDC1B619-A8C4-476C-9AAF-AE26AA03B605}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C3AE45C9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP

1B5B4F1
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:F41F8101

Und hier das HijackThis-Logfile:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:54, on 17.09.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\PC Cleaners\PCCleaners.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\Programme\spiele\CSS-Counter Strike Source\hl2.exe
C:\Windows\SysWOW64\rundll32.exe
D:\Programme\Steam\Steam.exe
D:\Programme\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
O3 - Toolbar: Avira SearchFree Toolbar plus WebGuard - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
O4 - HKCU\..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\anwender\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CF91807-55A5-4684-A97D-3DE531A9909B}: NameServer = 10.74.120.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RPC-Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Users\Philipp\temp\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14310 bytes

markusg · 17.09.2012, 20:46

hi

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Sumajo · 18.09.2012, 18:01

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-09-18.06 - Philipp 18.09.2012  18:39:26.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2316 [GMT 2:00]
ausgeführt von:: c:\users\Philipp\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\packardbell.ico
c:\programdata\B5A24A05A6.sys
c:\programdata\MPK
c:\programdata\MPK\1\D0000
c:\programdata\MPK\1\I40584_6048854282
c:\programdata\MPK\1\I40584_6083576852
c:\programdata\MPK\1\I40584_6118299653
c:\programdata\MPK\1\I40584_6153022569
c:\programdata\MPK\1\I40584_6187745255
c:\programdata\MPK\1\I40584_6222468056
c:\programdata\MPK\1\I40584_6257191204
c:\programdata\MPK\1\I40584_6291914699
c:\programdata\MPK\1\I40584_6326636806
c:\programdata\MPK\1\I40584_6361360301
c:\programdata\MPK\1\I40584_6396082870
c:\programdata\MPK\1\I40584_6430805903
c:\programdata\MPK\1\I40584_6465528935
c:\programdata\MPK\1\I40584_6500251389
c:\programdata\MPK\1\I40584_6534974074
c:\programdata\MPK\1\I40584_6569696643
c:\programdata\MPK\1\I40584_6604419329
c:\programdata\MPK\1\I40584_6639142245
c:\programdata\MPK\1\I40584_6673865625
c:\programdata\MPK\1\I40584_6708588657
c:\programdata\MPK\1\I40584_6743311458
c:\programdata\MPK\1\I40585_6291739120
c:\programdata\MPK\1\I40585_6326462384
c:\programdata\MPK\1\I40585_6361185069
c:\programdata\MPK\1\I40585_6395907870
c:\programdata\MPK\1\I40585_6430630787
c:\programdata\MPK\1\I40585_6465354051
c:\programdata\MPK\1\I40585_6500076620
c:\programdata\MPK\1\I40585_6534800000
c:\programdata\MPK\1\I40585_6569522222
c:\programdata\MPK\1\I40585_6604244676
c:\programdata\MPK\1\I40585_6638968171
c:\programdata\MPK\1\I40585_6673690509
c:\programdata\MPK\1\I40585_6708414120
c:\programdata\MPK\1\I40585_6743136806
c:\programdata\MPK\1\I40585_6777859144
c:\programdata\MPK\1\I40585_6812582523
c:\programdata\MPK\1\I40585_6847304745
c:\programdata\MPK\1\I40585_6882027662
c:\programdata\MPK\1\I40586_5401556250
c:\programdata\MPK\1\I40586_5436278241
c:\programdata\MPK\1\I40586_5471001273
c:\programdata\MPK\1\I40586_5505724074
c:\programdata\MPK\1\I40586_5540447106
c:\programdata\MPK\1\I40586_5575170718
c:\programdata\MPK\1\I40586_5609892593
c:\programdata\MPK\1\I40586_5644615625
c:\programdata\MPK\1\I40586_5679338542
c:\programdata\MPK\1\I40586_5714062037
c:\programdata\MPK\1\I40586_5748784028
c:\programdata\MPK\1\I40586_5783507407
c:\programdata\MPK\1\I40586_5818230324
c:\programdata\MPK\1\I40586_5852952894
c:\programdata\MPK\1\I40586_5887676042
c:\programdata\MPK\1\I40586_5922398380
c:\programdata\MPK\1\I40586_5957121296
c:\programdata\MPK\1\I40586_5991844792
c:\programdata\MPK\1\I40587_6143354282
c:\programdata\MPK\1\I40587_6178436111
c:\programdata\MPK\1\I40587_6213159375
c:\programdata\MPK\1\I40587_6247881713
c:\programdata\MPK\1\I40587_6282605440
c:\programdata\MPK\1\I40587_6317328009
c:\programdata\MPK\1\I40587_6352051157
c:\programdata\MPK\1\I40587_6386773495
c:\programdata\MPK\1\I40587_6421496181
c:\programdata\MPK\1\I40587_6456219676
c:\programdata\MPK\1\I40587_6490941667
c:\programdata\MPK\1\I40587_6525664815
c:\programdata\MPK\1\I40587_6560387500
c:\programdata\MPK\1\I40587_6595110764
c:\programdata\MPK\1\I40587_6629833681
c:\programdata\MPK\1\I40587_6664556250
c:\programdata\MPK\1\I40587_6699279514
c:\programdata\MPK\1\I40587_6734003009
c:\programdata\MPK\1\I40591_6290526620
c:\programdata\MPK\1\I40591_6325249074
c:\programdata\MPK\1\I40591_6359971875
c:\programdata\MPK\1\I40591_6394694097
c:\programdata\MPK\1\I40591_6429417824
c:\programdata\MPK\1\I40591_6464140394
c:\programdata\MPK\1\I40591_6498863079
c:\programdata\MPK\1\I40591_6533585648
c:\programdata\MPK\1\I40591_6568309491
c:\programdata\MPK\1\I40591_6603031597
c:\programdata\MPK\1\I40591_6637754514
c:\programdata\MPK\1\I40591_6672477083
c:\programdata\MPK\1\I40591_6707200579
c:\programdata\MPK\1\I40591_6741922917
c:\programdata\MPK\1\I40591_6776645602
c:\programdata\MPK\1\I40591_6811368634
c:\programdata\MPK\1\I40591_6846092593
c:\programdata\MPK\1\I40591_6880815856
c:\programdata\MPK\1\I40592_5853444560
c:\programdata\MPK\1\I40592_5888167014
c:\programdata\MPK\1\I40592_5922890278
c:\programdata\MPK\1\I40592_5957612616
c:\programdata\MPK\1\I40592_6027058912
c:\programdata\MPK\1\I40592_6061781829
c:\programdata\MPK\1\I40592_6096504861
c:\programdata\MPK\1\I40592_6131227083
c:\programdata\MPK\1\I40592_6165949769
c:\programdata\MPK\1\I40592_6200672685
c:\programdata\MPK\1\I40592_6288530093
c:\programdata\MPK\1\I40592_6323253125
c:\programdata\MPK\1\I40592_6357975463
c:\programdata\MPK\1\I40592_6392698727
c:\programdata\MPK\1\I40592_6427421065
c:\programdata\MPK\1\I40592_6499519444
c:\programdata\MPK\1\I40592_6534242361
c:\programdata\MPK\1\I40592_6568965509
c:\programdata\MPK\1\I40592_6603688310
c:\programdata\MPK\1\I40592_6638410995
c:\programdata\MPK\1\I40592_6673134028
c:\programdata\MPK\1\I40592_6707856829
c:\programdata\MPK\1\I40592_6742579977
c:\programdata\MPK\1\I40592_6777303241
c:\programdata\MPK\1\I40592_6812025347
c:\programdata\MPK\1\I40592_6846748611
c:\programdata\MPK\1\I40592_6881471528
c:\programdata\MPK\1\I40592_6916193866
c:\programdata\MPK\1\I40592_6950917014
c:\programdata\MPK\1\I40592_6985639699
c:\programdata\MPK\1\I40592_7020362616
c:\programdata\MPK\1\I40592_7055085185
c:\programdata\MPK\1\I40592_7089808102
c:\programdata\MPK\1\I40592_7124531944
c:\programdata\MPK\1\I40593_4876000810
c:\programdata\MPK\1\I40593_4910723727
c:\programdata\MPK\1\I40593_4945447338
c:\programdata\MPK\1\I40593_4980170255
c:\programdata\MPK\1\I40593_5014893287
c:\programdata\MPK\1\I40593_5049615162
c:\programdata\MPK\1\I40593_5084339005
c:\programdata\MPK\1\I40593_5119060764
c:\programdata\MPK\1\I40593_5153784375
c:\programdata\MPK\1\I40593_5188506944
c:\programdata\MPK\1\I40593_5223229398
c:\programdata\MPK\1\I40593_5257953241
c:\programdata\MPK\1\I40593_5292675347
c:\programdata\MPK\1\I40593_5327398495
c:\programdata\MPK\1\I40593_5393613889
c:\programdata\MPK\1\I40593_5428335648
c:\programdata\MPK\1\I40593_5463059028
c:\programdata\MPK\1\I40594_6641838657
c:\programdata\MPK\1\I40594_6676561806
c:\programdata\MPK\1\I40594_6711284144
c:\programdata\MPK\1\I40594_6746007176
c:\programdata\MPK\1\I40594_6780730324
c:\programdata\MPK\1\I40594_6815453009
c:\programdata\MPK\1\I40594_6850175463
c:\programdata\MPK\1\I40594_6884898727
c:\programdata\MPK\1\I40594_6919621759
c:\programdata\MPK\1\I40594_6954343866
c:\programdata\MPK\1\I40594_6989067708
c:\programdata\MPK\1\I40594_7023789583
c:\programdata\MPK\1\I40594_7058513426
c:\programdata\MPK\1\I40594_7093236343
c:\programdata\MPK\1\I40594_7127959028
c:\programdata\MPK\1\I40594_7246914352
c:\programdata\MPK\1\I40594_7281637037
c:\programdata\MPK\1\I40595_6272192593
c:\programdata\MPK\1\I40595_6306914468
c:\programdata\MPK\1\I40595_6341637731
c:\programdata\MPK\1\I40595_7338996412
c:\programdata\MPK\1\I40595_7373718403
c:\programdata\MPK\1\I40595_7408441319
c:\programdata\MPK\1\I40595_7443164120
c:\programdata\MPK\1\I40595_7477887616
c:\programdata\MPK\1\I40595_7512610648
c:\programdata\MPK\1\I40595_7547332639
c:\programdata\MPK\1\I40595_7582055556
c:\programdata\MPK\1\I40595_7616778704
c:\programdata\MPK\1\I40595_7651501736
c:\programdata\MPK\1\I40595_7686225116
c:\programdata\MPK\1\I40595_7828144560
c:\programdata\MPK\1\I40595_7847611806
c:\programdata\MPK\1\I40595_7882334028
c:\programdata\MPK\1\I40595_7917086111
c:\programdata\MPK\1\I40595_7951808681
c:\programdata\MPK\1\I40595_7952593171
c:\programdata\MPK\1\I40595_7952612500
c:\programdata\MPK\1\I40596_6280182060
c:\programdata\MPK\1\I40596_6314903935
c:\programdata\MPK\1\I40596_6349627431
c:\programdata\MPK\1\I40596_6384349884
c:\programdata\MPK\1\I40596_6419073264
c:\programdata\MPK\1\I40596_6453796296
c:\programdata\MPK\1\I40596_7230464005
c:\programdata\MPK\1\I40596_7265187384
c:\programdata\MPK\1\I40596_7299909722
c:\programdata\MPK\1\I40596_7334632060
c:\programdata\MPK\1\I40596_7369355440
c:\programdata\MPK\1\I40596_7404077778
c:\programdata\MPK\1\I40596_7438800694
c:\programdata\MPK\1\I40596_7473523843
c:\programdata\MPK\1\I40596_7508247106
c:\programdata\MPK\1\I40596_7542969907
c:\programdata\MPK\1\I40596_7577693171
c:\programdata\MPK\1\I40597_7312547801
c:\programdata\MPK\1\I40597_7347270255
c:\programdata\MPK\1\I40597_7381993866
c:\programdata\MPK\1\I40597_7416715972
c:\programdata\MPK\1\I40597_7451438773
c:\programdata\MPK\1\I40597_7486161921
c:\programdata\MPK\1\I40597_7520885532
c:\programdata\MPK\1\I40597_7555608102
c:\programdata\MPK\1\I40597_7794658449
c:\programdata\MPK\1\I40597_7829381597
c:\programdata\MPK\1\I40597_7864104977
c:\programdata\MPK\1\I40597_7898827546
c:\programdata\MPK\1\I40597_8043232755
c:\programdata\MPK\1\I40597_8077955903
c:\programdata\MPK\1\I40597_8112678472
c:\programdata\MPK\1\I40597_8147401620
c:\programdata\MPK\1\I40598_6286673264
c:\programdata\MPK\1\I40598_6321395139
c:\programdata\MPK\1\I40598_6356118171
c:\programdata\MPK\1\I40598_6390841204
c:\programdata\MPK\1\I40598_6425564583
c:\programdata\MPK\1\I40598_6460287037
c:\programdata\MPK\1\I40598_6495009491
c:\programdata\MPK\1\I40598_6529733102
c:\programdata\MPK\1\I40598_6564455671
c:\programdata\MPK\1\I40598_6599178009
c:\programdata\MPK\1\I40598_6633901736
c:\programdata\MPK\1\I40598_6668623611
c:\programdata\MPK\1\I40598_6703347338
c:\programdata\MPK\1\I40598_6738069676
c:\programdata\MPK\1\I40598_6772792245
c:\programdata\MPK\1\I40598_6807515162
c:\programdata\MPK\1\I40598_6842237963
c:\programdata\MPK\1\I40599_6321465741
c:\programdata\MPK\1\I40599_6356188079
c:\programdata\MPK\1\I40599_6390911458
c:\programdata\MPK\1\I40599_6413378819
c:\programdata\MPK\1\I40599_6413562963
c:\programdata\MPK\1\I40599_6413598264
c:\programdata\MPK\1\I40599_6413634722
c:\programdata\MPK\1\I40599_6425633681
c:\programdata\MPK\1\I40599_6460357407
c:\programdata\MPK\1\I40599_6495079398
c:\programdata\MPK\1\I40599_6529803241
c:\programdata\MPK\1\I40599_6564525694
c:\programdata\MPK\1\I40599_6599248611
c:\programdata\MPK\1\I40599_6633970949
c:\programdata\MPK\1\I40599_6668694676
c:\programdata\MPK\1\I40599_6703416782
c:\programdata\MPK\1\I40599_6738139815
c:\programdata\MPK\1\I40599_6772862616
c:\programdata\MPK\1\I40599_6807586227
c:\programdata\MPK\1\I40599_6842308449
c:\programdata\MPK\1\I40599_6877031366
c:\programdata\MPK\1\I40599_6911753935
c:\programdata\MPK\1\I40600_3803818287
c:\programdata\MPK\1\I40600_3838541088
c:\programdata\MPK\1\I40600_3873264120
c:\programdata\MPK\1\I40600_3907986343
c:\programdata\MPK\1\I40600_3942709144
c:\programdata\MPK\1\I40600_3977432060
c:\programdata\MPK\1\I40600_4012155903
c:\programdata\MPK\1\I40600_4046878241
c:\programdata\MPK\1\I40600_4081601157
c:\programdata\MPK\1\I40600_4116323843
c:\programdata\MPK\1\I40600_4151046644
c:\programdata\MPK\1\I40600_4185770023
c:\programdata\MPK\1\I40600_4220492361
c:\programdata\MPK\1\I40600_4255215393
c:\programdata\MPK\1\I40600_4289937847
c:\programdata\MPK\1\I40600_4324661111
c:\programdata\MPK\1\I40600_4359383681
c:\programdata\MPK\1\I40602_7351889005
c:\programdata\MPK\1\I40602_7414774884
c:\programdata\MPK\1\I40602_7449498148
c:\programdata\MPK\1\I40602_7484221528
c:\programdata\MPK\1\I40602_7518943866
c:\programdata\MPK\1\I40602_7553666204
c:\programdata\MPK\1\I40602_7588389815
c:\programdata\MPK\1\I40602_7623112731
c:\programdata\MPK\1\I40602_7657834838
c:\programdata\MPK\1\I40602_7692558681
c:\programdata\MPK\1\I40602_7727280556
c:\programdata\MPK\1\I40602_7762004282
c:\programdata\MPK\1\I40602_7796726736
c:\programdata\MPK\1\I40602_7831449653
c:\programdata\MPK\1\I40602_7866172338
c:\programdata\MPK\1\I40602_7900895949
c:\programdata\MPK\1\I40602_7935618056
c:\programdata\MPK\1\I40603_6146000000
c:\programdata\MPK\1\I40603_6180722801
c:\programdata\MPK\1\I40603_6215446065
c:\programdata\MPK\1\I40603_6250168056
c:\programdata\MPK\1\I40603_6284891204
c:\programdata\MPK\1\I40603_6319614468
c:\programdata\MPK\1\I40603_6354337384
c:\programdata\MPK\1\I40603_6389060301
c:\programdata\MPK\1\I40603_6423783102
c:\programdata\MPK\1\I40603_6458505556
c:\programdata\MPK\1\I40603_7242536806
c:\programdata\MPK\1\I40603_7277259722
c:\programdata\MPK\1\I40603_7311982755
c:\programdata\MPK\1\I40603_7346704977
c:\programdata\MPK\1\I40603_7381427662
c:\programdata\MPK\1\I40603_7416150694
c:\programdata\MPK\1\I40603_7450873380
c:\programdata\MPK\1\I40603_7485596644
c:\programdata\MPK\1\I40603_7520319560
c:\programdata\MPK\1\I40603_7555041898
c:\programdata\MPK\1\I40603_7589765509
c:\programdata\MPK\1\I40603_7624488194
c:\programdata\MPK\1\I40603_7659210995
c:\programdata\MPK\1\I40603_7693933912
c:\programdata\MPK\1\I40603_7728656597
c:\programdata\MPK\1\I40603_7763379861
c:\programdata\MPK\1\I40603_7798101968
c:\programdata\MPK\1\I40603_7832825347
c:\programdata\MPK\1\I40603_7867548264
c:\programdata\MPK\1\I40604_7338093518
c:\programdata\MPK\1\I40604_7372815972
c:\programdata\MPK\1\I40604_7407538657
c:\programdata\MPK\1\I40604_7442261921
c:\programdata\MPK\1\I40604_7476984606
c:\programdata\MPK\1\I40604_7511707176
c:\programdata\MPK\1\I40604_7546430093
c:\programdata\MPK\1\I40604_7581153357
c:\programdata\MPK\1\I40604_7615876736
c:\programdata\MPK\1\I40604_7650598611
c:\programdata\MPK\1\I40604_7685322222
c:\programdata\MPK\1\I40604_7720045370
c:\programdata\MPK\1\I40604_7754767708
c:\programdata\MPK\1\I40604_7789490741
c:\programdata\MPK\1\I40604_7824213657
c:\programdata\MPK\1\I40604_7858935995
c:\programdata\MPK\1\I40604_7893659375
c:\programdata\MPK\1\I40604_7928381597
c:\programdata\MPK\1\I40605_5489789931
c:\programdata\MPK\1\I40605_5524512731
c:\programdata\MPK\1\I40605_5559235532
c:\programdata\MPK\1\I40605_5593958912
c:\programdata\MPK\1\I40605_5628681250
c:\programdata\MPK\1\I40605_5663404051
c:\programdata\MPK\1\I40605_5698127662
c:\programdata\MPK\1\I40605_5732849769
c:\programdata\MPK\1\I40605_5767572917
c:\programdata\MPK\1\I40605_5802295602
c:\programdata\MPK\1\I40605_5837018519
c:\programdata\MPK\1\I40605_5871741782
c:\programdata\MPK\1\I40605_5906464120
c:\programdata\MPK\1\I40605_5941187847
c:\programdata\MPK\1\I40605_5975910417
c:\programdata\MPK\1\I40605_6010633796
c:\programdata\MPK\1\I40605_6045355787
c:\programdata\MPK\1\I40605_6080078704
c:\programdata\MPK\1\I40605_6114801620
c:\programdata\MPK\1\I40605_6149525231
c:\programdata\MPK\1\I40605_6184247338
c:\programdata\MPK\1\I40605_6218970023
c:\programdata\MPK\1\I40605_6253693056
c:\programdata\MPK\1\I40605_6288416204
c:\programdata\MPK\1\I40605_6323139120
c:\programdata\MPK\1\I40605_6357862384
c:\programdata\MPK\1\I40605_6392584838
c:\programdata\MPK\1\I40605_6427307639
c:\programdata\MPK\1\I40605_6462029977
c:\programdata\MPK\1\I40605_6496753009
c:\programdata\MPK\1\I40605_6531475694
c:\programdata\MPK\1\I40605_6566199537
c:\programdata\MPK\1\I40605_6600922222
c:\programdata\MPK\1\I40605_6635644213
c:\programdata\MPK\1\I40605_6670367130
c:\programdata\MPK\1\I40605_6705090046
c:\programdata\MPK\1\I40605_6739813194
c:\programdata\MPK\1\I40605_6774535880
c:\programdata\MPK\1\I40605_6809258565
c:\programdata\MPK\1\I40605_6843981366
c:\programdata\MPK\1\I40605_6878704745
c:\programdata\MPK\1\I40605_6913427083
c:\programdata\MPK\1\I40605_6945644444
c:\programdata\MPK\1\I40605_6945680903
c:\programdata\MPK\1\I40605_6945717361
c:\programdata\MPK\1\I40605_6945751736
c:\programdata\MPK\1\I40605_6945786690
c:\programdata\MPK\1\I40605_6945821412
c:\programdata\MPK\1\I40605_6945855903
c:\programdata\MPK\1\I40605_6945890509
c:\programdata\MPK\1\I40605_6945925347
c:\programdata\MPK\1\I40605_6945959954
c:\programdata\MPK\1\I40605_6945992824
c:\programdata\MPK\1\I40605_6946027778
c:\programdata\MPK\1\I40605_6946062153
c:\programdata\MPK\1\I40605_6946100810
c:\programdata\MPK\1\I40605_6946135532
c:\programdata\MPK\1\I40605_6946170139
c:\programdata\MPK\1\I40605_6946206829
c:\programdata\MPK\1\I40605_6946239583
c:\programdata\MPK\1\I40605_6946274306
c:\programdata\MPK\1\I40605_6946310880
c:\programdata\MPK\1\I40605_6946348032
c:\programdata\MPK\1\I40605_6946382292
c:\programdata\MPK\1\I40605_6946417477
c:\programdata\MPK\1\I40605_6948150463
c:\programdata\MPK\1\I40605_6982873380
c:\programdata\MPK\1\I40605_7017595718
c:\programdata\MPK\1\I40605_7052318634
c:\programdata\MPK\1\I40605_7087041782
c:\programdata\MPK\1\I40605_7121764468
c:\programdata\MPK\1\I40605_7156487847
c:\programdata\MPK\1\I40605_7191210532
c:\programdata\MPK\1\I40605_7225933333
c:\programdata\MPK\1\I40605_7260656250
c:\programdata\MPK\1\I40605_7295379630
c:\programdata\MPK\1\I40605_7330101505
c:\programdata\MPK\1\I40605_7364824537
c:\programdata\MPK\1\I40605_7399547454
c:\programdata\MPK\1\I40605_7434270139
c:\programdata\MPK\1\I40605_7468993056
c:\programdata\MPK\1\I40605_7503715741
c:\programdata\MPK\1\I40605_7538439005
c:\programdata\MPK\1\I40605_7573161458
c:\programdata\MPK\1\I40606_5816747917
c:\programdata\MPK\1\I40606_5851470949
c:\programdata\MPK\1\I40606_5886193634
c:\programdata\MPK\1\I40606_5920916898
c:\programdata\MPK\1\I40606_5955639583
c:\programdata\MPK\1\I40606_6059807639
c:\programdata\MPK\1\I40606_6094530903
c:\programdata\MPK\1\I40606_6129253935
c:\programdata\MPK\1\I40606_6163976968
c:\programdata\MPK\1\I40606_6615373843
c:\programdata\MPK\1\I40606_6650096528
c:\programdata\MPK\1\I40606_7204415741
c:\programdata\MPK\1\I40606_7204452431
c:\programdata\MPK\1\I40606_7204508449
c:\programdata\MPK\1\I40606_7204560417
c:\programdata\MPK\1\I40606_7204610185
c:\programdata\MPK\1\I40606_7204662847
c:\programdata\MPK\1\I40606_7204847569
c:\programdata\MPK\1\I40606_7204888657
c:\programdata\MPK\1\I40606_7204922569
c:\programdata\MPK\1\I40606_7205055440
c:\programdata\MPK\1\I40606_7205088310
c:\programdata\MPK\1\I40606_7457242361
c:\programdata\MPK\1\I40606_7934842245
c:\programdata\MPK\1\I40606_7969564815
c:\programdata\MPK\1\I40607_5833962037
c:\programdata\MPK\1\I40607_5868684028
c:\programdata\MPK\1\I40607_5903407292
c:\programdata\MPK\1\I40607_5938129514
c:\programdata\MPK\1\I40607_5972852662
c:\programdata\MPK\1\I40607_6007575347
c:\programdata\MPK\1\I40607_6042299074
c:\programdata\MPK\1\I40607_6077021065
c:\programdata\MPK\1\I40607_6111743866
c:\programdata\MPK\1\I40607_6146467361
c:\programdata\MPK\1\I40607_6181190046
c:\programdata\MPK\1\I40607_6215913194
c:\programdata\MPK\1\I40607_6250635880
c:\programdata\MPK\1\I40607_6285359028
c:\programdata\MPK\1\I40607_6320081597
c:\programdata\MPK\1\I40607_6354804282
c:\programdata\MPK\1\I40607_6389527199
c:\programdata\MPK\1\I40607_6424250116
c:\programdata\MPK\1\I40607_6458972569
c:\programdata\MPK\1\I40607_6493696181
c:\programdata\MPK\1\I40607_6528418981
c:\programdata\MPK\1\I40607_6563141088
c:\programdata\MPK\1\I40607_6597863889
c:\programdata\MPK\1\I40607_6632587847
c:\programdata\MPK\1\I40607_6667310069
c:\programdata\MPK\1\I40607_6702032523
c:\programdata\MPK\1\I40607_6736755903
c:\programdata\MPK\1\I40607_6771478472
c:\programdata\MPK\1\I40607_6806201042
c:\programdata\MPK\1\I40607_6840923958
c:\programdata\MPK\1\I40607_6875647685
c:\programdata\MPK\1\I40607_6910369792
c:\programdata\MPK\1\I40607_6945093403
c:\programdata\MPK\1\I40607_6979815509
c:\programdata\MPK\1\I40607_7014538889
c:\programdata\MPK\1\I40607_7049262153
c:\programdata\MPK\1\I40607_7083984607
c:\programdata\MPK\1\I40607_7118706944
c:\programdata\MPK\1\I40608_7494429745
c:\programdata\MPK\1\I40608_7529439583
c:\programdata\MPK\1\I40608_7564162847
c:\programdata\MPK\1\I40608_7598885185
c:\programdata\MPK\1\I40608_7633607986
c:\programdata\MPK\1\I40608_7668331944
c:\programdata\MPK\1\I40608_7703054745
c:\programdata\MPK\1\I40608_7737776620
c:\programdata\MPK\1\I40608_7772499884
c:\programdata\MPK\1\I40608_7807223264
c:\programdata\MPK\1\I40609_7449326736
c:\programdata\MPK\1\I40609_7484049653
c:\programdata\MPK\1\I40609_7518772106
c:\programdata\MPK\1\I40609_7553494907
c:\programdata\MPK\1\I40609_7588217708
c:\programdata\MPK\1\I40609_7622940856
c:\programdata\MPK\1\I40609_7657663426
c:\programdata\MPK\1\I40609_7692386343
c:\programdata\MPK\1\I40609_7696091551
c:\programdata\MPK\1\I40609_7696847338
c:\programdata\MPK\1\I40609_7697769560
c:\programdata\MPK\1\I40609_7698399074
c:\programdata\MPK\1\I40609_7698944676
c:\programdata\MPK\1\I40609_7699029167
c:\programdata\MPK\1\I40609_7699565625
c:\programdata\MPK\1\I40609_7700475347
c:\programdata\MPK\1\I40609_7701436111
c:\programdata\MPK\1\I40609_7701556481
c:\programdata\MPK\1\I40609_7701798148
c:\programdata\MPK\1\I40609_7701942708
c:\programdata\MPK\1\I40609_7702008333
c:\programdata\MPK\1\I40609_7702148148
c:\programdata\MPK\1\I40609_7702231481
c:\programdata\MPK\1\I40609_7702318518
c:\programdata\MPK\1\I40609_7702367824
c:\programdata\MPK\1\I40609_7702504630
c:\programdata\MPK\1\I40609_7702574653
c:\programdata\MPK\1\I40609_7702653241
c:\programdata\MPK\1\I40609_7702720718
c:\programdata\MPK\1\I40609_7702800116
c:\programdata\MPK\1\I40609_7703007407
c:\programdata\MPK\1\I40609_7703184259
c:\programdata\MPK\1\I40609_7703273264
c:\programdata\MPK\1\I40609_7703325116
c:\programdata\MPK\1\I40609_7703378819
c:\programdata\MPK\1\I40609_7703432639
c:\programdata\MPK\1\I40609_7703585301
c:\programdata\MPK\1\I40609_7703707407
c:\programdata\MPK\1\I40609_7703752778
c:\programdata\MPK\1\I40609_7704040741
c:\programdata\MPK\1\I40609_7704185185
c:\programdata\MPK\1\I40609_7704375231
c:\programdata\MPK\1\I40609_7705456713
c:\programdata\MPK\1\I40609_7706019792
c:\programdata\MPK\1\I40609_7706202894
c:\programdata\MPK\1\I40609_7706610185
c:\programdata\MPK\1\I40609_7706837268
c:\programdata\MPK\1\I40609_7707579630
c:\programdata\MPK\1\I40609_7707918750
c:\programdata\MPK\1\I40609_7707991782
c:\programdata\MPK\1\I40609_7708027894
c:\programdata\MPK\1\I40609_7708087037
c:\programdata\MPK\1\I40609_7708529630
c:\programdata\MPK\1\I40609_7709275000
c:\programdata\MPK\1\I40609_7709422338
c:\programdata\MPK\1\I40609_7709525926
c:\programdata\MPK\1\I40609_7709676042
c:\programdata\MPK\1\I40609_7709851852
c:\programdata\MPK\1\I40609_7709915856
c:\programdata\MPK\1\I40609_7710171412
c:\programdata\MPK\1\I40609_7710241782
c:\programdata\MPK\1\I40609_7711192593
c:\programdata\MPK\1\I40609_7711776852
c:\programdata\MPK\1\I40609_7712344792
c:\programdata\MPK\1\I40609_7712396412
c:\programdata\MPK\1\I40609_7713502083
c:\programdata\MPK\1\I40609_7713713079
c:\programdata\MPK\1\I40609_7713765972
c:\programdata\MPK\1\I40609_7713814931
c:\programdata\MPK\1\I40609_7713857407
c:\programdata\MPK\1\I40609_7714293634
c:\programdata\MPK\1\I40609_7714877083
c:\programdata\MPK\1\I40609_7715170486
c:\programdata\MPK\1\I40609_7715219560
c:\programdata\MPK\1\I40609_7715270370
c:\programdata\MPK\1\I40609_7715544676
c:\programdata\MPK\1\I40609_7715589005
c:\programdata\MPK\1\I40609_7716252894
c:\programdata\MPK\1\I40609_7716669560
c:\programdata\MPK\1\I40609_7716857407
c:\programdata\MPK\1\I40609_7717208449
c:\programdata\MPK\1\I40609_7717287153
c:\programdata\MPK\1\I40609_7717327894
c:\programdata\MPK\1\I40609_7717354745
c:\programdata\MPK\1\I40609_7717397222
c:\programdata\MPK\1\I40609_7717419560
c:\programdata\MPK\1\I40609_7717473148
c:\programdata\MPK\1\I40609_7718421296
c:\programdata\MPK\1\I40609_7718869444
c:\programdata\MPK\1\I40609_7718923148
c:\programdata\MPK\1\I40609_7719012037
c:\programdata\MPK\1\I40609_7719415972
c:\programdata\MPK\1\I40609_7719659491
c:\programdata\MPK\1\I40609_7719872222
c:\programdata\MPK\1\I40609_7720086111
c:\programdata\MPK\1\I40609_7720301042
c:\programdata\MPK\1\I40609_7720651852
c:\programdata\MPK\1\I40609_7720879861
c:\programdata\MPK\1\I40609_7721324074
c:\programdata\MPK\1\I40609_7722276042
c:\programdata\MPK\1\I40609_7722925116
c:\programdata\MPK\1\I40609_7723702893
c:\programdata\MPK\1\I40609_7727109722
c:\programdata\MPK\1\I40609_7761832060
c:\programdata\MPK\1\I40609_7796555671
c:\programdata\MPK\1\I40609_7831277893
c:\programdata\MPK\1\I40609_7866000810
c:\programdata\MPK\1\I40609_7900723727
c:\programdata\MPK\1\I40609_7935446875
c:\programdata\MPK\1\I40609_7970169444
c:\programdata\MPK\1\I40609_8004892708
c:\programdata\MPK\1\I40609_8039615394
c:\programdata\MPK\1\I40611_7383603819
c:\programdata\MPK\1\I40611_7417494097
c:\programdata\MPK\1\I40611_7452216088
c:\programdata\MPK\1\I40611_7486939120
c:\programdata\MPK\1\I40611_7521662153
c:\programdata\MPK\1\I40611_7556384722
c:\programdata\MPK\1\I40611_7591107523
c:\programdata\MPK\1\I40611_7625830440
c:\programdata\MPK\1\I40611_7660553819
c:\programdata\MPK\1\I40611_7695276736
c:\programdata\MPK\1\I40611_7729999653
c:\programdata\MPK\1\I40611_7764722107
c:\programdata\MPK\1\I40611_7799444792
c:\programdata\MPK\1\I40611_7834168634
c:\programdata\MPK\1\I40611_7868890972
c:\programdata\MPK\1\I40611_7870346181
c:\programdata\MPK\1\I40611_7871608565
c:\programdata\MPK\1\I40611_7903613310
c:\programdata\MPK\1\I40611_8230285301
c:\programdata\MPK\1\I40611_8265007870
c:\programdata\MPK\1\I40611_8299730787
c:\programdata\MPK\1\I40611_8334453819
c:\programdata\MPK\1\I40611_8369176620
c:\programdata\MPK\1\I40611_8403899306
c:\programdata\MPK\1\I40611_8438622106
c:\programdata\MPK\1\I40611_8473344676
c:\programdata\MPK\1\I40611_8508067708
c:\programdata\MPK\1\I40612_6311548495
c:\programdata\MPK\1\I40612_6346271296
c:\programdata\MPK\1\I40612_6380994444
c:\programdata\MPK\1\I40612_6415718056
c:\programdata\MPK\1\I40612_6450440394
c:\programdata\MPK\1\I40612_6485162731
c:\programdata\MPK\1\I40612_6519885880
c:\programdata\MPK\1\I40612_6554609259
c:\programdata\MPK\1\I40612_6589331250
c:\programdata\MPK\1\I40612_6624054514
c:\programdata\MPK\1\I40612_6658778009
c:\programdata\MPK\1\I40612_6693500694
c:\programdata\MPK\1\I40612_6728223611
c:\programdata\MPK\1\I40612_6762945833
c:\programdata\MPK\1\I40612_6797668750
c:\programdata\MPK\1\I40612_6832391319
c:\programdata\MPK\1\I40612_6867114815
c:\programdata\MPK\1\I40612_6901837153
c:\programdata\MPK\1\I40612_7168278704
c:\programdata\MPK\1\I40612_7203001389
c:\programdata\MPK\1\I40612_7237724884
c:\programdata\MPK\1\I40612_7272448032
c:\programdata\MPK\1\I40612_7307170486
c:\programdata\MPK\1\I40612_7341893866
c:\programdata\MPK\1\I40612_7376616435
c:\programdata\MPK\1\I40612_7411339120
c:\programdata\MPK\1\I40612_7446061806
c:\programdata\MPK\1\I40612_7480784491
c:\programdata\MPK\1\I40612_7515507176
c:\programdata\MPK\1\I40612_7550231597
c:\programdata\MPK\1\I40613_4739869792
c:\programdata\MPK\1\I40613_4774592361
c:\programdata\MPK\1\I40613_4809315625
c:\programdata\MPK\1\I40613_4844038079
c:\programdata\MPK\1\I40613_4878760995
c:\programdata\MPK\1\I40613_4913483912
c:\programdata\MPK\1\I40613_4948206829
c:\programdata\MPK\1\I40613_4982929745
c:\programdata\MPK\1\I40613_5017652894
c:\programdata\MPK\1\I40613_5052375926
c:\programdata\MPK\1\I40613_5087098264
c:\programdata\MPK\1\I40613_5121821065
c:\programdata\MPK\1\I40613_5156544792
c:\programdata\MPK\1\I40613_5191266898
c:\programdata\MPK\1\I40613_5225990046
c:\programdata\MPK\1\I40613_5260713079
c:\programdata\MPK\1\I40613_5295435301
c:\programdata\MPK\1\I40613_5330158912
c:\programdata\MPK\1\I40613_5364881019
c:\programdata\MPK\1\I40613_5399603935
c:\programdata\MPK\1\I40613_5434326968
c:\programdata\MPK\1\I40613_5469050000
c:\programdata\MPK\1\I40613_5503772454
c:\programdata\MPK\1\I40613_5538495949
c:\programdata\MPK\1\I40613_5573218171
c:\programdata\MPK\1\I40613_5607941319
c:\programdata\MPK\1\I40613_5642663889
c:\programdata\MPK\1\I40613_5677387500
c:\programdata\MPK\1\I40613_5712110532
c:\programdata\MPK\1\I40613_5746833102
c:\programdata\MPK\1\I40613_5792712384
c:\programdata\MPK\1\I40614_4071888194
c:\programdata\MPK\1\I40614_4106611921
c:\programdata\MPK\1\I40614_4141334606
c:\programdata\MPK\1\I40614_4176056829
c:\programdata\MPK\1\I40614_4210780093
c:\programdata\MPK\1\I40614_4245502546
c:\programdata\MPK\1\I40614_4280225463
c:\programdata\MPK\1\I40614_4314948380
c:\programdata\MPK\1\I40614_4349671065
c:\programdata\MPK\1\I40614_4384394213
c:\programdata\MPK\1\I40614_4419116782
c:\programdata\MPK\1\I40614_4453840162
c:\programdata\MPK\1\I40614_4488562500
c:\programdata\MPK\1\I40614_4523285995
c:\programdata\MPK\1\I40614_4558008449
c:\programdata\MPK\1\I40614_4592731366
c:\programdata\MPK\1\I40614_4627454630
c:\programdata\MPK\1\I40614_4662177662
c:\programdata\MPK\1\I40614_4696899653
c:\programdata\MPK\1\I40614_4731622569
c:\programdata\MPK\1\I40614_4766345602
c:\programdata\MPK\1\I40614_4801068519
c:\programdata\MPK\1\I40614_4835791088
c:\programdata\MPK\1\I40614_4870514699
c:\programdata\MPK\1\I40614_4905236806
c:\programdata\MPK\1\I40614_4939959954
c:\programdata\MPK\1\I40614_4974682870
c:\programdata\MPK\1\I40614_5009405903
c:\programdata\MPK\1\I40614_5044128472
c:\programdata\MPK\1\I40614_5078852315
c:\programdata\MPK\1\I40614_5113575116
c:\programdata\MPK\1\I40614_5148296991
c:\programdata\MPK\1\I40614_5183020023
c:\programdata\MPK\1\I40614_5217742940
c:\programdata\MPK\1\I40614_5252465856
c:\programdata\MPK\1\I40614_5287188889
c:\programdata\MPK\1\I40614_5321911806
c:\programdata\MPK\1\I40614_5356634722
c:\programdata\MPK\1\I40614_5391357176
c:\programdata\MPK\1\I40614_5426080093
c:\programdata\MPK\1\I40614_5460803588
c:\programdata\MPK\1\I40614_5495526505
c:\programdata\MPK\1\I40614_5530248380
c:\programdata\MPK\1\I40614_5564971644
c:\programdata\MPK\1\I40614_5599694329
c:\programdata\MPK\1\I40614_5634417477
c:\programdata\MPK\1\I40614_5669140278
c:\programdata\MPK\1\I40614_5703863310
c:\programdata\MPK\1\I40614_5738585995
c:\programdata\MPK\1\I40614_5773309144
c:\programdata\MPK\1\I40614_5808031366
c:\programdata\MPK\1\I40614_5842754282
c:\programdata\MPK\1\I40614_5877477199
c:\programdata\MPK\1\I40614_5912200000
c:\programdata\MPK\1\I40614_5981646065
c:\programdata\MPK\1\I40614_6016369097
c:\programdata\MPK\1\I40614_6067033796
c:\programdata\MPK\1\I40614_6101756829
c:\programdata\MPK\1\I40614_6136479861
c:\programdata\MPK\1\I40618_5941754630
c:\programdata\MPK\1\I40618_5976477083
c:\programdata\MPK\1\I40618_6011200116
c:\programdata\MPK\1\I40618_6045923032
c:\programdata\MPK\1\I40618_6080645833
c:\programdata\MPK\1\I40618_6115368403
c:\programdata\MPK\1\I40618_6150091435
c:\programdata\MPK\1\I40618_6184814352
c:\programdata\MPK\1\I40618_6219537847
c:\programdata\MPK\1\I40618_6254259722
c:\programdata\MPK\1\I40618_7448329861
c:\programdata\MPK\1\I40618_7483051968
c:\programdata\MPK\1\I40618_7517774768
c:\programdata\MPK\1\I40618_7552497685
c:\programdata\MPK\1\I40618_7587220602
c:\programdata\MPK\1\I40618_7621943287
c:\programdata\MPK\1\I40618_7656667130
c:\programdata\MPK\1\I40618_7691388889
c:\programdata\MPK\1\I40618_7726112269
c:\programdata\MPK\1\I40618_7760835301
c:\programdata\MPK\1\I40618_7795557523
c:\programdata\MPK\1\I40618_7830280787
c:\programdata\MPK\1\I40618_7865003588
c:\programdata\MPK\1\I40618_7899726273
c:\programdata\MPK\1\I40618_7934449653
c:\programdata\MPK\1\I40618_7969172338
c:\programdata\MPK\1\I40618_8003894792
c:\programdata\MPK\1\I40618_8038618056
c:\programdata\MPK\1\I40619_5519575231
c:\programdata\MPK\1\I40619_5554298727
c:\programdata\MPK\1\I40619_5589020602
c:\programdata\MPK\1\I40619_5623743634
c:\programdata\MPK\1\I40619_5658466898
c:\programdata\MPK\1\I40619_5677000579
c:\programdata\MPK\1\I40619_5678408796
c:\programdata\MPK\1\I40619_5678444676
c:\programdata\MPK\1\I40619_5678478588
c:\programdata\MPK\1\I40619_5678510648
c:\programdata\MPK\1\I40619_5678544444
c:\programdata\MPK\1\I40619_5678582639
c:\programdata\MPK\1\I40619_5693189583
c:\programdata\MPK\1\I40619_5727912037
c:\programdata\MPK\1\I40619_5762634954
c:\programdata\MPK\1\I40619_5797358681
c:\programdata\MPK\1\I40619_5832081366
c:\programdata\MPK\1\I40619_5866803472
c:\programdata\MPK\1\I40619_5901526620
c:\programdata\MPK\1\I40619_5936249884
c:\programdata\MPK\1\I40619_5970972569
c:\programdata\MPK\1\I40619_6005695023
c:\programdata\MPK\1\I40619_6040418171
c:\programdata\MPK\1\I40619_6075141435
c:\programdata\MPK\1\I40619_6122275231
c:\programdata\MPK\1\I40619_6156998032
c:\programdata\MPK\1\I40619_6191720833
c:\programdata\MPK\1\I40619_6226444329
c:\programdata\MPK\1\I40619_6261166782
c:\programdata\MPK\1\I40619_6295890394
c:\programdata\MPK\1\I40619_6368292014
c:\programdata\MPK\1\I40619_6403014931
c:\programdata\MPK\1\I40619_6437737731
c:\programdata\MPK\1\I40619_6472460995
c:\programdata\MPK\1\I40619_6507183449
c:\programdata\MPK\1\I40619_6541907060
c:\programdata\MPK\1\I40619_6576629745
c:\programdata\MPK\1\I40619_6611352778
c:\programdata\MPK\1\I40619_6646075000
c:\programdata\MPK\1\I40619_6680798380
c:\programdata\MPK\1\I40619_6715520718
c:\programdata\MPK\1\I40619_6750243403
c:\programdata\MPK\1\I40619_6784966319
c:\programdata\MPK\1\I40619_6819689468
c:\programdata\MPK\1\I40619_6854412731
c:\programdata\MPK\1\I40619_6911194676
c:\programdata\MPK\1\I40619_6945884259
c:\programdata\MPK\1\I40620_6198030787
c:\programdata\MPK\1\I40620_6232753241
c:\programdata\MPK\1\I40620_6267476852
c:\programdata\MPK\1\I40620_6302199190
c:\programdata\MPK\1\I40620_6336922106
c:\programdata\MPK\1\I40620_6371644444
c:\programdata\MPK\1\I40620_6406367593
c:\programdata\MPK\1\I40620_6441090972
c:\programdata\MPK\1\I40620_6475814005
c:\programdata\MPK\1\I40620_6510536458
c:\programdata\MPK\1\I40620_6545259491
c:\programdata\MPK\1\I40620_6579982523
c:\programdata\MPK\1\I40620_6614705440
c:\programdata\MPK\1\I40620_6649427778
c:\programdata\MPK\1\I40620_6684150694
c:\programdata\MPK\1\I40620_6718873032
c:\programdata\MPK\1\I40620_6753595833
c:\programdata\MPK\1\I40620_6788319097
c:\programdata\MPK\1\I40620_6823042708
c:\programdata\MPK\1\I40620_6857764931
c:\programdata\MPK\1\I40620_6892488079
c:\programdata\MPK\1\I40621_4859423843
c:\programdata\MPK\1\I40621_4894147454
c:\programdata\MPK\1\I40621_4928868982
c:\programdata\MPK\1\I40621_4963592361
c:\programdata\MPK\1\I40621_4998314352
c:\programdata\MPK\1\I40621_5033037847
c:\programdata\MPK\1\I40621_5067766204
c:\programdata\MPK\1\I40621_5102483912
c:\programdata\MPK\1\I40621_5179825579
c:\programdata\MPK\1\I40622_6390056597
c:\programdata\MPK\1\I40622_6424778935
c:\programdata\MPK\1\I40622_6459501968
c:\programdata\MPK\1\I40622_6494224769
c:\programdata\MPK\1\I40622_6528947801
c:\programdata\MPK\1\I40622_6563670486
c:\programdata\MPK\1\I40622_6598393519
c:\programdata\MPK\1\I40622_6633116204
c:\programdata\MPK\1\I40622_6667839120
c:\programdata\MPK\1\I40622_6702561806
c:\programdata\MPK\1\I40622_6737285185
c:\programdata\MPK\1\I40622_6772008333
c:\programdata\MPK\1\I40622_6806731134
c:\programdata\MPK\1\I40622_6841453704
c:\programdata\MPK\1\I40622_6876176157
c:\programdata\MPK\1\I40622_6910899421
c:\programdata\MPK\1\I40622_6945621991
c:\programdata\MPK\1\I40622_6980345255
c:\programdata\MPK\1\I40623_7758748380
c:\programdata\MPK\1\I40623_7793470602
c:\programdata\MPK\1\I40623_7828193750
c:\programdata\MPK\1\I40623_7862917014
c:\programdata\MPK\1\I40623_7897640046
c:\programdata\MPK\1\I40623_7932362037
c:\programdata\MPK\1\I40623_7967085185
c:\programdata\MPK\1\I40623_8001808449
c:\programdata\MPK\1\I40623_8036530671
c:\programdata\MPK\1\I40623_8071254051
c:\programdata\MPK\1\I40623_8105976389
c:\programdata\MPK\1\I40623_8140699768
c:\programdata\MPK\1\I40623_8175422107
c:\programdata\MPK\1\I40623_8210145602
c:\programdata\MPK\1\I40624_6115708333
c:\programdata\MPK\1\I40624_6150279051
c:\programdata\MPK\1\I40624_6185001157
c:\programdata\MPK\1\I40624_6219724653
c:\programdata\MPK\1\I40624_6254447106
c:\programdata\MPK\1\I40624_6289170255
c:\programdata\MPK\1\I40624_6323893403
c:\programdata\MPK\1\I40624_6358616319
c:\programdata\MPK\1\I40624_6393338542
c:\programdata\MPK\1\I40624_6428062037
c:\programdata\MPK\1\I40624_6462784606
c:\programdata\MPK\1\I40626_6098873032
c:\programdata\MPK\1\I40626_6160053357
c:\programdata\MPK\1\I40626_6194776273
c:\programdata\MPK\1\I40626_6229499190
c:\programdata\MPK\1\I40626_6257026389
c:\programdata\MPK\1\I40626_6257256134
c:\programdata\MPK\1\I40626_6258698264
c:\programdata\MPK\1\I40626_6264222569
c:\programdata\MPK\1\I40626_6294252315
c:\programdata\MPK\1\I40626_6298945949
c:\programdata\MPK\1\I40626_6333667940
c:\programdata\MPK\1\I40626_6368391667
c:\programdata\MPK\1\I40626_6403113542
c:\programdata\MPK\1\I40626_6437837153
c:\programdata\MPK\1\I40626_6472560069
c:\programdata\MPK\1\I40626_6507282523
c:\programdata\MPK\1\I40626_6542004861
c:\programdata\MPK\1\I40626_6565781134
c:\programdata\MPK\1\I40626_6576728009
c:\programdata\MPK\1\I40626_6611451042
c:\programdata\MPK\1\I40626_6646174537
c:\programdata\MPK\1\I40626_6680896991
c:\programdata\MPK\1\I40626_6715619213
c:\programdata\MPK\1\I40626_6750342245
c:\programdata\MPK\1\I40626_6785065278
c:\programdata\MPK\1\I40626_6819788310
c:\programdata\MPK\1\I40627_6743729630
c:\programdata\MPK\1\I40627_6778452315
c:\programdata\MPK\1\I40627_6813175463
c:\programdata\MPK\1\I40627_6847897917
c:\programdata\MPK\1\I40627_6882621181
c:\programdata\MPK\1\I40627_6917343634
c:\programdata\MPK\1\I40627_6952067245
c:\programdata\MPK\1\I40627_6986789352
c:\programdata\MPK\1\I40627_7021513194
c:\programdata\MPK\1\I40627_7056235185
c:\programdata\MPK\1\I40627_7090957870
c:\programdata\MPK\1\I40627_7125683218
c:\programdata\MPK\1\I40627_7160403704
c:\programdata\MPK\1\I40627_7195126505
c:\programdata\MPK\1\I40627_7229850000
c:\programdata\MPK\1\I40627_7264572801
c:\programdata\MPK\1\I40628_5588800000
c:\programdata\MPK\1\I40628_5623523032
c:\programdata\MPK\1\I40628_5658246181
c:\programdata\MPK\1\I40628_5692969213
c:\programdata\MPK\1\I40628_5727691088
c:\programdata\MPK\1\I40628_5762414120
c:\programdata\MPK\1\I40628_5797136806
c:\programdata\MPK\1\I40628_5831859954
c:\programdata\MPK\1\I40628_5860127778
c:\programdata\MPK\1\I40628_5860166435
c:\programdata\MPK\1\I40628_5860199306
c:\programdata\MPK\1\I40628_5860232870
c:\programdata\MPK\1\I40628_5860267708
c:\programdata\MPK\1\I40628_5860305208
c:\programdata\MPK\1\I40628_5860339931
c:\programdata\MPK\1\I40628_5860373843
c:\programdata\MPK\1\I40628_5860420255
c:\programdata\MPK\1\I40628_5860459722
c:\programdata\MPK\1\I40628_5860494329
c:\programdata\MPK\1\I40628_5860532755
c:\programdata\MPK\1\I40628_5860567361
c:\programdata\MPK\1\I40628_5860602431
c:\programdata\MPK\1\I40628_5866583102
c:\programdata\MPK\1\I40630_7491225347
c:\programdata\MPK\1\I40630_7525949074
c:\programdata\MPK\1\I40630_7560671412
c:\programdata\MPK\1\I40630_7595393981
c:\programdata\MPK\1\I40630_7630117130
c:\programdata\MPK\1\I40630_7664839699
c:\programdata\MPK\1\I40630_7699562616
c:\programdata\MPK\1\I40630_7734285532
c:\programdata\MPK\1\I40630_7769008681
c:\programdata\MPK\1\I40630_7982914352
c:\programdata\MPK\1\I40630_8017637153
c:\programdata\MPK\1\I40630_8052359259
c:\programdata\MPK\1\I40630_8087082639
c:\programdata\MPK\1\I40630_8121805556
c:\programdata\MPK\1\I40630_8156527662
c:\programdata\MPK\1\I40630_8191250926
c:\programdata\MPK\1\I40630_8225973380
c:\programdata\MPK\1\I40631_6353389699
c:\programdata\MPK\1\I40631_6388112732
c:\programdata\MPK\1\I40631_6422834954
c:\programdata\MPK\1\I40631_6457557870
c:\programdata\MPK\1\I40631_6492280903
c:\programdata\MPK\1\I40631_6527004051
c:\programdata\MPK\1\I40631_6561726968
c:\programdata\MPK\1\I40631_6596449306
c:\programdata\MPK\1\I40631_6631172106
c:\programdata\MPK\1\I40631_6665895023
c:\programdata\MPK\1\I40631_6700617824
c:\programdata\MPK\1\I40631_6735341204
c:\programdata\MPK\1\I40631_6770064583
c:\programdata\MPK\1\I40631_6804787037
c:\programdata\MPK\1\I40631_6839509722
c:\programdata\MPK\1\I40631_6874232986
c:\programdata\MPK\1\I40632_7449843750
c:\programdata\MPK\1\I40632_7484565972
c:\programdata\MPK\1\I40632_7519288889
c:\programdata\MPK\1\I40632_7554012269
c:\programdata\MPK\1\I40632_7588734722
c:\programdata\MPK\1\I40632_7623457523
c:\programdata\MPK\1\I40632_7658180324
c:\programdata\MPK\1\I40632_7692903588
c:\programdata\MPK\1\I40632_7727626157
c:\programdata\MPK\1\I40632_7762349421
c:\programdata\MPK\1\I40632_7797072222
c:\programdata\MPK\1\I40632_7831795370
c:\programdata\MPK\1\I40632_7866517708
c:\programdata\MPK\1\I40632_7901240857
c:\programdata\MPK\1\I40632_7935963889
c:\programdata\MPK\1\I40632_7970686458
c:\programdata\MPK\1\I40632_8005408912
c:\programdata\MPK\1\I40632_8040132870
c:\programdata\MPK\1\I40635_5987702894
c:\programdata\MPK\1\I40635_6022425810
c:\programdata\MPK\1\I40635_6057149074
c:\programdata\MPK\1\I40635_6091871528
c:\programdata\MPK\1\I40635_6126594907
c:\programdata\MPK\1\I40635_6161317708
c:\programdata\MPK\1\I40635_6196040162
c:\programdata\MPK\1\I40635_6230763194
c:\programdata\MPK\1\I40635_6265486111
c:\programdata\MPK\1\I40635_6300208102
c:\programdata\MPK\1\I40635_6552487731
c:\programdata\MPK\1\I40635_6587210648
c:\programdata\MPK\1\I40635_6621939815
c:\programdata\MPK\1\I40635_6656656366
c:\programdata\MPK\1\I40635_6691379977
c:\programdata\MPK\1\I40635_6726112037
c:\programdata\MPK\1\I40637_7240404630
c:\programdata\MPK\1\I40637_7275127199
c:\programdata\MPK\1\I40637_7309850000
c:\programdata\MPK\1\I40637_7344573032
c:\programdata\MPK\1\I40637_7379295833
c:\programdata\MPK\1\I40637_7414019213
c:\programdata\MPK\1\I40637_7448741782
c:\programdata\MPK\1\I40637_7483464815
c:\programdata\MPK\1\I40637_7707054861
c:\programdata\MPK\1\I40637_7741778125
c:\programdata\MPK\1\I40637_7776501042
c:\programdata\MPK\1\I40637_7811223380
c:\programdata\MPK\1\I40637_7845946181
c:\programdata\MPK\1\I40637_7880669213
c:\programdata\MPK\1\I40637_7915392940
c:\programdata\MPK\1\I40637_7950115625
c:\programdata\MPK\1\I40637_7984838426
c:\programdata\MPK\1\I40638_7413021412
c:\programdata\MPK\1\I40638_7447743287
c:\programdata\MPK\1\I40638_7482466319
c:\programdata\MPK\1\I40638_7517189468
c:\programdata\MPK\1\I40638_7551912269
c:\programdata\MPK\1\I40638_7586634954
c:\programdata\MPK\1\I40638_7621358102
c:\programdata\MPK\1\I40638_7656081481
c:\programdata\MPK\1\I40638_7690803704
c:\programdata\MPK\1\I40638_7725526157
c:\programdata\MPK\1\I40638_7760250116
c:\programdata\MPK\1\I40638_7794972454
c:\programdata\MPK\1\I40638_7829694792
c:\programdata\MPK\1\I40638_7864418634
c:\programdata\MPK\1\I40638_7899140972
c:\programdata\MPK\1\I40640_5910444213
c:\programdata\MPK\1\I40640_5945167708
c:\programdata\MPK\1\I40640_5979890046
c:\programdata\MPK\1\I40640_6014613310
c:\programdata\MPK\1\I40640_6049335764
c:\programdata\MPK\1\I40640_6084059028
c:\programdata\MPK\1\I40640_6118782407
c:\programdata\MPK\1\I40640_6153504282
c:\programdata\MPK\1\I40640_6188227894
c:\programdata\MPK\1\I40640_6222950463
c:\programdata\MPK\1\I40640_6257673148
c:\programdata\MPK\1\I40640_6292395833
c:\programdata\MPK\1\I40640_6327119213
c:\programdata\MPK\1\I40640_6361842245
c:\programdata\MPK\1\I40640_6396564583
c:\programdata\MPK\1\I40640_6431287153
c:\programdata\MPK\1\I40640_6466010648
c:\programdata\MPK\1\I40640_6500733565
c:\programdata\MPK\1\I40640_6535456482
c:\programdata\MPK\1\I40640_6570179398
c:\programdata\MPK\1\I40641_6214076505
c:\programdata\MPK\1\I40641_6248799306
c:\programdata\MPK\1\I40641_6283521643
c:\programdata\MPK\1\I40641_6318244329
c:\programdata\MPK\1\I40641_6352967477
c:\programdata\MPK\1\I40641_6387690625
c:\programdata\MPK\1\I40641_6422413194
c:\programdata\MPK\1\I40641_6457135648
c:\programdata\MPK\1\I40641_6491858681
c:\programdata\MPK\1\I40641_6526581134
c:\programdata\MPK\1\I40641_6561304051
c:\programdata\MPK\1\I40641_6596027662
c:\programdata\MPK\1\I40641_6630750694
c:\programdata\MPK\1\I40641_8745602662
c:\programdata\MPK\1\I40642_4567049769
c:\programdata\MPK\1\I40642_4601772222
c:\programdata\MPK\1\I40642_4636495139
c:\programdata\MPK\1\I40642_4671217940
c:\programdata\MPK\1\I40642_4705940972
c:\programdata\MPK\1\I40642_4740663079
c:\programdata\MPK\1\I40642_4775385880
c:\programdata\MPK\1\I40642_5522739468
c:\programdata\MPK\1\I40642_5557462269
c:\programdata\MPK\1\I40642_5592185069
c:\programdata\MPK\1\I40642_5626907986
c:\programdata\MPK\1\I40642_5661630903
c:\programdata\MPK\1\I40642_5696354051
c:\programdata\MPK\1\I40642_5731076505
c:\programdata\MPK\1\I40642_5765799421
c:\programdata\MPK\1\I40642_5800522222
c:\programdata\MPK\1\I40642_5835244560
c:\programdata\MPK\1\I40643_3784959375
c:\programdata\MPK\1\I40643_3819991319
c:\programdata\MPK\1\I40643_3854714236
c:\programdata\MPK\1\I40643_3889437037
c:\programdata\MPK\1\I40643_3924159838
c:\programdata\MPK\1\I40643_3958882755
c:\programdata\MPK\1\I40643_3993605671
c:\programdata\MPK\1\I40643_4233034491
c:\programdata\MPK\1\I40643_4267756366
c:\programdata\MPK\1\I40643_4302479745
c:\programdata\MPK\1\I40643_4337202662
c:\programdata\MPK\1\I40643_4371925926
c:\programdata\MPK\1\I40643_4406648380
c:\programdata\MPK\1\I40643_4441371644
c:\programdata\MPK\1\I40643_4476093750
c:\programdata\MPK\1\I40643_4510817361
c:\programdata\MPK\1\I40643_7713679630
c:\programdata\MPK\1\I40643_7748402315
c:\programdata\MPK\1\I40643_7783124769
c:\programdata\MPK\1\I40643_7817847685
c:\programdata\MPK\1\I40643_7852571065
c:\programdata\MPK\1\I40643_7887293634
c:\programdata\MPK\1\I40643_7922016204
c:\programdata\MPK\1\I40643_7956738657
c:\programdata\MPK\1\I40643_7991462269
c:\programdata\MPK\1\I40643_8026184259
c:\programdata\MPK\1\I40643_8060907870
c:\programdata\MPK\1\I40643_8095629977
c:\programdata\MPK\1\I40645_7253993750
c:\programdata\MPK\1\I40647_6046228241
c:\programdata\MPK\1\I40647_6080950579
c:\programdata\MPK\1\I40647_6115674074
c:\programdata\MPK\1\I40647_6150396875
c:\programdata\MPK\1\I40647_6185119676
c:\programdata\MPK\1\I40647_6219842824
c:\programdata\MPK\1\I40647_6254564699
c:\programdata\MPK\1\I40647_6289288542
c:\programdata\MPK\1\I40647_6324010880
c:\programdata\MPK\1\I40647_6358734491
c:\programdata\MPK\1\I40647_6393456366
c:\programdata\MPK\1\I40647_6428179514
c:\programdata\MPK\1\I40647_6462902546
c:\programdata\MPK\1\I40647_6497625116
c:\programdata\MPK\1\I40647_6532348148
c:\programdata\MPK\1\I40647_6567071065
c:\programdata\MPK\1\I40647_6601794097
c:\programdata\MPK\1\I40647_6636516782
c:\programdata\MPK\1\I40647_6671239120
c:\programdata\MPK\1\I40647_6705962616
c:\programdata\MPK\1\I40647_6740685185
c:\programdata\MPK\1\I40647_7076992824
c:\programdata\MPK\1\I40647_7111715625
c:\programdata\MPK\1\I40647_7146437963
c:\programdata\MPK\1\I40647_7181162037
c:\programdata\MPK\1\I40647_7215884375
c:\programdata\MPK\1\I40647_7279952894
c:\programdata\MPK\1\I40647_7314676852
c:\programdata\MPK\1\I40647_7349399190
c:\programdata\MPK\1\I40647_7384121528
c:\programdata\MPK\1\I40647_7966344907
c:\programdata\MPK\1\I40647_8001067708
c:\programdata\MPK\1\I40647_8035791088
c:\programdata\MPK\1\I40647_8070513426
c:\programdata\MPK\1\I40647_8105236227
c:\programdata\MPK\1\I40647_8139960301
c:\programdata\MPK\1\I40648_6398174074
c:\programdata\MPK\1\I40648_6432896412
c:\programdata\MPK\1\I40648_6467619560
c:\programdata\MPK\1\I40648_6502342593
c:\programdata\MPK\1\I40648_6537066204
c:\programdata\MPK\1\I40648_6571787963
c:\programdata\MPK\1\I40648_6606510648
c:\programdata\MPK\1\I40648_6641233681
c:\programdata\MPK\1\I40648_6675956597
c:\programdata\MPK\1\I40648_6710681713
c:\programdata\MPK\1\I40648_6745404051
c:\programdata\MPK\1\I40648_6780126968
c:\programdata\MPK\1\I40648_6814850000
c:\programdata\MPK\1\I40648_6849572454
c:\programdata\MPK\1\I40648_6884295370
c:\programdata\MPK\1\I40648_6919018171
c:\programdata\MPK\1\I40648_6953741204
c:\programdata\MPK\1\I40649_5033473264
c:\programdata\MPK\1\I40649_5068196528
c:\programdata\MPK\1\I40649_5102919097
c:\programdata\MPK\1\I40649_5137641782
c:\programdata\MPK\1\I40649_5172364699
c:\programdata\MPK\1\I40649_5207087616
c:\programdata\MPK\1\I40649_5241810417
c:\programdata\MPK\1\I40649_5276533333
c:\programdata\MPK\1\I40649_5311256134
c:\programdata\MPK\1\I40649_5345979051
c:\programdata\MPK\1\I40649_5380701736
c:\programdata\MPK\1\I40649_5415424653
c:\programdata\MPK\1\I40649_5450147222
c:\programdata\MPK\1\I40649_5484870486
c:\programdata\MPK\1\I40649_5519593519
c:\programdata\MPK\1\I40649_5554315741
c:\programdata\MPK\1\I40649_5589039468
c:\programdata\MPK\1\I40650_3830358681
c:\programdata\MPK\1\I40650_3865489699
c:\programdata\MPK\1\I40650_3900212963
c:\programdata\MPK\1\I40650_3934935995
c:\programdata\MPK\1\I40650_3969658565
c:\programdata\MPK\1\I40650_7313375000
c:\programdata\MPK\1\I40650_7387574421
c:\programdata\MPK\1\I40650_7422297454
c:\programdata\MPK\1\I40650_7457020139
c:\programdata\MPK\1\I40650_7491743634
c:\programdata\MPK\1\I40650_7526465856
c:\programdata\MPK\1\I40650_7561188657
c:\programdata\MPK\1\I40650_7595912037
c:\programdata\MPK\1\I40650_7630634491
c:\programdata\MPK\1\I40650_7665357407
c:\programdata\MPK\1\I40650_7700080671
c:\programdata\MPK\1\I40651_4211010532
c:\programdata\MPK\1\I40651_4245733218
c:\programdata\MPK\1\I40651_4280455324
c:\programdata\MPK\1\I40651_4315178125
c:\programdata\MPK\1\I40651_4349901736
c:\programdata\MPK\1\I40651_4384624884
c:\programdata\MPK\1\I40651_4635371412
c:\programdata\MPK\1\I40651_4670094329
c:\programdata\MPK\1\I40651_5044119560
c:\programdata\MPK\1\I40651_5078842593
c:\programdata\MPK\1\I40651_5113564815
c:\programdata\MPK\1\I40651_5148288079
c:\programdata\MPK\1\I40651_5183011111
c:\programdata\MPK\1\I40651_5217734491
c:\programdata\MPK\1\I40651_5252456829
c:\programdata\MPK\1\I40651_5287179630
c:\programdata\MPK\1\I40651_7476504977
c:\programdata\MPK\1\I40651_7511227662
c:\programdata\MPK\1\I40651_7545950347
c:\programdata\MPK\1\I40652_4523108796
c:\programdata\MPK\1\I40652_4557831713
c:\programdata\MPK\1\I40652_4592554514
c:\programdata\MPK\1\I40652_4627277431
c:\programdata\MPK\1\I40652_5618786227
c:\programdata\MPK\1\I40652_5653508565
c:\programdata\MPK\1\I40652_5688232060
c:\programdata\MPK\1\I40652_5722954861
c:\programdata\MPK\1\I40652_5757678125
c:\programdata\MPK\1\I40652_5792400463
c:\programdata\MPK\1\I40652_5827123032
c:\programdata\MPK\1\I40652_5861846412
c:\programdata\MPK\1\I40652_5896569097
c:\programdata\MPK\1\I40652_5931291898
c:\programdata\MPK\1\I40652_5966014352
c:\programdata\MPK\1\I40652_6000738079
c:\programdata\MPK\1\I40652_6035460995
c:\programdata\MPK\1\I40652_6070183449
c:\programdata\MPK\1\I40652_6104906829
c:\programdata\MPK\1\I40652_6139628935
c:\programdata\MPK\1\I40652_6174352546
c:\programdata\MPK\1\I40652_6209074421
c:\programdata\MPK\1\I40652_6243797685
c:\programdata\MPK\1\I40652_6278520949
c:\programdata\MPK\1\I40652_6313242824
c:\programdata\MPK\1\I40652_6347966319
c:\programdata\MPK\1\I40652_6382688542
c:\programdata\MPK\1\I40652_6417411921
c:\programdata\MPK\1\I40652_6452135301
c:\programdata\MPK\1\I40652_6486857176
c:\programdata\MPK\1\I40652_6521580093
c:\programdata\MPK\1\I40652_6556303356
c:\programdata\MPK\1\I40652_6591026505
c:\programdata\MPK\1\I40652_6625748611
c:\programdata\MPK\1\I40652_6660471991
c:\programdata\MPK\1\I40652_6695195023
c:\programdata\MPK\1\I40652_6729917593
c:\programdata\MPK\1\I40652_6764640509
c:\programdata\MPK\1\I40652_6799362963
c:\programdata\MPK\1\I40652_6834085764
c:\programdata\MPK\1\I40652_6868809028
c:\programdata\MPK\1\I40654_5229960995
c:\programdata\MPK\1\I40654_5264683796
c:\programdata\MPK\1\I40654_5299407176
c:\programdata\MPK\1\I40654_5334129514
c:\programdata\MPK\1\I40654_5368853472
c:\programdata\MPK\1\I40654_5403575347
c:\programdata\MPK\1\I40654_5438298148
c:\programdata\MPK\1\I40654_5473021065
c:\programdata\MPK\1\I40654_5507744444
c:\programdata\MPK\1\I40654_5542467014
c:\programdata\MPK\1\I40654_5577189699
c:\programdata\MPK\1\I40654_5611912963
c:\programdata\MPK\1\I40654_5646635995
c:\programdata\MPK\1\I40654_5681358796
c:\programdata\MPK\1\I40654_5716081597
c:\programdata\MPK\1\I40654_5750803935
c:\programdata\MPK\1\I40654_5785527199
c:\programdata\MPK\1\I40655_5499284375
c:\programdata\MPK\1\I40655_5534007755
c:\programdata\MPK\1\I40655_5568729630
c:\programdata\MPK\1\I40655_5603453009
c:\programdata\MPK\1\I40655_5638175463
c:\programdata\MPK\1\I40655_5672898264
c:\programdata\MPK\1\I40655_6733940394
c:\programdata\MPK\1\I40655_6768663310
c:\programdata\MPK\1\I40655_6803386227
c:\programdata\MPK\1\I40655_6838109954
c:\programdata\MPK\1\I40655_6872832755
c:\programdata\MPK\1\I40655_6907555440
c:\programdata\MPK\1\I40655_6942278241
c:\programdata\MPK\1\I40655_6977000926
c:\programdata\MPK\1\I40655_7011724306
c:\programdata\MPK\1\I40655_7046446181
c:\programdata\MPK\1\I40655_7081170023
c:\programdata\MPK\1\I40656_6351665509
c:\programdata\MPK\1\I40656_6386387963
c:\programdata\MPK\1\I40656_6421111227
c:\programdata\MPK\1\I40656_6455834143
c:\programdata\MPK\1\I40656_6490556482
c:\programdata\MPK\1\I40656_6525280324
c:\programdata\MPK\1\I40656_6560002199
c:\programdata\MPK\1\I40656_6594725926
c:\programdata\MPK\1\I40656_6629448495
c:\programdata\MPK\1\I40656_6664170833
c:\programdata\MPK\1\I40656_6698893750
c:\programdata\MPK\1\I40656_6733616667
c:\programdata\MPK\1\I40656_6768339468
c:\programdata\MPK\1\I40656_6803062731
c:\programdata\MPK\1\I40656_6837785995
c:\programdata\MPK\1\I40656_6872508565
c:\programdata\MPK\1\I40656_6907230787
c:\programdata\MPK\1\I40657_5294772338
c:\programdata\MPK\1\I40657_5329495023
c:\programdata\MPK\1\I40657_5364217245
c:\programdata\MPK\1\I40657_5398940856
c:\programdata\MPK\1\I40657_5458796644
c:\programdata\MPK\1\I40657_5494000463
c:\programdata\MPK\1\I40657_5528722569
c:\programdata\MPK\1\I40657_5563445949
c:\programdata\MPK\1\I40657_5598168750
c:\programdata\MPK\1\I40657_5632891551
c:\programdata\MPK\1\I40657_5667614583
c:\programdata\MPK\1\I40657_5702336806
c:\programdata\MPK\1\I40657_5737060648
c:\programdata\MPK\1\I40657_5771783333
c:\programdata\MPK\1\I40657_5806506018
c:\programdata\MPK\1\I40657_5841228819
c:\programdata\MPK\1\I40657_5875952199
c:\programdata\MPK\1\I40658_5183152315
c:\programdata\MPK\1\I40658_5217875810
c:\programdata\MPK\1\I40658_5252598032
c:\programdata\MPK\1\I40658_5287320833
c:\programdata\MPK\1\I40658_5322044444
c:\programdata\MPK\1\I40658_5356767477
c:\programdata\MPK\1\I40658_5391490509
c:\programdata\MPK\1\I40658_5426212847
c:\programdata\MPK\1\I40658_5460936111
c:\programdata\MPK\1\I40658_5495657986
c:\programdata\MPK\1\I40658_5530381829
c:\programdata\MPK\1\I40658_5565104398
c:\programdata\MPK\1\I40658_5599826620
c:\programdata\MPK\1\I40658_5659949190
c:\programdata\MPK\1\I40658_5694671528
c:\programdata\MPK\1\I40658_5729394560
c:\programdata\MPK\1\I40658_5764116667
c:\programdata\MPK\1\I40659_5147557407
c:\programdata\MPK\1\I40659_5182280671
c:\programdata\MPK\1\I40659_5217003356
c:\programdata\MPK\1\I40659_5251725579
c:\programdata\MPK\1\I40659_5286449306
c:\programdata\MPK\1\I40659_5321171412
c:\programdata\MPK\1\I40659_5355893981
c:\programdata\MPK\1\I40659_5390617824
c:\programdata\MPK\1\I40659_5425340162
c:\programdata\MPK\1\I40659_5460063426
c:\programdata\MPK\1\I40659_5494786343
c:\programdata\MPK\1\I40659_5529509028
c:\programdata\MPK\1\I40659_5564232060
c:\programdata\MPK\1\I40659_5628347685
c:\programdata\MPK\1\I40659_5663070949
c:\programdata\MPK\1\I40659_5697793287
c:\programdata\MPK\1\I40659_5732516204
c:\programdata\MPK\1\I40659_5767238542
c:\programdata\MPK\1\I40660_5838826852
c:\programdata\MPK\1\I40660_5873549769
c:\programdata\MPK\1\I40660_5908272569
c:\programdata\MPK\1\I40660_5942996181
c:\programdata\MPK\1\I40660_5977718403
c:\programdata\MPK\1\I40660_6012441204
c:\programdata\MPK\1\I40660_6047164815
c:\programdata\MPK\1\I40660_6081887616
c:\programdata\MPK\1\I40660_6116609838
c:\programdata\MPK\1\I40660_6151333218
c:\programdata\MPK\1\I40660_7188155208
c:\programdata\MPK\1\I40660_7222877662
c:\programdata\MPK\1\I40660_7257601042
c:\programdata\MPK\1\I40660_7292323958
c:\programdata\MPK\1\I40660_7327047222
c:\programdata\MPK\1\I40660_7361769676
c:\programdata\MPK\1\I40661_4341833449
c:\programdata\MPK\1\I40661_4376555787
c:\programdata\MPK\1\I40661_4411279398
c:\programdata\MPK\1\I40661_4446002315
c:\programdata\MPK\1\I40661_4480725231
c:\programdata\MPK\1\I40661_4515447801
c:\programdata\MPK\1\I40661_4550170255
c:\programdata\MPK\1\I40661_4584893287
c:\programdata\MPK\1\I40661_4619615857
c:\programdata\MPK\1\I40661_4654338657
c:\programdata\MPK\1\I40661_4689061921
c:\programdata\MPK\1\I40661_4723784491
c:\programdata\MPK\1\I40661_4758507292
c:\programdata\MPK\1\I40661_4793230208
c:\programdata\MPK\1\I40661_4827953935
c:\programdata\MPK\1\I40661_4862676505
c:\programdata\MPK\1\I40661_4897398727
c:\programdata\MPK\1\I40661_4932121759
c:\programdata\MPK\1\I40661_4966844444
c:\programdata\MPK\1\I40661_5001568981
c:\programdata\MPK\1\I40661_5036291204
c:\programdata\MPK\1\I40661_5071013194
c:\programdata\MPK\1\I40661_5904362500
c:\programdata\MPK\1\I40661_5939085069
c:\programdata\MPK\1\I40661_5973807639
c:\programdata\MPK\1\I40661_6008531134
c:\programdata\MPK\1\I40661_6043253125
c:\programdata\MPK\1\I40661_6077976505
c:\programdata\MPK\1\I40661_6112698958
c:\programdata\MPK\1\I40661_6147422222
c:\programdata\MPK\1\I40661_6182162269
c:\programdata\MPK\1\I40661_6216867593
c:\programdata\MPK\1\I40661_6251590856
c:\programdata\MPK\1\I40661_6286313657
c:\programdata\MPK\1\I40661_6321036574
c:\programdata\MPK\1\I40661_6355759606
c:\programdata\MPK\1\I40661_6390481829
c:\programdata\MPK\1\I40661_6425205324
c:\programdata\MPK\1\I40661_6459927662
c:\programdata\MPK\1\I40661_6494650347
c:\programdata\MPK\1\I40661_6529373264
c:\programdata\MPK\1\I40661_6564096643
c:\programdata\MPK\1\I40661_6598819097
c:\programdata\MPK\1\I40661_6633542477
c:\programdata\MPK\1\I40661_6668264931
c:\programdata\MPK\1\I40661_6702988079
c:\programdata\MPK\1\I40661_6737710417
c:\programdata\MPK\1\I40661_6772433449
c:\programdata\MPK\1\I40661_6807156597
c:\programdata\MPK\1\I40661_6841878935
c:\programdata\MPK\1\I40661_6876602315
c:\programdata\MPK\1\I40661_6911325463
c:\programdata\MPK\1\I40661_6946047569
c:\programdata\MPK\1\I40661_6980770486
c:\programdata\MPK\1\I40661_7015493287
c:\programdata\MPK\1\I40661_7050216782
c:\programdata\MPK\1\I40662_4091332407
c:\programdata\MPK\1\I40662_4126055324
c:\programdata\MPK\1\I40662_4160778241
c:\programdata\MPK\1\I40662_4195501505
c:\programdata\MPK\1\I40662_4230223958
c:\programdata\MPK\1\I40662_4264946759
c:\programdata\MPK\1\I40662_4299670023
c:\programdata\MPK\1\I40662_4334393171
c:\programdata\MPK\1\I40662_4369115509
c:\programdata\MPK\1\I40662_4403839120
c:\programdata\MPK\1\I40662_4438561574
c:\programdata\MPK\1\I40662_4473283912
c:\programdata\MPK\1\I40662_4508006713
c:\programdata\MPK\1\I40662_4542730324
c:\programdata\MPK\1\I40662_4577453356
c:\programdata\MPK\1\I40662_4612176042
c:\programdata\MPK\1\I40662_4646898148
c:\programdata\MPK\1\I40662_4681621528
c:\programdata\MPK\1\I40662_4716344444
c:\programdata\MPK\1\I40662_4751067361
c:\programdata\MPK\1\I40662_4785789699
c:\programdata\MPK\1\I40662_4820512616
c:\programdata\MPK\1\I40662_4855235417
c:\programdata\MPK\1\I40662_4889958333
c:\programdata\MPK\1\I40662_4924681019
c:\programdata\MPK\1\I40662_4959403935
c:\programdata\MPK\1\I40662_4994127199
c:\programdata\MPK\1\I40662_5028849768
c:\programdata\MPK\1\I40662_5063572569
c:\programdata\MPK\1\I40662_5098295370
c:\programdata\MPK\1\I40662_5237187384
c:\programdata\MPK\1\I40663_6005431366
c:\programdata\MPK\1\I40663_6040153588
c:\programdata\MPK\1\I40663_6074876042
c:\programdata\MPK\1\I40663_6560996181
c:\programdata\MPK\1\I40664_4949950926
c:\programdata\MPK\1\I40664_4984673727
c:\programdata\MPK\1\I40664_5019396991
c:\programdata\MPK\1\I40664_5054119329
c:\programdata\MPK\1\I40664_5088842940
c:\programdata\MPK\1\I40664_5123565625
c:\programdata\MPK\1\I40664_5158288542
c:\programdata\MPK\1\I40664_5193011574
c:\programdata\MPK\1\I40664_5227734259
c:\programdata\MPK\1\I40664_5262456597
c:\programdata\MPK\1\I40664_5297179514
c:\programdata\MPK\1\I40664_5331902199
c:\programdata\MPK\1\I40664_5366625116
c:\programdata\MPK\1\I40664_5401348148
c:\programdata\MPK\1\I40664_5436071065
c:\programdata\MPK\1\I40664_5503737384
c:\programdata\MPK\1\I40664_5538848727
c:\programdata\MPK\1\I40672_8058190625
c:\programdata\MPK\1\I40672_8092914120
c:\programdata\MPK\1\I40672_8127636690
c:\programdata\MPK\1\S0000
c:\programdata\MPK\2\D0000
c:\programdata\MPK\2\I40627_7348220139
c:\programdata\MPK\2\I40627_7382943171
c:\programdata\MPK\2\I40627_7417665394
c:\programdata\MPK\2\I40627_7452387847
c:\programdata\MPK\2\I40627_7487110648
c:\programdata\MPK\2\I40627_7521833681
c:\programdata\MPK\2\I40627_7556557176
c:\programdata\MPK\2\I40627_7591279398
c:\programdata\MPK\2\I40627_7626002431
c:\programdata\MPK\2\I40627_7660725000
c:\programdata\MPK\2\I40628_5941070602
c:\programdata\MPK\2\I40628_5975793403
c:\programdata\MPK\2\I40628_6010515856
c:\programdata\MPK\2\I40628_6045239468
c:\programdata\MPK\2\I40628_6079961690
c:\programdata\MPK\2\I40628_6114685417
c:\programdata\MPK\2\I40628_6149407292
c:\programdata\MPK\2\I40628_6184130324
c:\programdata\MPK\2\I40628_6218853472
c:\programdata\MPK\2\I40628_6253576505
c:\programdata\MPK\2\I40628_6288298843
c:\programdata\MPK\2\I40628_6323022338
c:\programdata\MPK\2\I40628_6357744792
c:\programdata\MPK\2\I40628_6392467940
c:\programdata\MPK\2\I40628_6427190509
c:\programdata\MPK\2\I40628_6461913310
c:\programdata\MPK\2\I40628_6566081713
c:\programdata\MPK\2\I40628_6600804630
c:\programdata\MPK\2\I40628_6635527778
c:\programdata\MPK\2\I40628_6670250926
c:\programdata\MPK\2\I40628_6704974074
c:\programdata\MPK\2\I40629_6336375463
c:\programdata\MPK\2\I40629_6371098380
c:\programdata\MPK\2\I40629_6405821412
c:\programdata\MPK\2\I40629_6440543750
c:\programdata\MPK\2\I40629_6475266782
c:\programdata\MPK\2\I40629_6509990046
c:\programdata\MPK\2\I40629_6544712963
c:\programdata\MPK\2\I40629_6579435301
c:\programdata\MPK\2\I40629_6614158681
c:\programdata\MPK\2\I40629_6648881481
c:\programdata\MPK\2\I40629_6683604745
c:\programdata\MPK\2\I40629_6718327083
c:\programdata\MPK\2\I40629_6753050231
c:\programdata\MPK\2\I40629_6787773148
c:\programdata\MPK\2\I40629_6822495718
c:\programdata\MPK\2\I40629_6857218750
c:\programdata\MPK\2\I40629_6891941088
c:\programdata\MPK\2\I40629_6926664120
c:\programdata\MPK\2\I40629_6961387269
c:\programdata\MPK\2\I40629_6996110069
c:\programdata\MPK\2\I40629_7030834144
c:\programdata\MPK\2\I40629_7065556713
c:\programdata\MPK\2\I40629_7100279514
c:\programdata\MPK\2\I40629_7135001620
c:\programdata\MPK\2\I40629_7169724653
c:\programdata\MPK\2\I40629_7204447338
c:\programdata\MPK\2\I40629_7239169560
c:\programdata\MPK\2\I40629_7273893287
c:\programdata\MPK\2\I40629_7308615856
c:\programdata\MPK\2\I40631_6949726968
c:\programdata\MPK\2\I40631_6984450579
c:\programdata\MPK\2\I40631_7019172685
c:\programdata\MPK\2\I40631_7053895833
c:\programdata\MPK\2\I40631_7088618866
c:\programdata\MPK\2\I40631_7123342014
c:\programdata\MPK\2\I40631_7158064583
c:\programdata\MPK\2\I40631_7192787731
c:\programdata\MPK\2\I40631_7227509954
c:\programdata\MPK\2\I40632_6023046991
c:\programdata\MPK\2\I40632_6057769792
c:\programdata\MPK\2\I40632_6092492014
c:\programdata\MPK\2\I40632_6127215625
c:\programdata\MPK\2\I40632_6161937963
c:\programdata\MPK\2\I40632_6196660764
c:\programdata\MPK\2\I40632_6231383449
c:\programdata\MPK\2\I40633_5665862963
c:\programdata\MPK\2\I40633_5700585995
c:\programdata\MPK\2\I40633_5735308565
c:\programdata\MPK\2\I40633_5770031482
c:\programdata\MPK\2\I40633_5804754630
c:\programdata\MPK\2\I40633_5839477778
c:\programdata\MPK\2\I40633_5874200694
c:\programdata\MPK\2\I40633_5908923032
c:\programdata\MPK\2\I40633_5943646296
c:\programdata\MPK\2\I40633_5978368634
c:\programdata\MPK\2\I40633_6013092361
c:\programdata\MPK\2\I40633_6047815278
c:\programdata\MPK\2\I40633_6082538194
c:\programdata\MPK\2\I40633_6117260532
c:\programdata\MPK\2\I40633_6151982986
c:\programdata\MPK\2\I40633_6186706597
c:\programdata\MPK\2\I40633_6221428704
c:\programdata\MPK\2\I40633_6256152546
c:\programdata\MPK\2\I40633_6290874769
c:\programdata\MPK\2\I40633_6325597917
c:\programdata\MPK\2\I40633_6360320602
c:\programdata\MPK\2\I40633_6395043171
c:\programdata\MPK\2\I40633_6429766435
c:\programdata\MPK\2\I40633_6464488773
c:\programdata\MPK\2\I40633_6499212616
c:\programdata\MPK\2\I40633_6533935417
c:\programdata\MPK\2\I40633_6568658333
c:\programdata\MPK\2\I40633_6603380556
c:\programdata\MPK\2\I40633_6638103241
c:\programdata\MPK\2\I40633_6672826505
c:\programdata\MPK\2\I40633_6707549190
c:\programdata\MPK\2\I40633_6742271875
c:\programdata\MPK\2\I40633_6776994907
c:\programdata\MPK\2\I40633_6811718287
c:\programdata\MPK\2\I40633_6846440162
c:\programdata\MPK\2\I40633_6881163194
c:\programdata\MPK\2\I40633_6915885995
c:\programdata\MPK\2\I40633_6950609028
c:\programdata\MPK\2\I40633_6985332292
c:\programdata\MPK\2\I40633_7020054630
c:\programdata\MPK\2\I40633_7054777894
c:\programdata\MPK\2\I40634_5696749190
c:\programdata\MPK\2\I40634_5731471991
c:\programdata\MPK\2\I40634_5766195718
c:\programdata\MPK\2\I40634_5800918171
c:\programdata\MPK\2\I40634_5835641435
c:\programdata\MPK\2\I40634_5870364468
c:\programdata\MPK\2\I40634_5905086806
c:\programdata\MPK\2\I40634_5939809491
c:\programdata\MPK\2\I40634_5974532986
c:\programdata\MPK\2\I40634_6009255903
c:\programdata\MPK\2\I40634_6043978125
c:\programdata\MPK\2\I40634_6078701620
c:\programdata\MPK\2\I40634_6113423727
c:\programdata\MPK\2\I40634_6148146412
c:\programdata\MPK\2\I40634_6182869907
c:\programdata\MPK\2\I40634_6217592361
c:\programdata\MPK\2\I40634_6252315741
c:\programdata\MPK\2\I40634_6287037963
c:\programdata\MPK\2\I40634_6321760532
c:\programdata\MPK\2\I40634_6356483565
c:\programdata\MPK\2\I40634_6391207060
c:\programdata\MPK\2\I40634_6425929630
c:\programdata\MPK\2\I40634_6460653009
c:\programdata\MPK\2\I40634_6495374884
c:\programdata\MPK\2\I40634_6530098380
c:\programdata\MPK\2\I40634_6564821296
c:\programdata\MPK\2\I40634_6599544213
c:\programdata\MPK\2\I40634_6634267014
c:\programdata\MPK\2\I40634_6668989583
c:\programdata\MPK\2\I40635_6782493171
c:\programdata\MPK\2\I40635_6817216435
c:\programdata\MPK\2\I40635_6851939120
c:\programdata\MPK\2\I40635_6886662269
c:\programdata\MPK\2\I40635_6921384722
c:\programdata\MPK\2\I40637_5986598611
c:\programdata\MPK\2\I40637_6021321065
c:\programdata\MPK\2\I40637_6056044213
c:\programdata\MPK\2\I40637_6090767477
c:\programdata\MPK\2\I40637_6125490278
c:\programdata\MPK\2\I40637_6160212269
c:\programdata\MPK\2\I40637_6194935069
c:\programdata\MPK\2\I40637_6229658912
c:\programdata\MPK\2\I40637_6264381134
c:\programdata\MPK\2\I40637_6299104398
c:\programdata\MPK\2\I40637_6333826852
c:\programdata\MPK\2\I40638_6008460532
c:\programdata\MPK\2\I40638_6043182986
c:\programdata\MPK\2\I40638_6077905671
c:\programdata\MPK\2\I40638_6112628935
c:\programdata\MPK\2\I40638_6147351736
c:\programdata\MPK\2\I40638_6182074306
c:\programdata\MPK\2\I40638_6216797569
c:\programdata\MPK\2\I40638_6251520718
c:\programdata\MPK\2\I40638_6286242940
c:\programdata\MPK\2\I40638_6320966667
c:\programdata\MPK\2\I40638_6355688657
c:\programdata\MPK\2\I40638_6390411921
c:\programdata\MPK\2\I40638_6425134606
c:\programdata\MPK\2\I40638_6459858102
c:\programdata\MPK\2\S0000
c:\programdata\MPK\CPDM\cpfm.bin
c:\programdata\MPK\M0000
c:\programdata\MPK\REFOG Free Keylogger.lnk
c:\programdata\MPK\REFOG Keylogger\Jetzt bestellen!.lnk
c:\programdata\MPK\REFOG Keylogger\REFOG Keylogger im Internet.lnk
c:\programdata\MPK\REFOG Keylogger\REFOG Keylogger.lnk
c:\programdata\MPK\S0000
c:\users\Philipp\AppData\Roaming\.#
c:\windows\IsUn0407.exe
c:\windows\SysWow64\server.log
c:\windows\SysWow64\tmp2626.tmp
c:\windows\SysWow64\tmp2665.tmp
c:\windows\SysWow64\tmp31BA.tmp
c:\windows\SysWow64\tmp31CB.tmp
c:\windows\SysWow64\tmp8D32.tmp
c:\windows\SysWow64\tmp8D61.tmp
c:\windows\SysWow64\tmpAA33.tmp
c:\windows\SysWow64\tmpAA63.tmp
c:\windows\SysWow64\tmpCAD.tmp
c:\windows\SysWow64\tmpCCA2.tmp
c:\windows\SysWow64\tmpCDD.tmp
c:\windows\SysWow64\tmpF9E8.tmp
c:\windows\SysWow64\tmpF9E9.tmp
c:\windows\SysWow64\tmpFEF7.tmp
c:\windows\SysWow64\tmpFF07.tmp
.
Infizierte Kopie von c:\windows\SysWow64\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-18 bis 2012-09-18  ))))))))))))))))))))))))))))))
.
.
2012-09-18 16:47 . 2012-09-18 16:47	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-09-18 16:47 . 2012-09-18 16:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-18 16:47 . 2012-09-18 16:47	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2012-09-17 15:54 . 2012-09-17 15:54	388096	----a-r-	c:\users\Philipp\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-17 13:37 . 2012-09-17 13:38	--------	d--h--w-	c:\windows\msdownld.tmp
2012-09-16 18:15 . 2012-09-16 18:15	--------	d-----w-	c:\users\Philipp\AppData\Roaming\PC Cleaners
2012-09-16 18:15 . 2012-09-16 18:15	4571960	----a-w-	c:\windows\uninst.exe
2012-09-16 18:15 . 2012-09-17 11:30	--------	d-----w-	c:\programdata\PC1Data
2012-09-16 18:15 . 2012-09-16 18:15	--------	d-----w-	c:\users\Philipp\AppData\Roaming\PCPro
2012-09-16 18:15 . 2012-09-16 18:15	--------	d-----w-	c:\program files (x86)\PC Cleaners
2012-09-15 18:31 . 2012-09-15 18:32	--------	d-----w-	C:\f1_2011_patch
2012-09-15 14:08 . 2012-09-15 14:09	--------	d-----w-	C:\Dirt_3_patch
2012-09-14 14:16 . 2012-09-14 14:16	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2012-09-14 14:16 . 2012-09-14 14:16	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2012-09-14 14:16 . 2012-09-14 14:16	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2012-09-14 14:16 . 2012-09-14 14:16	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2012-09-03 17:03 . 2012-09-03 17:03	--------	d-----w-	c:\program files (x86)\CDBurnerXP
2012-09-02 09:16 . 2012-09-08 07:59	73696	----a-w-	c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-01 18:59 . 2012-09-11 18:55	--------	d-----w-	c:\users\Philipp\AppData\Local\LogMeIn Hamachi
2012-08-26 14:27 . 2012-08-26 14:27	--------	d-----w-	c:\windows\SysWow64\syncdb
2012-08-25 16:05 . 2012-08-25 16:05	--------	d-sh--w-	c:\programdata\DSS
2012-08-25 14:52 . 2012-06-16 05:16	609792	----a-w-	c:\windows\system32\vbscript.dll
2012-08-25 14:52 . 2012-06-16 05:15	911360	----a-w-	c:\windows\system32\jscript.dll
2012-08-25 14:52 . 2012-06-16 04:26	428032	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-08-25 14:52 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-25 14:51 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-25 14:50 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-25 14:50 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-25 14:50 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-25 14:50 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-25 14:48 . 2012-06-02 05:45	340992	----a-w-	c:\windows\system32\schannel.dll
2012-08-25 14:48 . 2012-06-02 05:50	458704	----a-w-	c:\windows\system32\drivers\cng.sys
2012-08-25 14:48 . 2012-06-02 05:48	95600	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-08-25 14:48 . 2012-06-02 05:48	151920	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-08-25 14:48 . 2012-06-02 05:44	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-08-25 14:48 . 2012-06-02 04:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-08-25 14:48 . 2012-06-02 04:40	225280	----a-w-	c:\windows\SysWow64\schannel.dll
2012-08-25 14:48 . 2012-06-02 04:39	219136	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-08-25 14:48 . 2012-06-02 04:34	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-08-25 14:44 . 2010-06-26 03:55	2048	----a-w-	c:\windows\system32\msxml3r.dll
2012-08-25 14:44 . 2010-06-26 03:24	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2012-08-25 14:44 . 2012-06-06 06:06	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-08-25 14:44 . 2012-06-06 06:06	1881600	----a-w-	c:\windows\system32\msxml3.dll
2012-08-25 14:44 . 2012-06-06 05:05	1390080	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-08-25 14:44 . 2012-06-06 05:05	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-08-25 14:44 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-25 14:44 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-08-25 14:44 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-08-25 14:41 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-08-25 14:38 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-08-25 14:38 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-08-25 14:38 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-08-25 14:37 . 2012-03-17 07:58	75120	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-08-25 14:37 . 2012-03-30 11:35	1918320	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-25 14:29 . 2012-03-31 04:29	936960	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 14:29 . 2012-03-31 05:40	1367552	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-08-25 14:29 . 2012-03-31 05:42	1732096	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2012-08-25 14:29 . 2012-03-31 05:40	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2012-08-25 14:29 . 2012-03-31 05:40	1393664	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2012-08-25 14:28 . 2012-03-03 06:35	1544704	----a-w-	c:\windows\system32\DWrite.dll
2012-08-25 14:28 . 2012-03-03 05:31	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-08-25 14:11 . 2012-08-25 14:12	--------	d-----w-	c:\users\Administrator
2012-08-25 13:17 . 2012-08-28 00:16	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{385A8797-6475-4A57-9612-278FD5EC5659}\offreg.dll
2012-08-25 12:40 . 2012-08-25 14:05	--------	d-----w-	C:\test
2012-08-24 17:16 . 2012-08-25 15:44	--------	d-----w-	c:\program files (x86)\Codemasters
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 12:36 . 2012-05-19 18:23	86528	----a-w-	c:\windows\bnetunin.exe
2012-08-30 12:36 . 2012-05-19 18:23	61440	----a-w-	c:\windows\diabunin.exe
2012-08-24 13:58 . 2012-05-20 09:31	405152	----a-w-	c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-08-20 15:56 . 2011-03-03 16:33	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-08-20 15:56 . 2011-01-27 17:39	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-08-20 15:54 . 2011-03-02 16:41	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-06-25 14:30 . 2012-06-25 14:30	1394248	----a-w-	c:\windows\SysWow64\msxml4.dll
2012-06-25 14:30 . 2012-06-25 14:30	102216	----a-w-	c:\windows\SysWow64\msxml4r.dll
2006-05-03 10:06	163328	--sha-w-	c:\windows\SysWOW64\flvDX.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-09 05:13	1493160	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-04-02 18:47	233288	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-07-09 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"chromium"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-05-09 1240048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-16 348664]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"PC Cleaners"="c:\program files (x86)\PC Cleaners\PCCleaners.exe" [2012-09-16 55791928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"LogMeIn Hamachi Ui"="d:\programme\hamachi-2-ui.exe" --auto-start
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 dump_wmimmc;dump_wmimmc;d:\programme\spiele\GameGuard\dump_wmimmc.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-01-07 676864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-17 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664]
R4 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 135664]
R4 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-04-10 542552]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-04-02 329544]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 61976]
R4 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [2009-08-25 117640]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-28 834544]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2009-06-04 28192]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2009-01-19 334344]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-19 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-19 465360]
S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-29 1564368]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\programme\hamachi-2.exe [2012-08-29 2369960]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S2 TeamViewer6;TeamViewer 6;c:\users\Philipp\temp\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-04-12 52632]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-13 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 17:49]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd0dc0613d7540.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 17:21]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 17:21]
.
2011-11-08 c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job
- c:\program files (x86)\TuneUp Utilities 2012\OneClick.exe [2011-12-14 11:22]
.
2011-11-05 c:\windows\Tasks\{A120EFC4-7E8C-478E-8555-8BC94DABEABA}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 06:55]
.
2011-07-17 c:\windows\Tasks\{FDC1B619-A8C4-476C-9AAF-AE26AA03B605}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2012-02-29 06:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-04-02 18:47	287048	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=imedia_m3710&r=173606108106p03e5v125y47m28209
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - d:\progra~1\anwender\MICROS~1\Office10\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{9CF91807-55A5-4684-A97D-3DE531A9909B}: NameServer = 10.74.120.1
FF - ProfilePath - c:\users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\tw18pwvz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2903601&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB10&ctid=CT2319825&SearchSource=2&q=
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=110000
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - ecbee03200000000000000016c6c34be
FF - user.js: extensions.BabylonToolbar_i.hardId - ecbee03200000000000000016c6c34be
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15426
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:11
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
Toolbar-Locked - (no file)
Toolbar-{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - (no file)
SafeBoot-ksupmgr
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.7.0.30\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2897040315-4180960131-2034410564-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-18  18:54:11 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-09-18 16:54
.
Vor Suchlauf: 14 Verzeichnis(se), 19.123.605.504 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 18.746.634.240 Bytes frei
.
- - End Of File - - 4CFF1C7BA2F67D10AB77A5A3C80C6FCC

--- --- ---

markusg · 19.09.2012, 19:56

hi
öffne bitte computer, c: qoobox
rechtsklick quarantain, mit winrar oder anderem archivierungsprogramm packen
archiv hochladen:
File-Upload.net - Ihr kostenloser File Hoster!
und download link als private nachicht an mich

markusg · 20.09.2012, 14:21

hi
danke
klappen die downloads wieder?
das archiv kannst du übrigens vom pc löschen

Sumajo · 22.09.2012, 14:54

Nein die downloads und steam klappen leider immer noch nicht

markusg · 25.09.2012, 18:18

dann machen wir das gerät mal komplett neu
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

Internet Explorer und alle Programme und Downloads die über ihn laufen funktionieren nicht

Log-Analyse und Auswertung: Internet Explorer und alle Programme und Downloads die über ihn laufen funktionieren nicht