Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen

Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen


Plagegeister aller Art und deren Bekämpfung: Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.07.2013, 05:47   #1
Misama
 
Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen - Standard

Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen


Hallo zusammen,

ich hoffe ich finde hier Hilfe. Mein Sohn hat auf unserem Computer irgendwie diesen
Trojaner Downloader heruntergeladen. Wir haben Kaspersy Pure auf dem Rechner und der schlägt jetzt immer an. Auch das Löschen über Pure funktioniert nicht, bei jedem Neustart wird er mir jetzt wieder angezeigt.
Kaspersky sagt mir er ist in: C:/Windows/syswow64/macromed/flash/flashplayerupdateservice.exe

Ich habe auch schon versucht die Datei manuell zu löschen, aber da bekomme ich nur die Meldung das ich keine Berechtigung dazu habe. Bei Google habe ich mir dann die Anleitung geholt um mir die Berechtigung zu geben, aber auch das lässt die Datei nicht zu.
Ich habe ausserdem versucht sie über einen Trojan Remover zu löschen, aber der findet sie gar nicht
Jetzt bin ich auf dieses Forum gestossen und hoffe hier kann mir jemand helfen.

Die erforderlichen Programme habe ich heruntergeladen und stelle sie hier mit ein.

defogger:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:49 on 11/07/2013 (Elke)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.07.2013 20:50:09 - Run 1
 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Elke\Desktop
 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 4,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,64% Memory free
 8,17 Gb Paging File | 5,86 Gb Available in Paging File | 71,78% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]

 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 244,14 Gb Total Space | 6,21 Gb Free Space | 2,54% Space Free | Partition Type: NTFS
 Drive D: | 454,49 Gb Total Space | 347,40 Gb Free Space | 76,44% Space Free | Partition Type: NTFS
 Drive K: | 3,71 Gb Total Space | 3,52 Gb Free Space | 94,92% Space Free | Partition Type: FAT32

 Computer Name: AFFENKISTE | User Name: Elke | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
 Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

 PRC - [2013.07.11 20:44:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elke\Desktop\OTL.exe
 PRC - [2013.06.28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
 PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
 PRC - [2013.01.16 16:49:44 | 000,322,032 | ---- | M] (AVM Berlin) -- C:\Users\Elke\AppData\Local\Apps\2.0\BZAJMQRM.4KO\5HK34L7E.4NE\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
 PRC - [2013.01.11 19:10:36 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
 PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
 PRC - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
 PRC - [2010.09.13 15:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
 PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
 PRC - [2010.07.08 11:23:12 | 001,638,400 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD. ) -- C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe
 PRC - [2010.07.07 11:50:52 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe
 PRC - [2010.06.28 09:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
 PRC - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
 PRC - [2009.06.25 09:22:22 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
 PRC - [2008.12.03 15:51:30 | 002,181,672 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\EXPERTool\TBPANEL.exe
 PRC - [2008.05.02 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe


========== Modules (No Company Name) ==========

 MOD - [2013.05.20 22:35:15 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
 MOD - [2013.05.20 22:33:06 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
 MOD - [2013.05.20 22:31:09 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
 MOD - [2013.05.20 22:30:29 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
 MOD - [2013.05.20 22:29:11 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
 MOD - [2013.04.02 18:42:56 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
 MOD - [2013.04.02 13:35:17 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
 MOD - [2013.04.02 13:35:16 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
 MOD - [2013.04.02 13:27:12 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
 MOD - [2013.04.02 13:26:20 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
 MOD - [2013.04.02 13:26:00 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
 MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
 MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 MOD - [2010.10.01 22:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
 MOD - [2010.10.01 22:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
 MOD - [2010.10.01 21:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
 MOD - [2010.07.07 11:50:44 | 000,909,312 | ---- | M] () -- C:\Program Files (x86)\TP-LINK\COMMON\RaWLAPI.dll
 MOD - [2009.10.30 20:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll
 MOD - [2008.05.02 05:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
 MOD - [2006.12.10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll
 MOD - [2006.12.10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll
 MOD - [1998.10.31 11:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\EXPERTool\TBManage.dll


========== Services (SafeList) ==========

 SRV - [2013.06.28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
 SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
 SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
 SRV - [2013.01.11 19:10:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
 SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
 SRV - [2012.09.18 17:22:54 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 SRV - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
 SRV - [2010.07.07 11:50:52 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe -- (RalinkRegistryWriter64)
 SRV - [2010.07.07 11:50:52 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe -- (RalinkRegistryWriter)
 SRV - [2010.06.28 09:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
 SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
 SRV - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
 SRV - [2009.06.25 09:22:22 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
 SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 SRV - [2008.05.02 03:49:54 | 000,160,272 | ---- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)


========== Driver Services (SafeList) ==========

 DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
 DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
 DRV:64bit: - [2011.09.15 15:53:11 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
 DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
 DRV:64bit: - [2011.03.05 19:32:26 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avmaudio.sys -- (avmaudio)
 DRV:64bit: - [2010.07.07 11:50:42 | 001,034,080 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
 DRV:64bit: - [2009.12.14 12:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\CSCrySec.sys -- (CSCrySec)
 DRV:64bit: - [2009.12.14 12:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
 DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
 DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
 DRV:64bit: - [2009.10.14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\klbg.sys -- (KLBG)
 DRV:64bit: - [2009.10.02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\klmouflt.sys -- (klmouflt)
 DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
 DRV:64bit: - [2009.09.14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6)
 DRV:64bit: - [2009.09.01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1)
 DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
 DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
 DRV:64bit: - [2008.02.29 04:17:00 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouKE.Sys -- (LMouKE)
 DRV:64bit: - [2008.02.29 04:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
 DRV:64bit: - [2008.02.29 04:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
 DRV:64bit: - [2008.02.29 04:16:28 | 000,113,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\L8042mou.Sys -- (L8042mou)
 DRV:64bit: - [2008.02.29 04:16:20 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
 DRV:64bit: - [2008.02.14 08:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
 DRV - [2009.07.16 16:24:13 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\CdaC15BA.SYS -- (CdaC15BA)
 DRV - [2008.12.14 12:05:22 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
 DRV - [2007.03.16 11:11:20 | 000,015,648 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
 IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=hp&installDate=09/06/2013
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
 IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www2.delta-search.com/?q={searchTerms}&affID=121631&tt=gc_&babsrc=SP_ss&mntrId=968D001FD08D15BF
 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost; 127.0.0.1; <local>

========== FireFox ==========

 FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
 FF - prefs.js..extensions.enabledAddons: ffxtlbr@delta.com:1.5.0
 FF - prefs.js..extensions.enabledAddons: {7053c437-386c-452e-a7fa-96b3557eaed3}:1.1
 FF - prefs.js..browser.startup.homepage: 


 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
 FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre1.6.0_13\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
 FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
 FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
 FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
 FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Elke\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Elke\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 17:22:57 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2011.09.15 15:54:47 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 17:22:57 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 [2011.05.26 11:54:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elke\AppData\Roaming\mozilla\Extensions
 [2013.07.11 18:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elke\AppData\Roaming\mozilla\Firefox\Profiles\w3ni35zv.default\extensions
 [2013.04.23 19:39:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Elke\AppData\Roaming\mozilla\Firefox\Profiles\w3ni35zv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
 [2013.04.23 19:39:09 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\Elke\AppData\Roaming\mozilla\firefox\profiles\w3ni35zv.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
 [2013.05.04 00:30:02 | 000,006,506 | ---- | M] () -- C:\Users\Elke\AppData\Roaming\mozilla\firefox\profiles\w3ni35zv.default\searchplugins\babylon.xml
 [2013.07.08 17:39:40 | 000,002,424 | ---- | M] () -- C:\Users\Elke\AppData\Roaming\mozilla\firefox\profiles\w3ni35zv.default\searchplugins\Web Search.xml
 [2012.08.05 20:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 [2012.11.03 01:02:27 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
 [2011.09.15 15:57:34 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
 File not found (No name found) -- C:\USERS\ELKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3NI35ZV.DEFAULT\EXTENSIONS\{7053C437-386C-452E-A7FA-96B3557EAED3}
 File not found (No name found) -- C:\USERS\ELKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3NI35ZV.DEFAULT\EXTENSIONS\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
 File not found (No name found) -- C:\USERS\ELKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3NI35ZV.DEFAULT\EXTENSIONS\FFXTLBR@DELTA.COM
 [2012.09.18 17:22:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
 [2013.05.04 00:28:26 | 000,006,503 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 [2012.09.18 17:22:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

 CHR - default_search_provider: Web (Enabled)
 CHR - default_search_provider: search_url = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=ds&q={searchTerms}&installDate=09/06/2013
 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
 CHR - homepage: hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=7053c437-386c-452e-a7fa-96b3557eaed3&searchtype=hp&installDate=09/06/2013
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Elke\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
 CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Elke\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Elke\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
 CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files (x86)\Java\jre1.6.0_13\bin\new_plugin\npjp2.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
 CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
 CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
 CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
 CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Elke\AppData\Roaming\Mozilla\plugins\npo1d.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
 CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
 CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
 CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
 CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
 CHR - plugin: Google Update (Enabled) = C:\Users\Elke\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll
 CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
 CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
 CHR - Extension: DealPly = C:\Users\Elke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
 CHR - Extension: Skype Click to Call = C:\Users\Elke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\

 O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,736 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
 O1 - Hosts: ::1 localhost
 O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
 O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
 O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
 O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_13\bin\ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.6.0_13\bin\jp2ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
 O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
 O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
 O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
 O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
 O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
 O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
 O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
 O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
 O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
 O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
 O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Elke\AppData\Local\Apps\2.0\BZAJMQRM.4KO\5HK34L7E.4NE\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
 O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
 O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
 O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
 O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
 O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
 O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
 O1364bit: - gopher Prefix: missing
 O13 - gopher Prefix: missing
 O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
 O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
 O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
 O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game02.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
 O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9693A45B-1965-4F76-B0F6-E961D0CEBCBF}: DhcpNameServer = 192.168.178.1
 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
 O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
 O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
 O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
 O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
 O24 - Desktop WallPaper: C:\Users\Elke\Pictures\desktop\P1240354.JPG
 O24 - Desktop BackupWallPaper: C:\Users\Elke\Pictures\desktop\P1240354.JPG
 O32 - HKLM CDRom: AutoRun - 1
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35:64bit: - HKLM\..comfile [open] -- "%1" %*
 O35:64bit: - HKLM\..exefile [open] -- "%1" %*
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
 O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

 [2013.07.11 20:44:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Elke\Desktop\OTL.exe
 [2013.07.11 20:27:54 | 000,000,000 | ---D | C] -- C:\Users\Elke\Documents\Simply Super Software
 [2013.07.11 20:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
 [2013.07.11 20:27:19 | 000,605,968 | ---- | C] (Igor Pavlov) -- C:\Windows\SysWow64\ztv7z.dll
 [2013.07.11 20:27:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
 [2013.07.11 20:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
 [2013.07.09 20:57:43 | 000,000,000 | ---D | C] -- C:\Users\Elke\AppData\Roaming\Minecraft Version Changer
 [2013.07.09 20:57:39 | 000,000,000 | ---D | C] -- C:\Users\Elke\AppData\Local\Craften_Dev_Team
 [2013.07.09 20:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
 [2013.07.09 20:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Craften Terminal
 [2013.07.05 17:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
 [2013.07.05 17:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
 [2013.06.17 20:13:25 | 000,000,000 | ---D | C] -- C:\Users\Elke\AppData\Roaming\File Scout
 [2013.06.16 16:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
 [2013.06.14 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\Elke\Documents\Aktivierung
 [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 [2 C:\Users\Elke\*.tmp files -> C:\Users\Elke\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

 [2013.07.11 20:53:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1203581777-2479668924-669779983-1000UA.job
 [2013.07.11 20:53:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1203581777-2479668924-669779983-1000Core.job
 [2013.07.11 20:48:55 | 001,589,024 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
 [2013.07.11 20:48:55 | 000,681,908 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
 [2013.07.11 20:48:55 | 000,640,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
 [2013.07.11 20:48:55 | 000,149,372 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
 [2013.07.11 20:48:55 | 000,122,822 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 [2013.07.11 20:47:17 | 000,000,000 | ---- | M] () -- C:\Users\Elke\defogger_reenable
 [2013.07.11 20:45:14 | 000,377,856 | ---- | M] () -- C:\Users\Elke\Desktop\gmer_2.1.19163.exe
 [2013.07.11 20:44:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Elke\Desktop\OTL.exe
 [2013.07.11 20:44:18 | 000,050,477 | ---- | M] () -- C:\Users\Elke\Desktop\Defogger.exe
 [2013.07.11 20:39:25 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
 [2013.07.11 20:39:25 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
 [2013.07.11 20:39:23 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2013.07.11 20:39:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2013.07.11 20:27:22 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
 [2013.07.11 17:34:46 | 000,002,655 | ---- | M] () -- C:\Users\Elke\Desktop\Microsoft Office Word 2007.lnk
 [2013.07.09 11:52:21 | 000,002,032 | ---- | M] () -- C:\Users\Elke\AppData\Local\d3d9caps.dat
 [2013.07.06 22:03:47 | 000,228,352 | ---- | M] () -- C:\Users\Elke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2013.07.06 11:50:41 | 000,291,342 | ---- | M] () -- C:\Users\Elke\Desktop\MagicLauncher_1.0.0.zip
 [2013.07.05 17:43:20 | 000,000,931 | ---- | M] () -- C:\Users\Elke\Desktop\Minecraft.exe.lnk
 [2013.06.21 14:41:07 | 000,002,049 | ---- | M] () -- C:\Users\Elke\Desktop\Google Chrome.lnk
 [2013.06.16 19:37:04 | 001,568,094 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 [2013.06.15 20:10:13 | 000,001,100 | ---- | M] () -- C:\Users\Elke\AppData\Local\d3d8caps.dat
 [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 [2 C:\Users\Elke\*.tmp files -> C:\Users\Elke\*.tmp -> ]

========== Files Created - No Company Name ==========

 [2013.07.11 20:47:17 | 000,000,000 | ---- | C] () -- C:\Users\Elke\defogger_reenable
 [2013.07.11 20:45:12 | 000,377,856 | ---- | C] () -- C:\Users\Elke\Desktop\gmer_2.1.19163.exe
 [2013.07.11 20:44:16 | 000,050,477 | ---- | C] () -- C:\Users\Elke\Desktop\Defogger.exe
 [2013.07.11 20:27:22 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
 [2013.07.11 20:27:19 | 000,185,616 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar39.dll
 [2013.07.11 20:27:19 | 000,169,744 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
 [2013.07.11 20:27:19 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
 [2013.07.11 20:27:19 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
 [2013.07.11 20:27:19 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
 [2013.07.06 11:50:40 | 000,291,342 | ---- | C] () -- C:\Users\Elke\Desktop\MagicLauncher_1.0.0.zip
 [2013.07.05 17:43:20 | 000,000,931 | ---- | C] () -- C:\Users\Elke\Desktop\Minecraft.exe.lnk
 [2013.05.05 11:06:38 | 000,792,192 | ---- | C] () -- C:\Users\Elke\OperaSicherung.adr
 [2013.04.30 14:25:54 | 000,001,100 | ---- | C] () -- C:\Users\Elke\AppData\Local\d3d8caps.dat
 [2013.01.25 16:20:29 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
 [2013.01.11 19:10:44 | 000,282,512 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
 [2013.01.11 19:10:36 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
 [2011.02.04 10:39:35 | 000,002,032 | ---- | C] () -- C:\Users\Elke\AppData\Local\d3d9caps.dat
 [2010.09.27 07:49:42 | 000,000,092 | ---- | C] () -- C:\Users\Elke\AppData\Local\fusioncache.dat
 [2009.10.21 09:15:42 | 002,588,480 | ---- | C] () -- C:\Users\Elke\historischeDarstellung.pdf
 [2009.01.12 20:27:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 [2008.12.21 22:24:41 | 000,228,352 | ---- | C] () -- C:\Users\Elke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 [2008.12.13 17:09:47 | 000,607,164 | ---- | C] () -- C:\Program Files (x86)\cpuz_149.zip
 [2008.12.13 14:59:21 | 000,001,460 | ---- | C] () -- C:\Users\Elke\AppData\Local\d3d9caps64.dat

========== ZeroAccess Check ==========

 [2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment

 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Apartment

 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free

 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Free

 [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
 "ThreadingModel" = Both

 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

 [2013.07.10 16:28:33 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\.minecraft
 [2011.04.29 08:02:33 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Acreon
 [2009.06.12 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Anabel
 [2013.05.04 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Babylon
 [2009.11.05 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\BloodTies
 [2013.01.05 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Carbon
 [2013.02.10 17:37:25 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\DealPly
 [2009.11.05 16:52:07 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\everlight
 [2013.06.17 20:13:28 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\File Scout
 [2012.05.13 14:27:16 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\FileZilla
 [2009.10.14 16:59:25 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Friday's games
 [2010.05.12 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Gogii Games
 [2012.12.11 07:40:33 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Image Zone Express
 [2009.03.09 20:52:16 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Intenium
 [2011.05.25 15:35:35 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\LolClient
 [2011.02.16 17:44:54 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\MastersOfMystery2
 [2009.07.16 15:42:21 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Merscom
 [2013.07.09 21:05:43 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Minecraft Version Changer
 [2009.04.08 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\MobMapUpdater
 [2009.07.18 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\OpenOffice.org
 [2011.09.13 17:30:39 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Opera
 [2009.12.09 12:10:14 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Peace Craft
 [2010.12.26 22:03:13 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\PlayFirst
 [2009.09.09 10:58:25 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Playrix Entertainment
 [2009.04.27 11:14:56 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\PoBros
 [2009.08.22 14:51:01 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Printer Info Cache
 [2012.02.29 22:23:49 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\redsn0w
 [2012.10.21 18:18:31 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\RotMG.Production
 [2009.06.15 12:57:53 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\ScreenSeven
 [2010.12.26 23:19:03 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\SpinTop Games
 [2009.07.13 21:15:45 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\TeamViewer
 [2009.01.01 15:43:03 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\TheScruffs
 [2009.05.11 10:16:12 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Total Eclipse
 [2013.07.10 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\TS3Client
 [2010.09.27 07:52:53 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Turbine
 [2011.02.16 17:42:06 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Zylom
 [2009.09.23 13:53:29 | 000,000,000 | ---D | M] -- C:\Users\Elke\AppData\Roaming\Zylom 3 Days Zoo Mystery

========== Purity Check ==========



========== Files - Unicode (All) ==========
 [2013.07.11 17:05:50 | 000,000,000 | ---D | M](C:\ProgramData\?E?E3-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䖸Ė䉘Ė3-40C5-AD09-953C574F14BCÄĖ㭸Ė
 [2013.07.11 17:05:50 | 000,000,000 | ---D | M](C:\ProgramData\?E?E3-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䖸Ė䉘Ė3-40C5-AD09-953C574F14BCÄĖ㭸Ė
 [2013.07.11 17:05:50 | 000,000,000 | ---D | C](C:\ProgramData\?E?E3-40C5-AD09-953C574F14BCÄE?E) -- C:\ProgramData\䖸Ė䉘Ė3-40C5-AD09-953C574F14BCÄĖ㭸Ė
 [2013.07.11 16:53:50 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˧䉘˧3-40C5-AD09-953C574F14BCÄ˧㭸˧
 [2013.07.11 16:53:50 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˧䉘˧3-40C5-AD09-953C574F14BCÄ˧㭸˧
 [2013.07.11 16:53:50 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˧䉘˧3-40C5-AD09-953C574F14BCÄ˧㭸˧
 [2013.07.11 16:44:40 | 000,000,000 | ---D | M](C:\ProgramData\?2?23-40C5-AD09-953C574F14BCÄ2?2) -- C:\ProgramData\䖸2䉘23-40C5-AD09-953C574F14BCÄ2㭸2
 [2013.07.11 16:44:40 | 000,000,000 | ---D | M](C:\ProgramData\?2?23-40C5-AD09-953C574F14BCÄ2?2) -- C:\ProgramData\䖸2䉘23-40C5-AD09-953C574F14BCÄ2㭸2
 [2013.07.11 16:44:40 | 000,000,000 | ---D | C](C:\ProgramData\?2?23-40C5-AD09-953C574F14BCÄ2?2) -- C:\ProgramData\䖸2䉘23-40C5-AD09-953C574F14BCÄ2㭸2
 [2013.07.10 15:26:35 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɿ䉘ɿ3-40C5-AD09-953C574F14BCÄɿ㭸ɿ
 [2013.07.10 15:26:35 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɿ䉘ɿ3-40C5-AD09-953C574F14BCÄɿ㭸ɿ
 [2013.07.10 15:26:35 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɿ䉘ɿ3-40C5-AD09-953C574F14BCÄɿ㭸ɿ
 [2013.07.09 11:50:51 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʰ䉘ʰ3-40C5-AD09-953C574F14BCÄʰ㭸ʰ
 [2013.07.09 11:50:51 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʰ䉘ʰ3-40C5-AD09-953C574F14BCÄʰ㭸ʰ
 [2013.07.09 11:50:51 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʰ䉘ʰ3-40C5-AD09-953C574F14BCÄʰ㭸ʰ
 [2013.07.08 16:58:31 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʔ䉘ʔ3-40C5-AD09-953C574F14BCÄʔ㭸ʔ
 [2013.07.08 16:58:31 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʔ䉘ʔ3-40C5-AD09-953C574F14BCÄʔ㭸ʔ
 [2013.07.08 16:58:31 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʔ䉘ʔ3-40C5-AD09-953C574F14BCÄʔ㭸ʔ
 [2013.07.07 18:34:07 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê3-40C5-AD09-953C574F14BCÄê?ê) -- C:\ProgramData\䖸ê䉘ê3-40C5-AD09-953C574F14BCÄê㭸ê
 [2013.07.07 18:34:07 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê3-40C5-AD09-953C574F14BCÄê?ê) -- C:\ProgramData\䖸ê䉘ê3-40C5-AD09-953C574F14BCÄê㭸ê
 [2013.07.07 18:34:07 | 000,000,000 | ---D | C](C:\ProgramData\?ê?ê3-40C5-AD09-953C574F14BCÄê?ê) -- C:\ProgramData\䖸ê䉘ê3-40C5-AD09-953C574F14BCÄê㭸ê
 [2013.07.07 17:27:08 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɝ䉘ɝ3-40C5-AD09-953C574F14BCÄɝ㭸ɝ
 [2013.07.07 17:27:08 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɝ䉘ɝ3-40C5-AD09-953C574F14BCÄɝ㭸ɝ
 [2013.07.07 17:27:08 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɝ䉘ɝ3-40C5-AD09-953C574F14BCÄɝ㭸ɝ
 [2013.07.05 17:36:47 | 000,000,000 | ---D | M](C:\ProgramData\?ˆ?ˆ3-40C5-AD09-953C574F14BCĈ?ˆ) -- C:\ProgramData\䖸ˆ䉘ˆ3-40C5-AD09-953C574F14BCĈ㭸ˆ
 [2013.07.05 17:36:47 | 000,000,000 | ---D | M](C:\ProgramData\?ˆ?ˆ3-40C5-AD09-953C574F14BCĈ?ˆ) -- C:\ProgramData\䖸ˆ䉘ˆ3-40C5-AD09-953C574F14BCĈ㭸ˆ
 [2013.07.05 17:36:47 | 000,000,000 | ---D | C](C:\ProgramData\?ˆ?ˆ3-40C5-AD09-953C574F14BCĈ?ˆ) -- C:\ProgramData\䖸ˆ䉘ˆ3-40C5-AD09-953C574F14BCĈ㭸ˆ
 [2013.06.29 21:06:19 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʅ䉘ʅ3-40C5-AD09-953C574F14BCÄʅ㭸ʅ
 [2013.06.29 21:06:19 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʅ䉘ʅ3-40C5-AD09-953C574F14BCÄʅ㭸ʅ
 [2013.06.29 21:06:19 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʅ䉘ʅ3-40C5-AD09-953C574F14BCÄʅ㭸ʅ
 [2013.06.28 13:35:24 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʙ䉘ʙ3-40C5-AD09-953C574F14BCÄʙ㭸ʙ
 [2013.06.28 13:35:24 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʙ䉘ʙ3-40C5-AD09-953C574F14BCÄʙ㭸ʙ
 [2013.06.28 13:35:24 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʙ䉘ʙ3-40C5-AD09-953C574F14BCÄʙ㭸ʙ
 [2013.06.26 19:14:07 | 000,000,000 | ---D | M](C:\ProgramData\?B?B3-40C5-AD09-953C574F14BCÄB?B) -- C:\ProgramData\䖸B䉘B3-40C5-AD09-953C574F14BCÄB㭸B
 [2013.06.26 19:14:07 | 000,000,000 | ---D | M](C:\ProgramData\?B?B3-40C5-AD09-953C574F14BCÄB?B) -- C:\ProgramData\䖸B䉘B3-40C5-AD09-953C574F14BCÄB㭸B
 [2013.06.26 19:14:07 | 000,000,000 | ---D | C](C:\ProgramData\?B?B3-40C5-AD09-953C574F14BCÄB?B) -- C:\ProgramData\䖸B䉘B3-40C5-AD09-953C574F14BCÄB㭸B
 [2013.06.24 20:06:39 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʪ䉘ʪ3-40C5-AD09-953C574F14BCÄʪ㭸ʪ
 [2013.06.24 20:06:39 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʪ䉘ʪ3-40C5-AD09-953C574F14BCÄʪ㭸ʪ
 [2013.06.24 20:06:39 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʪ䉘ʪ3-40C5-AD09-953C574F14BCÄʪ㭸ʪ
 [2013.06.23 14:10:04 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˗䉘˗3-40C5-AD09-953C574F14BCÄ˗㭸˗
 [2013.06.23 14:10:04 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˗䉘˗3-40C5-AD09-953C574F14BCÄ˗㭸˗
 [2013.06.23 14:10:04 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸˗䉘˗3-40C5-AD09-953C574F14BCÄ˗㭸˗
 [2013.06.22 12:01:11 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʩ䉘ʩ3-40C5-AD09-953C574F14BCÄʩ㭸ʩ
 [2013.06.22 12:01:11 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʩ䉘ʩ3-40C5-AD09-953C574F14BCÄʩ㭸ʩ
 [2013.06.22 12:01:11 | 000,000,000 | ---D | C](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʩ䉘ʩ3-40C5-AD09-953C574F14BCÄʩ㭸ʩ
 [2013.06.16 10:31:30 | 000,000,000 | ---D | M](C:\ProgramData\?_?_3-40C5-AD09-953C574F14BCÄ_?_) -- C:\ProgramData\䖸ˍ䉘ˍ3-40C5-AD09-953C574F14BCÄˍ㭸ˍ
 [2013.06.16 10:31:30 | 000,000,000 | ---D | M](C:\ProgramData\?_?_3-40C5-AD09-953C574F14BCÄ_?_) -- C:\ProgramData\䖸ˍ䉘ˍ3-40C5-AD09-953C574F14BCÄˍ㭸ˍ
 [2013.06.16 10:31:30 | 000,000,000 | ---D | C](C:\ProgramData\?_?_3-40C5-AD09-953C574F14BCÄ_?_) -- C:\ProgramData\䖸ˍ䉘ˍ3-40C5-AD09-953C574F14BCÄˍ㭸ˍ
 [2013.06.14 18:00:21 | 000,000,000 | ---D | M](C:\ProgramData\?!?!3-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䖸!䉘!3-40C5-AD09-953C574F14BCÄ!㭸!
 [2013.06.14 18:00:21 | 000,000,000 | ---D | M](C:\ProgramData\?!?!3-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䖸!䉘!3-40C5-AD09-953C574F14BCÄ!㭸!
 [2013.06.14 18:00:21 | 000,000,000 | ---D | C](C:\ProgramData\?!?!3-40C5-AD09-953C574F14BCÄ!?!) -- C:\ProgramData\䖸!䉘!3-40C5-AD09-953C574F14BCÄ!㭸!
 [2013.06.11 16:41:39 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʾ䉘ʾ3-40C5-AD09-953C574F14BCÄʾ㭸ʾ
 [2013.06.11 16:41:39 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʾ䉘ʾ3-40C5-AD09-953C574F14BCÄʾ㭸ʾ
 [2013.06.11 15:07:49 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɾ䉘ɾ3-40C5-AD09-953C574F14BCÄɾ㭸ɾ
 [2013.06.11 15:07:49 | 000,000,000 | ---D | M](C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɾ䉘ɾ3-40C5-AD09-953C574F14BCÄɾ㭸ɾ
 [2013.06.07 15:26:11 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʇ䇠ʇcurity Scan
 [2013.06.07 15:26:11 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʇ䇠ʇcurity Scan
 [2013.06.06 14:38:54 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʿ䇠ʿcurity Scan
 [2013.06.06 14:38:54 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʿ䇠ʿcurity Scan
 [2013.06.05 21:33:35 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʵ䇠ʵcurity Scan
 [2013.06.05 21:33:35 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʵ䇠ʵcurity Scan
 [2013.06.05 19:23:25 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʌ䇠ʌcurity Scan
 [2013.06.05 19:23:25 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʌ䇠ʌcurity Scan
 [2013.06.05 08:11:21 | 000,000,000 | ---D | M](C:\ProgramData\?9?9curity Scan) -- C:\ProgramData\㩠9䇠9curity Scan
 [2013.06.05 08:11:21 | 000,000,000 | ---D | M](C:\ProgramData\?9?9curity Scan) -- C:\ProgramData\㩠9䇠9curity Scan
 [2013.06.02 18:48:12 | 000,000,000 | ---D | M](C:\ProgramData\?I?Icurity Scan) -- C:\ProgramData\㩠I䇠Icurity Scan
 [2013.06.02 18:48:12 | 000,000,000 | ---D | M](C:\ProgramData\?I?Icurity Scan) -- C:\ProgramData\㩠I䇠Icurity Scan
 [2013.06.02 15:41:08 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˓䇠˓curity Scan
 [2013.06.02 15:41:08 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˓䇠˓curity Scan
 [2013.05.30 21:06:00 | 000,000,000 | ---D | M](C:\ProgramData\?^?^curity Scan) -- C:\ProgramData\㩠˄䇠˄curity Scan
 [2013.05.30 21:06:00 | 000,000,000 | ---D | M](C:\ProgramData\?^?^curity Scan) -- C:\ProgramData\㩠˄䇠˄curity Scan
 [2013.05.29 17:19:14 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʾ䇠ʾcurity Scan
 [2013.05.29 17:19:14 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʾ䇠ʾcurity Scan
 [2013.05.27 16:17:25 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʳ䇠ʳcurity Scan
 [2013.05.27 16:17:25 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʳ䇠ʳcurity Scan
 [2013.05.26 16:35:15 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʉ䇠ʉcurity Scan
 [2013.05.26 16:35:15 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʉ䇠ʉcurity Scan
 [2013.05.25 19:09:31 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʫ䇠ʫcurity Scan
 [2013.05.25 19:09:31 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʫ䇠ʫcurity Scan
 [2013.05.21 12:09:20 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʭ䇠ʭcurity Scan
 [2013.05.21 12:09:20 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʭ䇠ʭcurity Scan
 [2013.05.18 13:49:55 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˟䇠˟curity Scan
 [2013.05.18 13:49:55 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˟䇠˟curity Scan
 [2013.05.17 19:05:42 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˅䇠˅curity Scan
 [2013.05.17 19:05:42 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˅䇠˅curity Scan
 [2013.05.16 20:06:10 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˃䇠˃curity Scan
 [2013.05.16 20:06:10 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˃䇠˃curity Scan
 [2013.05.15 19:32:35 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʸ䇠ʸcurity Scan
 [2013.05.15 19:32:35 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʸ䇠ʸcurity Scan
 [2013.05.13 08:13:56 | 000,000,000 | ---D | M](C:\ProgramData\? ? curity Scan) -- C:\ProgramData\㩠 䇠 curity Scan
 [2013.05.13 08:13:56 | 000,000,000 | ---D | M](C:\ProgramData\? ? curity Scan) -- C:\ProgramData\㩠 䇠 curity Scan
 [2013.05.12 08:06:48 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʏ䇠ʏcurity Scan
 [2013.05.12 08:06:48 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʏ䇠ʏcurity Scan
 [2013.05.11 20:08:58 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ˀ䇠ˀcurity Scan
 [2013.05.11 20:08:58 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ˀ䇠ˀcurity Scan
 [2013.05.10 17:21:15 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʱ䇠ʱcurity Scan
 [2013.05.10 17:21:15 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʱ䇠ʱcurity Scan
 [2013.05.09 18:50:19 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˛䇠˛curity Scan
 [2013.05.09 18:50:19 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˛䇠˛curity Scan
 [2013.05.08 16:50:19 | 000,000,000 | ---D | M](C:\ProgramData\?Q?Qcurity Scan) -- C:\ProgramData\㩠Q䇠Qcurity Scan
 [2013.05.08 16:50:19 | 000,000,000 | ---D | M](C:\ProgramData\?Q?Qcurity Scan) -- C:\ProgramData\㩠Q䇠Qcurity Scan
 [2013.05.05 11:31:05 | 000,000,000 | ---D | M](C:\ProgramData\?í?ícurity Scan) -- C:\ProgramData\㩠í䇠ícurity Scan
 [2013.05.05 11:31:05 | 000,000,000 | ---D | M](C:\ProgramData\?í?ícurity Scan) -- C:\ProgramData\㩠í䇠ícurity Scan
 [2013.05.05 11:11:27 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʍ䇠ʍcurity Scan
 [2013.05.05 11:11:27 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʍ䇠ʍcurity Scan
 [2013.05.05 10:28:20 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʻ䇠ʻcurity Scan
 [2013.05.05 10:28:20 | 000,000,000 | ---D | M](C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʻ䇠ʻcurity Scan
 (C:\ProgramData\?Q?Qcurity Scan) -- C:\ProgramData\㩠Q䇠Qcurity Scan
 (C:\ProgramData\?í?ícurity Scan) -- C:\ProgramData\㩠í䇠ícurity Scan
 (C:\ProgramData\?I?Icurity Scan) -- C:\ProgramData\㩠I䇠Icurity Scan
 (C:\ProgramData\?9?9curity Scan) -- C:\ProgramData\㩠9䇠9curity Scan
 (C:\ProgramData\?^?^curity Scan) -- C:\ProgramData\㩠˄䇠˄curity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˓䇠˓curity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˅䇠˅curity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˃䇠˃curity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʿ䇠ʿcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʾ䇠ʾcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʻ䇠ʻcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ˀ䇠ˀcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˟䇠˟curity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʭ䇠ʭcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʸ䇠ʸcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʏ䇠ʏcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʍ䇠ʍcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʌ䇠ʌcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʉ䇠ʉcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʇ䇠ʇcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʵ䇠ʵcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʳ䇠ʳcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʫ䇠ʫcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠ʱ䇠ʱcurity Scan
 (C:\ProgramData\????curity Scan) -- C:\ProgramData\㩠˛䇠˛curity Scan
 (C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ʾ䉘ʾ3-40C5-AD09-953C574F14BCÄʾ㭸ʾ
 (C:\ProgramData\????3-40C5-AD09-953C574F14BCÄ???) -- C:\ProgramData\䖸ɾ䉘ɾ3-40C5-AD09-953C574F14BCÄɾ㭸ɾ
 (C:\ProgramData\? ? curity Scan) -- C:\ProgramData\㩠 䇠 curity Scan

 < End of report >
--- --- ---

Extras von OTL:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.07.2013 20:50:09 - Run 1
 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Elke\Desktop
 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 4,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,64% Memory free
 8,17 Gb Paging File | 5,86 Gb Available in Paging File | 71,78% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]

 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 244,14 Gb Total Space | 6,21 Gb Free Space | 2,54% Space Free | Partition Type: NTFS
 Drive D: | 454,49 Gb Total Space | 347,40 Gb Free Space | 76,44% Space Free | Partition Type: NTFS
 Drive K: | 3,71 Gb Total Space | 3,52 Gb Free Space | 94,92% Space Free | Partition Type: FAT32

 Computer Name: AFFENKISTE | User Name: Elke | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
 Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
 https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
 InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- "C:\Users\Elke\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
 Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
 Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
 Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
 https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- "C:\Users\Elke\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
 Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
 Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [dm-Fotowelt] -- "C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
 Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 "cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
 "VistaSp2" = AF D1 BA 48 20 74 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring" = 1

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 "oobe_av" = 1

========== Firewall Settings ==========

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 "EnableFirewall" = 0
 "DisableNotifications" = 0

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
 "EnableFirewall" = 0
 "DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{BDB9632B-8B84-4885-BABA-44D55E227851}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 

========== Vista Active Application Exception List ==========

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 "{0D645CBD-10C4-4306-90A5-AE7285494219}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
 "{10C3848C-61A9-4C2C-A55E-E8A547807F3B}" = protocol=6 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
 "{15C281D6-E242-49B3-B4ED-5BB7641747B5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
 "{1BA84DD3-37DA-4016-A204-CF7AF65D7661}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\common\terraria\terraria.exe | 
 "{230D9E6D-1336-460E-A4EB-8D1EE7E25EDA}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\common\age2hd\launcher.exe | 
 "{25FF3E24-49C7-402B-B0FD-7FD6DA18FC55}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
 "{2EA729C5-1D2E-4873-AECA-67FDA27227FA}" = protocol=17 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
 "{36D0BC0E-E1F1-44DA-96BE-58A3572D1C41}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
 "{3A135CAF-5FA0-48FD-88A1-2943B6DDF9D4}" = protocol=6 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
 "{4710CC28-7424-419F-AC93-FEA6E15FBC44}" = protocol=17 | dir=in | app=c:\users\elke\appdata\local\google\google talk plugin\googletalkplugin.exe | 
 "{49073988-A476-4493-8F75-6F45CF72505A}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\ninodelvani\garrysmod\hl2.exe | 
 "{4AD925BB-1BF4-4B88-8D5E-339A7A4487A9}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
 "{581388BE-6DD1-48AD-94CC-5D08B9EF05AC}" = protocol=6 | dir=in | app=c:\users\elke\appdata\local\google\google talk plugin\googletalkplugin.exe | 
 "{5B8FA554-CBE4-4501-8343-77D629D19690}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
 "{675CDABC-B494-46EF-98ED-2AB53B8067C4}" = protocol=6 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
 "{70165C22-7362-4380-A001-0E2775F9D191}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
 "{8B853787-C28C-469C-9E9E-D01A7499CBAC}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\ninodelvani\garrysmod\hl2.exe | 
 "{9100FCFD-9931-40C3-8B3B-43DDF18D8BA1}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\common\aceofspades\aos.exe | 
 "{970AF63D-B5DA-4D6E-8B29-5125D71BA5D8}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\common\realm of the mad god\realm of the mad god.exe | 
 "{A06C3616-3A1C-4872-A712-D4DB6ED0597C}" = protocol=17 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
 "{A11A8CA4-A629-4007-BD03-5A12A80BCEC2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 "{B87279AE-EEAE-455E-9740-D1F8E0063F1E}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\common\realm of the mad god\realm of the mad god.exe | 
 "{B99A0B24-F0FA-45C7-A944-F0D336FCE0D0}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
 "{BAA6BDB0-6A93-43D2-A4F8-F63D27BCEC47}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\common\terraria\terraria.exe | 
 "{C39F959C-BE01-48CF-8DD6-13DBCE169A18}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
 "{C61A7167-3F11-4BEA-8533-0586FEEE55E7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
 "{D9010EC4-2405-4935-B382-AA7D234900AB}" = protocol=17 | dir=in | app=d:\skyrim\steamapps\common\aceofspades\aos.exe | 
 "{DCAE2F1F-8FB4-4552-B517-D82EE60EB87A}" = protocol=17 | dir=in | app=c:\users\elke\appdata\local\apps\2.0\bzajmqrm.4ko\5hk34l7e.4ne\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
 "{E1F6D16C-3E01-424E-B447-6631EF1EFA9A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
 "{EED6D93C-4832-4EC0-A3E2-AD93209FB18C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | 
 "{F4EB4299-2670-4198-B7A3-5B744B124783}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
 "{F8C056AB-0166-4B79-BE6C-96B1FFE58D6E}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
 "{FBAFFC2D-92FA-43C7-A201-6CE600FBC637}" = protocol=6 | dir=in | app=d:\skyrim\steamapps\common\age2hd\launcher.exe | 
 "TCP Query User{49B7A0C9-9572-49FA-A261-A087EBC6A8EB}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 "TCP Query User{578E5B87-B80B-44CE-BAA3-2F788D5E84BD}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
 "TCP Query User{98AB2B2A-79B0-48AC-9BB7-39022B8EB4B6}C:\program files (x86)\java\jre1.6.0_13\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.6.0_13\bin\javaw.exe | 
 "UDP Query User{6CA390F6-512E-4F5C-90C5-3775EBF24D94}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 "UDP Query User{9C1EC777-FFBC-4804-91B7-0E8B03823E44}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
 "UDP Query User{B2833FD2-0834-42DA-B969-88F61918D4F5}C:\program files (x86)\java\jre1.6.0_13\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.6.0_13\bin\javaw.exe | 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
 "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
 "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "{17E02F38-FF2D-4c3d-83DF-ECE2A1D20A5E}" = AIO_CDB_ToolboxIni64
 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
 "{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
 "{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
 "{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
 "{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
 "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
 "{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
 "{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
 "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
 "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
 "Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
 "HP Imaging Device Functions" = HP Imaging Device Functions 8.0
 "HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
 "HPExtendedCapabilities" = HP Customer Participation Program 8.0
 "HPOCR" = HP OCR Software 8.0
 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
 "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
 "TeamSpeak 3 Client" = TeamSpeak 3 Client

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
 "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
 "{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
 "{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
 "{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
 "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
 "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
 "{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
 "{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{26A24AE4-039D-4CA4-87B4-2F83216013F0}" = Java(TM) 6 Update 13
 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
 "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
 "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
 "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
 "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
 "{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1" = Craften Terminal 3.3.4897.28268
 "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
 "{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
 "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
 "{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
 "{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
 "{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
 "{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
 "{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
 "{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}" = TP-LINK Drahtlos Tool
 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
 "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
 "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
 "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
 "{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
 "{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
 "{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
 "{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
 "{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
 "{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
 "{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
 "{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
 "{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
 "{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
 "{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
 "{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
 "{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
 "{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 "{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
 "{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
 "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
 "{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
 "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
 "{C716522C-3731-4667-8579-40B098294500}" = Toolbox
 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
 "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
 "{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
 "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
 "{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
 "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
 "{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
 "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
 "{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
 "0408a92bd64830bbba0477bd54a12436" = Deep Blue Sea 2 - The Amulet of Light
 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
 "Adobe Photoshop 6.0" = Adobe Photoshop 6.0
 "Adobe SVG Viewer" = Adobe SVG Viewer
 "Atlantica – Wunder der Tiefe (VOLLVERSION)" = Atlantica – Wunder der Tiefe (VOLLVERSION)
 "Audacity_is1" = Audacity 1.2.6
 "Chuzzle Deluxe" = Chuzzle Deluxe
 "Deponia" = Deponia
 "Die Mode-Designerin" = Die Mode-Designerin
 "Digital Editions" = Adobe Digital Editions
 "dm-Fotowelt" = dm-Fotowelt
 "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
 "Easy CD and DVD Cover Creator" = Easy CD and DVD Cover Creator 4.13
 "EXPERTool_is1" = EXPERTool 7.0
 "Feeding Frenzy Deluxe" = Feeding Frenzy Deluxe
 "Hühner-Attacke Deluxe" = Hühner-Attacke Deluxe
 "InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
 "JadeRousseauS01E01" = JadeRousseauS01E01
 "LogMeIn Hamachi" = LogMeIn Hamachi
 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
 "Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 "MozillaMaintenanceService" = Mozilla Maintenance Service
 "OpenAL" = OpenAL
 "Opera 12.15.1748" = Opera 12.15
 "oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.5.0
 "PROPLUS" = Microsoft Office Professional Plus 2007
 "Punch'n'Crunch" = Punch'n'Crunch 1.0
 "PunkBusterSvc" = PunkBuster Services
 "Steam App 105600" = Terraria
 "Steam App 200170" = Worms Revolution
 "Steam App 200210" = Realm of the Mad God
 "Steam App 206500" = AirMech
 "Steam App 221380" = Age of Empires II: HD Edition
 "Steam App 224540" = Ace of Spades
 "Steam App 4000" = Garry's Mod
 "Steam App 65800" = Dungeon Defenders
 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
 "TeamSpeak 3 Client" = TeamSpeak 3 Client
 "TeamViewer 4" = TeamViewer 4
 "TeamViewer 5" = TeamViewer 5
 "Trojan Remover_is1" = Trojan Remover 6.8.7
 "VLC media player" = VLC media player 0.9.8a
 "WinRAR archiver" = WinRAR 4.20 (32-Bit)
 "World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 "Babel Deluxe" = Babel Deluxe
 "Blood Ties Deluxe" = Blood Ties Deluxe
 "Book of Legends Deluxe" = Book of Legends Deluxe
 "Cradle of Persia Deluxe" = Cradle of Persia Deluxe
 "Dream Sleuth Deluxe" = Dream Sleuth Deluxe
 "f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
 "FileZilla Client" = FileZilla Client 3.5.3
 "G.H.O.S.T. Hunters Deluxe" = G.H.O.S.T. Hunters Deluxe
 "Gold Rush - Treasure Hunt Deluxe" = Gold Rush - Treasure Hunt Deluxe
 "Gold Rush Deluxe" = Gold Rush Deluxe
 "Google Chrome" = Google Chrome
 "Jewel Quest Heritage Deluxe" = Jewel Quest Heritage Deluxe
 "Kuros Deluxe" = Kuros Deluxe
 "Little Shop of Treasures Deluxe" = Little Shop of Treasures Deluxe
 "Masters of Mystery Deluxe" = Masters of Mystery Deluxe
 "Mushroom Age Deluxe" = Mushroom Age Deluxe
 "Mystery P.I. - Stolen in San Francisco Deluxe" = Mystery P.I. - Stolen in San Francisco Deluxe
 "Proxy Me!" = Proxy Me!
 "Puzzle Hero Deluxe" = Puzzle Hero Deluxe
 "Saqqarah" = Saqqarah
 "Super Collapse! Puzzle Gallery 4" = Super Collapse! Puzzle Gallery 4
 "The Enchanted Kingdom - Elisa's Adventure Deluxe" = The Enchanted Kingdom - Elisa's Adventure Deluxe
 "The Hidden Object Show Deluxe" = The Hidden Object Show Deluxe
 "The legend of El Dorado Deluxe" = The legend of El Dorado Deluxe

========== Last 20 Event Log Errors ==========

 [ Application Events ]
 Error - 11.07.2013 11:18:05 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 11:27:13 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 11:42:46 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 11:53:01 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 13:09:42 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 13:20:43 | Computer Name = Affenkiste | Source = Windows Search Service | ID = 3013
 Description = 

 Error - 11.07.2013 13:20:56 | Computer Name = Affenkiste | Source = Windows Search Service | ID = 3013
 Description = 

 Error - 11.07.2013 13:25:35 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 14:02:38 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 Error - 11.07.2013 14:40:14 | Computer Name = Affenkiste | Source = WinMgmt | ID = 10
 Description = 

 [ OSession Events ]
 Error - 24.08.2009 17:34:43 | Computer Name = Affenkiste | Source = Microsoft Office 12 Sessions | ID = 7001
 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 88
 seconds with 60 seconds of active time. This session ended with a crash.

 [ System Events ]
 Error - 11.07.2013 14:02:38 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 14:02:38 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 14:05:53 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7038
 Description = 

 Error - 11.07.2013 14:05:53 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 14:39:33 | Computer Name = Affenkiste | Source = Application Popup | ID = 1060
 Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\CdaC15BA.SYS
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.

 Error - 11.07.2013 14:40:14 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 14:40:14 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 14:43:49 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7038
 Description = 

 Error - 11.07.2013 14:43:49 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 

 Error - 11.07.2013 15:00:08 | Computer Name = Affenkiste | Source = Service Control Manager | ID = 7000
 Description = 


 < End of report >
--- --- ---

Den GMER Report kann ich leider nicht einfügen, da ich gestern abend den Scan gestartet habe und da es so lange gedauert hat ihn über
Nacht weiterlaufen lies. Jetzt ist es allerdings so, dass der Rechner immer noch arbeitet der Bildschirm aber vom Standby nicht mehr
raus geht. Er erzählt mir "No Signal, going to sleep".
Soll ich den Rechner neustarten? An dem Lämpchen sieht man das er arbeitet.

Vielen Dank für die Mühe
Elke
Geändert von Misama (12.07.2013 um 05:52 Uhr)

 

Themen zu Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen
7-zip, bho, bildschirm, bonjour, computer, downloader, drahtlos, entfernen, error, filescout.exe, firefox, flash player, google, home, install.exe, kaspersky, launch, logfile, lässt sich nicht entfernen, officejet, plug-in, popup, realtek, scan, security, server, software, somoto, super, tastatur, teamspeak, trojan-downloader.win32multidl.c, trojaner, vista, wrapper


« ie_util.exe mit Trojaner R/Agent.73728.25 | langsamer PC und nun auch noch selbstständig öffnende Werbeseiten »


Ähnliche Themen: Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen


  1. Windows 8.1: Trojan.ADH.2 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 26.05.2014 (8)
  2. Trojan:Win32 lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (18)
  3. Windows7:Kapersky findet HEUR:Trojan.Win32.generic und Trojan.Downloader.Win32MultiDL (Arbeitspc!)
    Log-Analyse und Auswertung - 15.11.2013 (9)
  4. Trojan-Downloaser.Win32MultiDL.c lässt sich nicht entfernen
    Mülltonne - 12.07.2013 (1)
  5. Win32.Trojan.Agent lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (4)
  6. Trojan Downloader, lässt sich nicht löschen.
    Plagegeister aller Art und deren Bekämpfung - 15.10.2010 (3)
  7. Trojan:WinNT/Bubnix.gen!A - lässt sich nicht entfernen
    Log-Analyse und Auswertung - 15.10.2010 (1)
  8. Trojaner: downloader.small.hgx lässt sich nicht finden bzw. entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.08.2010 (17)
  9. Trojan.bho lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 04.03.2010 (1)
  10. Trojan.Flush.M lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2009 (5)
  11. Win32:Trojan-gen lässt sich nicht entfernen
    Log-Analyse und Auswertung - 19.02.2009 (5)
  12. Trojan.BHO lässt sich nicht entfernen
    Log-Analyse und Auswertung - 14.02.2009 (9)
  13. Trojan.Vundo.DVD lässt sich nicht entfernen
    Log-Analyse und Auswertung - 16.01.2008 (4)
  14. "Downloader" lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 18.06.2007 (3)
  15. Trojan-PSW.WIN32.Agent.am lässt sich nicht dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2005 (2)
  16. trojan-gen(other) lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 24.05.2005 (5)
  17. TRJ/Downloader.JH lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.10.2004 (35)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen - Hallo zusammen, ich hoffe ich finde hier Hilfe. Mein Sohn hat auf unserem Computer irgendwie diesen Trojaner Downloader heruntergeladen. Wir haben Kaspersy Pure auf dem Rechner und der schlägt jetzt - Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen...
Archiv
Du betrachtest: Trojan-Downloader.Win32MultiDL.c lässt sich nicht entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131