| Alex-Graf | 09.06.2013 19:22 |
Hallo Leo!
habe alle Anweisungen genau befolgt.
hier die Logs:
AdwCleaner:AdwCleaner Logfile: Code:
# AdwCleaner v2.303 - Datei am 09/06/2013 um 20:03:16 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Manuel - MANUEL-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Manuel\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : Browser Manager
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\08ku9wlj.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\08ku9wlj.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\08ku9wlj.default\searchplugins\browsemngr.xml
Ordner Gelöscht : C:\Program Files\SweetIM
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Manuel\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\23765~1.24\{16cdf~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\5f57dcdeb734ef10
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\5f57dcdeb734ef10
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16483
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110824&tt=101012_1807_4112_5&babsrc=HP_ss&mntrId=4a27383a000000000000002269db3021 --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\08ku9wlj.default\prefs.js
C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\08ku9wlj.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.search.order.1", "Search the web (Babylon)");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "4a27383a000000000000002269db3021");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15625");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.715:52:12");
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2692] : homepage = "hxxp://search.babylon.com/?affID=110824&tt=101012_1807_4112_5&babsrc=HP_ss&mntrId=4a[...]
*************************
AdwCleaner[S1].txt - [8937 octets] - [09/06/2013 20:03:16]
########## EOF - C:\AdwCleaner[S1].txt - [8997 octets] ##########
--- --- ---
OTL:OTL Logfile: Code:
OTL logfile created on: 09.06.2013 20:09:18 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Manuel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,89% Memory free
5,99 Gb Paging File | 4,71 Gb Available in Paging File | 78,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 103,59 Gb Free Space | 53,04% Space Free | Partition Type: NTFS
Drive D: | 92,78 Gb Total Space | 42,90 Gb Free Space | 46,24% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 9,35 Gb Free Space | 2,01% Space Free | Partition Type: NTFS
Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Manuel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Steam\Steam.exe (Valve Corporation)
PRC - C:\Programme\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\wmi32.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Steam\bin\chromehtml.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Programme\Steam\SDL2.dll ()
MOD - C:\Programme\Steam\bin\libcef.dll ()
MOD - C:\Programme\Steam\bin\avcodec-53.dll ()
MOD - C:\Programme\Steam\bin\avformat-53.dll ()
MOD - C:\Programme\Steam\bin\avutil-51.dll ()
MOD - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.DEU ()
MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.FRA ()
========== Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Blackberry Device Manager) -- C:\Programme\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab ZAO)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 96 60 34 B6 6D CD 01 [binary data]
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\..\SearchScopes\{D498A40F-6DA6-4B12-8573-48B943A999E1}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=9795324F-2D04-4394-B278-EBE26B0ACEE8&apn_sauid=BE18CBCC-4AD8-4366-8E32-70D2F4BE317B
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4253816152-622618448-4240331627-1003\..\SearchScopes,DefaultScope =
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.05.25 20:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.05.25 20:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.05.25 20:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.05.25 20:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.05.25 20:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.05.13 07:43:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.07.30 13:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions
[2013.05.21 19:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\08ku9wlj.default\extensions
[2012.07.30 13:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.26 17:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.26 17:08:59 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.13 07:43:23 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Manuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - Extension: YouTube = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TankiOnline = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo\1.0.6_0\
CHR - Extension: Gun Bros = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh\2.0.2_0\
CHR - Extension: Monster Dash = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Google-Suche = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gun Blood = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj\1.0.0_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Logitech SetPoint = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: Cut the Rope = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: Zermalmen Das Castle 2 = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\milehilcjijllgfjelbchjeikaamapck\1.0.1_0\
CHR - Extension: CS Portable = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbobnomeadpljdaeihjniijokmcplla\1.0.1_0\
CHR - Extension: Android\u2122 for Google Chrome\u2122 = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafpbplbbeehhfhdfdnkgpflkfikechf\1.5_0\
CHR - Extension: Google Mail = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
CHR - Extension: YouTube = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TankiOnline = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo\1.0.6_0\
CHR - Extension: Gun Bros = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh\2.0.2_0\
CHR - Extension: Monster Dash = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog\2.2_0\
CHR - Extension: Google-Suche = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gun Blood = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj\1.0.0_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Logitech SetPoint = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\
CHR - Extension: Cut the Rope = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: Zermalmen Das Castle 2 = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\milehilcjijllgfjelbchjeikaamapck\1.0.1_0\
CHR - Extension: CS Portable = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbobnomeadpljdaeihjniijokmcplla\1.0.1_0\
CHR - Extension: Android\u2122 for Google Chrome\u2122 = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafpbplbbeehhfhdfdnkgpflkfikechf\1.5_0\
CHR - Extension: Google Mail = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-4253816152-622618448-4240331627-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKU\S-1-5-21-4253816152-622618448-4240331627-1001..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4253816152-622618448-4240331627-1001..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4253816152-622618448-4240331627-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27E466E0-BCD0-429C-B63B-21AFEEC454E3}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA8F97E0-2775-44F0-8E44-4B3A3FB95147}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7d40df88-b6dc-11e2-b42d-002269db3021}\Shell - "" = AutoRun
O33 - MountPoints2\{7d40df88-b6dc-11e2-b42d-002269db3021}\Shell\AutoRun\command - "" = G:\EasySuite.exe
O33 - MountPoints2\{d77acdb2-cf32-11e2-a8e1-002269db3021}\Shell - "" = AutoRun
O33 - MountPoints2\{d77acdb2-cf32-11e2-a8e1-002269db3021}\Shell\AutoRun\command - "" = J:\EasySuite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.09 19:50:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.06.09 17:37:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2013.06.09 17:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013.06.09 17:06:56 | 000,594,528 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2013.06.09 17:06:56 | 000,074,848 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2013.06.06 20:43:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spreng- und Abriss-Simulator
[2013.06.06 20:43:32 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spreng- und Abriss-Simulator
[2013.06.06 20:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spreng- und Abriss-Simulator
[2013.06.06 20:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Spreng- und Abriss-Simulator
[2013.06.04 16:53:16 | 000,000,000 | --SD | C] -- C:\Users\Manuel\Documents\Meine Datenquellen
[2013.06.03 19:37:04 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\DVDVideoSoft
[2013.06.03 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.06.03 19:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.05.27 16:35:05 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\my games
[2013.05.26 17:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.26 17:09:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.05.15 16:40:06 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\CrashDumps
[2013.05.14 11:11:50 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\AdobeUM
[2013.05.14 10:53:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2013.05.13 07:48:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2013.05.13 07:44:48 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Leadertech
[2013.05.13 07:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013.05.13 07:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013.05.13 07:39:59 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Logitech
[2013.05.13 07:39:59 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Logishrd
[2013.05.12 09:24:20 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Autodesk
[2013.05.11 19:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013.05.11 19:55:13 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\IrfanView
[2013.05.11 19:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2013.05.11 18:17:13 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2013.05.10 21:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.05.10 21:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.05.10 21:01:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.05.10 20:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.05.10 20:58:59 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Microsoft Help
[2013.05.10 20:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.05.10 20:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.05.10 20:58:42 | 000,000,000 | RH-D | C] -- C:\MSOCache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.09 20:07:22 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.09 20:07:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.09 20:07:02 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.09 20:05:45 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 20:05:45 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 20:03:04 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.09 19:54:05 | 000,648,201 | ---- | M] () -- C:\Users\Manuel\Desktop\adwcleaner.exe
[2013.06.09 19:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.09 19:12:22 | 000,594,528 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2013.06.09 19:12:21 | 000,074,848 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2013.06.09 18:23:28 | 002,425,277 | ---- | M] () -- C:\Users\Manuel\Desktop\LAN_11.29.2.3.ZIP
[2013.06.09 18:13:37 | 000,377,856 | ---- | M] () -- C:\Users\Manuel\Desktop\gmer_2.1.19163.exe
[2013.06.09 18:10:32 | 000,000,000 | ---- | M] () -- C:\Users\Manuel\defogger_reenable
[2013.06.09 18:08:02 | 000,050,477 | ---- | M] () -- C:\Users\Manuel\Desktop\Defogger.exe
[2013.06.09 17:37:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe
[2013.06.07 07:59:57 | 001,655,202 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.07 07:59:57 | 000,939,030 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.07 07:59:57 | 000,452,826 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.07 07:59:57 | 000,395,482 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.06 20:43:32 | 000,001,983 | ---- | M] () -- C:\Users\Manuel\Desktop\Spreng- und Abriss-Simulator.lnk
[2013.06.06 20:43:32 | 000,001,230 | ---- | M] () -- C:\Users\Manuel\Desktop\Spreng- und Abriss-Simulator Anleitung.lnk
[2013.06.03 19:35:26 | 000,001,197 | ---- | M] () -- C:\Users\Manuel\Desktop\DVDVideoSoft Free Studio.lnk
[2013.05.28 12:47:54 | 000,000,215 | ---- | M] () -- C:\Users\Manuel\Desktop\Dino D-Day.url
[2013.05.25 20:24:56 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kneps.sys
[2013.05.25 20:24:56 | 000,044,432 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kltdi.sys
[2013.05.19 10:09:28 | 000,003,584 | ---- | M] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.19 09:07:33 | 000,002,453 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2013.05.16 09:33:05 | 000,489,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.15 12:01:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.05.14 11:19:11 | 000,001,508 | ---- | M] () -- C:\Users\Public\Documents\AcStd7_0_0.ini
[2013.05.14 11:18:59 | 000,000,091 | ---- | M] () -- C:\Users\Public\Documents\AcStd7_0_0.sta
[2013.05.14 10:54:24 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.09 19:53:56 | 000,648,201 | ---- | C] () -- C:\Users\Manuel\Desktop\adwcleaner.exe
[2013.06.09 18:13:34 | 000,377,856 | ---- | C] () -- C:\Users\Manuel\Desktop\gmer_2.1.19163.exe
[2013.06.09 18:10:32 | 000,000,000 | ---- | C] () -- C:\Users\Manuel\defogger_reenable
[2013.06.09 18:08:01 | 000,050,477 | ---- | C] () -- C:\Users\Manuel\Desktop\Defogger.exe
[2013.06.06 20:43:32 | 000,001,983 | ---- | C] () -- C:\Users\Manuel\Desktop\Spreng- und Abriss-Simulator.lnk
[2013.06.06 20:43:32 | 000,001,230 | ---- | C] () -- C:\Users\Manuel\Desktop\Spreng- und Abriss-Simulator Anleitung.lnk
[2013.06.06 16:03:29 | 002,425,277 | ---- | C] () -- C:\Users\Manuel\Desktop\LAN_11.29.2.3.ZIP
[2013.05.28 12:47:53 | 000,000,215 | ---- | C] () -- C:\Users\Manuel\Desktop\Dino D-Day.url
[2013.05.19 10:09:28 | 000,003,584 | ---- | C] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.15 12:01:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.05.14 11:12:15 | 000,000,091 | ---- | C] () -- C:\Users\Public\Documents\AcStd7_0_0.sta
[2013.05.14 11:12:14 | 000,001,508 | ---- | C] () -- C:\Users\Public\Documents\AcStd7_0_0.ini
[2013.05.14 10:54:24 | 000,002,501 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 7.0 Standard.lnk
[2013.05.14 10:54:24 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 7.0.lnk
[2013.05.14 10:54:24 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2013.05.14 10:54:24 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 7.0 Standard.lnk
[2012.11.30 15:56:46 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.07.29 19:59:09 | 000,017,408 | ---- | C] () -- C:\Users\Manuel\AppData\Local\WebpageIcons.db
[2012.03.29 10:52:10 | 000,138,608 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2012.03.29 10:52:10 | 000,074,608 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2012.03.29 10:52:08 | 000,309,616 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011.09.27 11:17:26 | 000,198,144 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll
========== ZeroAccess Check ==========
[2012.04.05 23:42:48 | 000,000,642 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4253816152-622618448-4240331627-1001\$RJ5PMTG\minimap\n.png
[2012.04.05 23:43:06 | 000,000,268 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-4253816152-622618448-4240331627-1001\$RJ5PMTG\minimap\zantextures\n.png
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.05.20 13:29:45 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\.minecraft
[2013.05.12 09:24:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Autodesk
[2013.05.08 12:29:14 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Canon
[2013.05.07 15:41:35 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DataDesign
[2013.06.03 19:35:59 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
[2013.05.11 19:55:13 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\IrfanView
[2013.05.13 07:44:48 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Leadertech
[2013.05.07 15:40:53 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Lexware
[2013.05.11 18:19:14 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2013.02.17 14:34:20 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\ProtectDISC
[2013.05.07 15:06:52 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Research In Motion
[2012.08.05 15:03:15 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\SPORE
[2012.08.29 13:12:31 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Unity
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
--- --- --- |
Hinweise zum Ablauf
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
Textbox. 