| |
| |||||||
Log-Analyse und Auswertung: Browser wartet auf Antwort von pb.blabber.comWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
23.10.2012, 13:39
| #1 |
| |  Browser wartet auf Antwort von pb.blabber.com Hallo, ich bin in Sachen Pc ein ziemlicher Laie. Heute früh, als ich auf die Seite vom Arbeitsamt gehen wollte, dauerte es bis die Seite geladen hatte. Unten war dann aber zu lesen....warten auf www.pb.blabber.com. Dann öffnete sich ein Fenster, in dem mitgeteilt wurde, dass die Seite nicht reagiert mit der Option abbrechen oder Warten. Wenn ich auf warten klickte, ging nach knapp einer Minute die Seite wieder, sobald ich aber darin etwas aufrufen wollte, kam das mit blabber wieder. Auch wenn es sehr mühsam war, mit dem warten, fand ich über google den Link zu diesem Forum. Ich hab Malewarebytes auch runtergeladen, das Programm fand über 40 Dinge. Desweiteren habe ich heute vormittag dann noch Avira installiert, da bekam ich dann auch eine Meldung. Ich poste jetzt mal die txt. dateien und hoffe, dass mir hier jemand helfen kann. Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 23. Oktober 2012 09:21
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : GERST-PC
Versionsinformationen:
BUILD.DAT : 13.0.0.2688 48279 Bytes 28.09.2012 10:06:00
AVSCAN.EXE : 13.4.0.190 625440 Bytes 26.09.2012 13:58:14
AVSCANRC.DLL : 13.4.0.163 64800 Bytes 19.09.2012 17:20:53
LUKE.DLL : 13.4.0.184 66848 Bytes 25.09.2012 09:00:15
AVSCPLR.DLL : 13.4.0.190 93984 Bytes 26.09.2012 13:58:22
AVREG.DLL : 13.4.0.180 245536 Bytes 24.09.2012 11:05:45
avlode.dll : 13.4.0.202 419616 Bytes 23.10.2012 05:32:34
avlode.rdf : 13.0.0.24 7196 Bytes 27.09.2012 09:30:38
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 13:50:29
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 13:50:31
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 13:50:34
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 13:50:36
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 13:50:37
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 13:42:40
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 13:42:40
VBASE007.VDF : 7.11.45.207 2363904 Bytes 11.10.2012 05:32:19
VBASE008.VDF : 7.11.45.208 2048 Bytes 11.10.2012 05:32:19
VBASE009.VDF : 7.11.45.209 2048 Bytes 11.10.2012 05:32:19
VBASE010.VDF : 7.11.45.210 2048 Bytes 11.10.2012 05:32:19
VBASE011.VDF : 7.11.45.211 2048 Bytes 11.10.2012 05:32:19
VBASE012.VDF : 7.11.45.212 2048 Bytes 11.10.2012 05:32:19
VBASE013.VDF : 7.11.45.213 2048 Bytes 11.10.2012 05:32:19
VBASE014.VDF : 7.11.46.65 220160 Bytes 16.10.2012 05:32:20
VBASE015.VDF : 7.11.46.153 173568 Bytes 18.10.2012 05:32:21
VBASE016.VDF : 7.11.46.223 162304 Bytes 19.10.2012 05:32:21
VBASE017.VDF : 7.11.47.35 126464 Bytes 22.10.2012 05:32:22
VBASE018.VDF : 7.11.47.36 2048 Bytes 22.10.2012 05:32:22
VBASE019.VDF : 7.11.47.37 2048 Bytes 22.10.2012 05:32:22
VBASE020.VDF : 7.11.47.38 2048 Bytes 22.10.2012 05:32:22
VBASE021.VDF : 7.11.47.39 2048 Bytes 22.10.2012 05:32:22
VBASE022.VDF : 7.11.47.40 2048 Bytes 22.10.2012 05:32:22
VBASE023.VDF : 7.11.47.41 2048 Bytes 22.10.2012 05:32:22
VBASE024.VDF : 7.11.47.42 2048 Bytes 22.10.2012 05:32:22
VBASE025.VDF : 7.11.47.43 2048 Bytes 22.10.2012 05:32:22
VBASE026.VDF : 7.11.47.44 2048 Bytes 22.10.2012 05:32:23
VBASE027.VDF : 7.11.47.45 2048 Bytes 22.10.2012 05:32:23
VBASE028.VDF : 7.11.47.46 2048 Bytes 22.10.2012 05:32:23
VBASE029.VDF : 7.11.47.47 2048 Bytes 22.10.2012 05:32:23
VBASE030.VDF : 7.11.47.48 2048 Bytes 22.10.2012 05:32:23
VBASE031.VDF : 7.11.47.62 5632 Bytes 23.10.2012 05:32:23
Engineversion : 8.2.10.187
AEVDF.DLL : 8.1.2.10 102772 Bytes 19.09.2012 13:42:55
AESCRIPT.DLL : 8.1.4.60 463227 Bytes 23.10.2012 05:32:33
AESCN.DLL : 8.1.9.2 131444 Bytes 26.09.2012 13:54:07
AESBX.DLL : 8.2.5.12 606578 Bytes 28.08.2012 15:58:06
AERDL.DLL : 8.1.9.15 639348 Bytes 27.08.2012 13:50:15
AEPACK.DLL : 8.3.0.38 811382 Bytes 23.10.2012 05:32:32
AEOFFICE.DLL : 8.1.2.48 201082 Bytes 24.09.2012 13:06:59
AEHEUR.DLL : 8.1.4.118 5423480 Bytes 23.10.2012 05:32:31
AEHELP.DLL : 8.1.25.2 258423 Bytes 23.10.2012 05:32:24
AEGEN.DLL : 8.1.5.38 434548 Bytes 26.09.2012 13:54:07
AEEXP.DLL : 8.2.0.6 115060 Bytes 23.10.2012 05:32:33
AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 13:42:55
AECORE.DLL : 8.1.28.2 201079 Bytes 26.09.2012 13:54:07
AEBB.DLL : 8.1.1.3 53621 Bytes 23.10.2012 05:32:24
AVWINLL.DLL : 13.4.0.163 25888 Bytes 19.09.2012 17:09:30
AVPREF.DLL : 13.4.0.163 50464 Bytes 19.09.2012 17:07:51
AVREP.DLL : 13.4.0.163 177952 Bytes 19.09.2012 17:08:15
AVARKT.DLL : 13.4.0.184 260384 Bytes 25.09.2012 08:51:51
AVEVTLOG.DLL : 13.4.0.185 167200 Bytes 25.09.2012 08:52:37
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19.09.2012 17:17:40
AVSMTP.DLL : 13.4.0.163 62240 Bytes 19.09.2012 17:08:54
NETNT.DLL : 13.4.0.163 15648 Bytes 19.09.2012 17:16:26
RCIMAGE.DLL : 13.4.0.163 4780832 Bytes 19.09.2012 17:21:16
RCTEXT.DLL : 13.4.0.163 68384 Bytes 19.09.2012 17:21:16
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_50862f0a\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig
Beginn des Suchlaufs: Dienstag, 23. Oktober 2012 09:21
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'AvastSvc.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'FreemakeUtilsService.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'ibsvc.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'ICQ Service.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'MotoHelperService.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'ForwardDaemon.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtlService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtWlan.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'MotoHelperAgent.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'ExtensionUpdaterService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmwu.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'vsnpstd3.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'GPlayer.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'FixCamera.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'tsnpstd3.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACDaemon.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchospt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'cy-Software.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'AvastUI.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SweetPacksUpdateManager.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'ArcCon.ac' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'tbhcn.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchosptd.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\Gerst\AppData\Local\Temp\YontooSetup-Silent.exe'
C:\Users\Gerst\AppData\Local\Temp\YontooSetup-Silent.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/Yontoo.E.1
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '562cd4cd.qua' verschoben!
Ende des Suchlaufs: Dienstag, 23. Oktober 2012 09:22
Benötigte Zeit: 00:53 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
1170 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1169 Dateien ohne Befall
12 Archive wurden durchsucht
0 Warnungen
1 Hinweise
OTL Logfile:
Code:
ATTFilter OTL logfile created on: 23.10.2012 13:48:32 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gerst\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,29% Memory free 7,50 Gb Paging File | 6,01 Gb Available in Paging File | 80,20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 94,30 Gb Total Space | 7,73 Gb Free Space | 8,20% Space Free | Partition Type: NTFS Drive D: | 59,48 Gb Total Space | 22,11 Gb Free Space | 37,18% Space Free | Partition Type: NTFS Drive E: | 32,43 Gb Total Space | 0,25 Gb Free Space | 0,76% Space Free | Partition Type: NTFS Computer Name: GERST-PC | User Name: Gerst | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.23 13:47:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gerst\Downloads\OTL.exe PRC - [2012.10.19 02:26:06 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe PRC - [2012.10.06 11:23:36 | 000,592,640 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.08.23 15:40:04 | 000,188,760 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe PRC - [2012.07.29 16:28:12 | 004,862,424 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe PRC - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe PRC - [2012.06.28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.06.28 14:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.05.31 12:53:00 | 000,096,768 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe PRC - [2012.02.26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe PRC - [2011.06.27 08:27:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010.06.25 17:41:38 | 001,126,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtWlan.exe PRC - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe PRC - [2007.05.10 13:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe PRC - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\Windows\tsnpstd3.exe ========== Modules (No Company Name) ========== MOD - [2012.10.02 08:02:30 | 002,105,368 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe MOD - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe MOD - [2007.05.10 13:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe MOD - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\Windows\tsnpstd3.exe ========== Services (SafeList) ========== SRV:64bit: - [2012.09.13 15:26:50 | 001,259,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (WebOptimizer) SRV - [2012.10.09 18:49:43 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.06 11:23:36 | 000,592,640 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService) SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.08.23 15:40:04 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.05.31 12:53:00 | 000,096,768 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver) SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe -- (Realtek11nSU) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.13 15:52:59 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.06.28 14:52:39 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.06.28 14:52:36 | 000,958,912 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.06.28 14:52:36 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.06.28 14:52:36 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.06.28 14:52:35 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.06.28 14:52:34 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.06.08 16:08:28 | 000,031,232 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.23 20:00:04 | 000,031,832 | ---- | M] (Cybits AG) [verify-U]_System) [verify-U]_System [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cy-driver.sys -- ([verify-U]_System) DRV:64bit: - [2011.06.28 11:37:16 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.08.12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:64bit: - [2010.01.21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag) DRV:64bit: - [2010.01.21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem) DRV:64bit: - [2010.01.21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus) DRV:64bit: - [2010.01.07 03:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.19 11:26:34 | 001,154,560 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3) DRV:64bit: - [2008.04.24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2007.10.16 10:36:46 | 010,693,120 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3) DRV - [2010.11.22 10:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys -- (X5XSEx) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.10.16 10:35:58 | 010,376,576 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\snpstd3.sys -- (SNPSTD3) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04} IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.02010003&st=12&q={searchTerms}&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=116267&tt=031012_ccp_4012_6&babsrc=HP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = about:blank [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 E9 77 F5 9D 1E CC 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0E56EB6B-AFC4-439F-AB39-40693BF25B51}: "URL" = hxxp://ws.infospace.com/gamers_brw/ws/redir?_iceUrl=true&user_id=%userid&tool_id=%toolid&qkw={searchTerms} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=116267&tt=031012_ccp_4012_6&babsrc=SP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe IE - HKCU\..\SearchScopes\{165E4D4F-A036-48BA-AD91-0F9C5FDC87E5}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE IE - HKCU\..\SearchScopes\{3F156C3E-BC8D-47D8-82CD-532708C206DB}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{849EC6B9-1AFE-4BED-9F22-852F0703B527}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie IE - HKCU\..\SearchScopes\{9B00DCB6-800A-4479-B45D-9EB370AD1CE1}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE472 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb187?a=(6PQCUKlbFX)&search={searchTerms}&i=26 IE - HKCU\..\SearchScopes\{E406284B-E174-4AAE-9985-EB0FDF2F0185}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{E8356815-64A8-44A1-B82D-4B35780D47D1}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.02010003&st=12&q={searchTerms}&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.3.4 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb165?a=6PQCUKlbFX&i=26" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "MyStart Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE" FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.08.31 13:01:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.03 19:22:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.06.13 18:02:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.08.31 13:01:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.23 22:59:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.10 14:55:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.06 11:24:58 | 000,000,000 | ---D | M] [2011.12.23 23:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\Extensions [2012.10.23 07:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions [2012.10.07 19:38:39 | 000,000,000 | ---D | M] (IMVU Inc) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8} [2012.06.13 18:02:06 | 000,000,000 | ---D | M] (FreeMake Community Toolbar) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{adca5064-9e30-43fe-9856-58b07a3149fe} [2012.08.24 07:38:45 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com [2012.10.23 07:30:51 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@ask.com [2012.10.06 11:26:10 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@web.de [2012.02.19 23:26:07 | 000,018,684 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\ich@maltegoetz.de.xpi [2012.10.06 11:26:06 | 000,563,640 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\toolbar@web.de.xpi [2012.08.07 22:29:57 | 000,172,310 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012.10.06 11:26:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2012.10.06 11:26:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2012.10.06 11:26:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire [2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire [2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire [2012.10.06 11:26:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire [2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire [2012.10.06 11:26:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire [2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire [2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire [2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire [2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire [2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire [2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire [2012.10.06 11:26:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire [2012.10.06 11:26:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2012.10.06 11:26:30 | 000,000,933 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\11-suche.xml [2012.10.23 07:30:51 | 000,002,344 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\askcom.xml [2012.10.06 11:24:57 | 000,002,547 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\browsemngr.xml [2012.06.05 17:20:58 | 000,000,919 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\conduit.xml [2012.10.06 11:26:31 | 000,002,419 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\englische-ergebnisse.xml [2012.10.06 11:26:29 | 000,010,525 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\gmx-suche.xml [2012.10.06 11:26:31 | 000,002,457 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\lastminute.xml [2012.10.06 11:40:10 | 000,002,126 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\MyStart Search.xml [2012.08.24 07:38:45 | 000,002,792 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\Plusnetwork.xml [2012.08.07 22:30:13 | 000,004,003 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\sweetim.xml [2012.10.06 11:26:27 | 000,005,508 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\webde-suche.xml [2012.04.04 19:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.04.04 19:07:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.06.13 18:02:36 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX [2012.08.31 13:01:15 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.10.06 11:24:58 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.762.17\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION [2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.03.08 12:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll [2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.06 11:24:43 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE CHR - default_search_provider: Ask (Enabled) CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms} CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: king.com - Game controller for firefox (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmidas.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Avira Toolbar = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.29869_0\ CHR - Extension: YouTube = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Browser Companion Helper = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\ CHR - Extension: Google-Suche = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Web Assistant = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\ CHR - Extension: avast! WebRep = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\ CHR - Extension: Freemake Video Converter = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: New tab for Chrome\\u2122 = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\ CHR - Extension: FreemakeTB = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\2.3.17.1_0\ CHR - Extension: Skype Click to Call = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: Facecons = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\2.0_0\ CHR - Extension: Settings Protector = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Google Mail = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Avira Toolbar = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.29869_0\ CHR - Extension: YouTube = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Browser Companion Helper = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\ CHR - Extension: Google-Suche = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Web Assistant = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\ CHR - Extension: avast! WebRep = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\ CHR - Extension: Freemake Video Converter = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: New tab for Chrome\\u2122 = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\ CHR - Extension: FreemakeTB = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\2.3.17.1_0\ CHR - Extension: Skype Click to Call = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: Facecons = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\2.0_0\ CHR - Extension: Settings Protector = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Google Mail = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.) O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (FreeMake Toolbar) - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FACECONS Class) - {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files (x86)\Facecons\facecons.dll (Facecons) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (FreeMake Toolbar) - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKCU\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (FreeMake Toolbar) - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation) O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe () O4 - HKCU..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.) O4 - Startup: C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CE976F9-0BE1-4D2D-8773-C839AFCF0B7B}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28971C0A-B5D4-436E-A623-321BDD4BD2FA}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{407316FD-96FB-4A7F-8010-DF46878B8816}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46DCC40F-AB48-4726-8C36-4F68BF427F0D}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF8E938-8437-447E-9B80-14C9D34F7281}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADC954C4-9302-4A68-8CDE-7A5B72F4DF3F}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2E6A9AD-8C62-4C4A-AED1-3082D1B70BAF}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\base64 - No CLSID value found O18:64bit: - Protocol\Handler\chrome - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\prox - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20 - AppInit_DLLs: (c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{53aec07a-8a90-11e0-af16-0025228ccbe2}\Shell - "" = AutoRun O33 - MountPoints2\{53aec07a-8a90-11e0-af16-0025228ccbe2}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O33 - MountPoints2\{544d7c6d-a14e-11e0-b89d-0025228ccbe2}\Shell - "" = AutoRun O33 - MountPoints2\{544d7c6d-a14e-11e0-b89d-0025228ccbe2}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{544d7c72-a14e-11e0-b89d-0025228ccbe2}\Shell - "" = AutoRun O33 - MountPoints2\{544d7c72-a14e-11e0-b89d-0025228ccbe2}\Shell\AutoRun\command - "" = M:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.23 08:28:46 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Malwarebytes [2012.10.23 08:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.23 08:28:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.23 08:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.23 08:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.23 07:34:53 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Avira [2012.10.23 07:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.23 07:30:37 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\AskToolbar [2012.10.23 07:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2012.10.23 07:30:13 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\APN [2012.10.23 07:29:50 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.10.23 07:29:50 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.10.23 07:29:50 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.10.23 07:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.23 07:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.10.10 12:49:35 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.10 12:49:34 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.10 12:49:33 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.10 12:49:28 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.10.10 12:49:28 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.10.10 12:49:27 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.10.10 12:49:27 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.10.10 12:49:26 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.10.10 12:49:26 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.10.10 12:49:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.10.10 12:49:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.10.10 12:49:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.10.10 12:49:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.10.10 12:49:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.10.10 12:49:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 12:49:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 12:49:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 12:49:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.10.10 12:49:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 12:49:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 12:49:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 12:49:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 12:49:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 12:49:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 12:49:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 12:49:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.10.10 12:49:21 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.10.10 12:49:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 12:49:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.10.10 12:49:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.10.10 12:49:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 12:49:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.10.10 12:49:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.10.10 12:49:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 12:49:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 12:49:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 12:49:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.10.10 12:49:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.10.10 12:49:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.10.10 12:49:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.10 12:48:48 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.10 12:48:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.10.07 19:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMVU_Inc [2012.10.06 11:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB [2012.10.06 11:50:03 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\PC_Drivers_Headquarters [2012.10.06 11:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters [2012.10.06 11:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective [2012.10.06 11:27:17 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\Macromedia [2012.10.06 11:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters [2012.10.06 11:25:05 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager [2012.10.06 11:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012.10.06 11:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService [2012.10.06 10:59:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.10.06 10:59:50 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.10.06 10:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2012.10.06 10:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012.10.06 09:18:15 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Canneverbe Limited [2012.10.06 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2012.10.06 09:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2012.09.27 15:03:18 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll [2012.09.26 05:16:05 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.23 13:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.23 13:43:50 | 000,000,000 | ---- | M] () -- C:\Users\Gerst\defogger_reenable [2012.10.23 13:31:59 | 000,017,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.23 13:31:59 | 000,017,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.23 13:24:18 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.23 13:23:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.23 13:23:48 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys [2012.10.23 13:20:30 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.23 11:10:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-782898060-67044703-3243815555-1002UA.job [2012.10.23 11:10:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-782898060-67044703-3243815555-1002Core.job [2012.10.23 08:28:38 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.23 07:31:01 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.10.23 06:19:30 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.23 06:19:30 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.23 06:19:30 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.23 06:19:30 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.23 06:19:30 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.09 18:49:42 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.10.09 18:49:42 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.07 19:38:42 | 000,000,009 | ---- | M] () -- C:\END [2012.10.06 11:28:00 | 000,002,495 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk [2012.10.06 09:18:02 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.23 13:43:50 | 000,000,000 | ---- | C] () -- C:\Users\Gerst\defogger_reenable [2012.10.23 08:28:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.23 07:31:01 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.10.07 19:38:42 | 000,000,009 | ---- | C] () -- C:\END [2012.10.06 11:28:00 | 000,002,495 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk [2012.10.06 09:18:02 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2012.10.06 09:18:02 | 000,001,895 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2012.09.27 15:03:18 | 001,259,888 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe [2012.08.07 22:29:17 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2012.05.26 10:52:10 | 000,270,806 | ---- | C] () -- C:\Users\Gerst\Bewerbung Klinikum SüW.pdf [2012.03.10 08:32:15 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll [2012.03.10 08:32:15 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll [2012.02.25 20:13:04 | 001,590,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.12.09 15:50:04 | 000,009,728 | ---- | C] () -- C:\Users\Gerst\Weihnachtstombola der Naturfreunde.wps [2011.12.09 15:39:32 | 000,014,622 | ---- | C] () -- C:\Users\Gerst\Weihnachtstombola der Naturfreunde.odt [2011.12.08 14:33:45 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe [2011.10.16 11:56:22 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini [2011.09.30 18:05:49 | 000,000,680 | RHS- | C] () -- C:\Users\Gerst\ntuser.pol [2011.08.24 13:18:50 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011.06.10 15:30:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.06.09 18:03:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2011.06.09 18:03:24 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe [2011.06.09 18:03:24 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe [2011.06.09 18:03:23 | 000,155,648 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll [2011.06.09 18:03:23 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll [2011.06.09 18:03:23 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll [2011.06.09 18:03:23 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini [2011.06.02 11:59:54 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2011.06.02 11:59:54 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2011.05.31 20:06:43 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI [2011.05.30 14:50:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.05.30 09:41:17 | 000,143,360 | R--- | C] () -- C:\Windows\SysWow64\VmixP6.dll [2011.05.30 09:41:08 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl [2011.05.30 09:40:42 | 000,002,123 | R--- | C] () -- C:\Windows\Cmicnfg3.ini.cfg [2011.05.30 09:40:42 | 000,000,094 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.10.2012 13:48:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gerst\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,29% Memory free
7,50 Gb Paging File | 6,01 Gb Available in Paging File | 80,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,30 Gb Total Space | 7,73 Gb Free Space | 8,20% Space Free | Partition Type: NTFS
Drive D: | 59,48 Gb Total Space | 22,11 Gb Free Space | 37,18% Space Free | Partition Type: NTFS
Drive E: | 32,43 Gb Total Space | 0,25 Gb Free Space | 0,76% Space Free | Partition Type: NTFS
Computer Name: GERST-PC | User Name: Gerst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3A65BD88-3DA7-46E9-8B7E-B949781CE597}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{9AF94A04-1259-4D74-B307-B184F9FEE679}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{F7332919-DD5D-4929-9871-04CFB91F96AA}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0266AF75-8D91-4563-88DE-2DDFEE05B149}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0C32D58F-F5A3-4C81-9286-9C8BF1340042}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{0CE05ECF-A68E-4A5C-8C3C-2072FC388666}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{1F38CE2F-FCFD-47D9-B454-4EE4857EA38A}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{37FE820C-FD37-4303-9921-F6D6F53EBA13}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3B59BE10-F2CD-4A56-936F-C71093ED3008}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{4394B77F-A615-4EAF-8A11-2057E5A96061}" = protocol=6 | dir=in | app=c:\program files (x86)\hama\wireless lan rtl8192su\rtwlan.exe |
"{44E25921-0AE4-437C-9341-8D8938647E25}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{468D685C-0BFD-4548-A576-261013792523}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5401BA3A-3731-4A3D-A24D-AA90187DB922}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{5F773F45-6C99-48CF-938F-D88F6943B169}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{845E682C-406E-4FA4-8593-3905F609FE20}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{92789CD6-6283-4CFF-AD64-84217451F235}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{958650BC-EB80-468E-B0E6-619BFA14B7A3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{9C7B26BF-8B5E-40BA-88EF-85601D273788}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{A28A2C2B-8A40-464E-A785-7686DFD0E543}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A73FF78D-1669-4E66-A47C-21AF9B2C43CA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A96A7188-70BF-4502-ADF5-07B2DFE88BE4}" = protocol=17 | dir=in | app=c:\program files (x86)\hama\wireless lan rtl8192su\rtwlan.exe |
"{BA131863-4815-41E4-803C-02CE498ED657}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{C8D71B59-9055-4079-882F-E54F5DE6C287}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{CE138D92-6EAC-4F90-84E4-61A8052EC221}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{D332E49E-D404-47E7-B137-C98066FF1B92}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E840EAC5-A048-4364-AC00-D93EB955C66B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{38137F8A-EAA7-4F76-B658-D44F1D963B39}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{BD002E5F-75A6-47B6-9D2A-B7BDA8745BA3}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A2862596-B7C3-4D7F-A227-40FEDDF1332B}" = WEB.DE Toolbar MSVC100 CRT x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"38BB6F2F20AD589004D14C8F9B04E9BE033828B2" = Windows-Treiberpaket - Ralink (netr28ux) Net (04/21/2008 2.01.06.0000)
"418E0AE0FB62AFD7C73A95F3BEF0D83B37684839" = Windows-Treiberpaket - Atheros Communications Inc. (athrusb) Net (03/26/2008 2.2.0.15)
"5FEC02015B1D869BDDC0AE1E5B573F8B3632FE20" = Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net (05/19/2008 2.00.06.0000)
"93A6F6D028ABE440673A298C1022FF011EF69A50" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187) Net (01/30/2007 6.1281.0130.2007)
"A9580A5A4845F3496B74332CAA559990264D75FE" = Windows-Treiberpaket - Ralink (rt70x64) Net (10/09/2007 3.01.00.0000)
"AEB58C7600F3E7F186524F3093CEC6C99B9603D7" = Windows-Treiberpaket - Ralink Technology Corp. (rt61x64) Net (09/28/2007 2.01.00.0000)
"C17B1F81B9B462DE0D3C29AC6F621693D7D413F8" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187B) Net (09/04/2007 6.1102.0904.2007)
"CD89980E6EC55B37A729DFD159B87C86CB4A3D0F" = Windows-Treiberpaket - Ralink Technology, Inc. (RT2500) Net (06/01/2006 3.02.00.0000)
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"D70E51E1F6FCCAB16F80032C95267FF16609C9DC" = Windows-Treiberpaket - Ralink (netr7364) Net (02/26/2008 3.01.4.0000)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SURF-SITTER PC" = JuSProg
"WNLT" = Web Optimizer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{09D95363-4C6D-4C37-B9E0-B4C7D5B1F7BF}" = OpenOffice.org 3.2
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{1650594B-3979-48DB-B8F2-4634CAA872A3}_is1" = Bounty Bay Online
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2AADC4EE-94C8-422B-977B-547774C4A463}" = Motorola Device Software Update
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4AEFE4FD-8EF1-4D61-B3CF-52016EAE6692}" = Hama Webcam Suite
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{60CE924D-12CB-4A96-8B75-18F92CE1D585}" = CrazyTalk v6.21 PRO Testversion
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8F4507EF-C5F3-46CE-9718-9D3698821333}" = Motorola Driver Installation
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1" = Artweaver Free 3.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Hama Wireless LAN Adapter
"{9F8B32EB-0B7D-4565-8627-26AEB84BE9DA}_is1" = Asgars wilde Abeneteuer
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Hama Webcam AC-150
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = WEB.DE Toolbar für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira Free Antivirus
"BabylonToolbar" = Babylon toolbar
"BrowserCompanion" = BrowserCompanion
"Call of Duty" = Call of Duty
"exent_642550" = Jewel Quest 3
"Facecons" = Facecons
"Foxit Reader_is1" = Foxit Reader 5.0
"FreeMake Toolbar" = FreeMake Toolbar
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.0.2
"Game Cam" = Game Cam 2.6.1.0
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"IMVU_Inc Toolbar" = IMVU Inc Toolbar
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"king.com" = king.com (remove only)
"LG Internet Kit" = LG Internet Kit
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Updater Service" = Updater Service
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.10.2012 00:00:25 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 03:12:28 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 06:37:39 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 09:17:54 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 10:22:24 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 14:27:21 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2012 00:14:14 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2012 00:32:34 | Computer Name = Gerst-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16450 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: a34 Startzeit: 01cdb0d73fc2d4ee Endzeit: 5 Anwendungspfad: C:\Program
Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 23.10.2012 01:47:16 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2012 07:25:38 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 07.07.2012 01:41:01 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 07:40:55 - Fehler beim Herstellen der Internetverbindung. 07:40:55
- Serververbindung konnte nicht hergestellt werden..
Error - 27.07.2012 02:05:12 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 08:05:04 - Fehler beim Herstellen der Internetverbindung. 08:05:04
- Serververbindung konnte nicht hergestellt werden..
Error - 11.09.2012 11:17:53 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:17:53 - Fehler beim Herstellen der Internetverbindung. 17:17:53
- Serververbindung konnte nicht hergestellt werden..
Error - 11.09.2012 11:18:03 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:17:58 - Fehler beim Herstellen der Internetverbindung. 17:17:58
- Serververbindung konnte nicht hergestellt werden..
Error - 11.09.2012 12:18:08 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 18:18:08 - Fehler beim Herstellen der Internetverbindung. 18:18:08
- Serververbindung konnte nicht hergestellt werden..
Error - 11.09.2012 12:18:15 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 18:18:13 - Fehler beim Herstellen der Internetverbindung. 18:18:13
- Serververbindung konnte nicht hergestellt werden..
Error - 17.09.2012 11:43:41 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:43:41 - Fehler beim Herstellen der Internetverbindung. 17:43:41
- Serververbindung konnte nicht hergestellt werden..
Error - 17.09.2012 11:43:52 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:43:47 - Fehler beim Herstellen der Internetverbindung. 17:43:47
- Serververbindung konnte nicht hergestellt werden..
Error - 05.10.2012 11:42:03 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:42:03 - Fehler beim Herstellen der Internetverbindung. 17:42:03
- Serververbindung konnte nicht hergestellt werden..
Error - 05.10.2012 11:42:13 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:42:09 - Fehler beim Herstellen der Internetverbindung. 17:42:09
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 22.10.2012 10:20:50 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 22.10.2012 10:21:20 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Freemake Improver erreicht.
Error - 22.10.2012 10:21:20 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 22.10.2012 14:25:38 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 22.10.2012 14:26:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Freemake Improver erreicht.
Error - 22.10.2012 14:26:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 23.10.2012 00:12:40 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 23.10.2012 00:13:26 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
ICQ Service erreicht.
Error - 23.10.2012 01:45:45 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 23.10.2012 07:24:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
< End of report >
Geändert von cosinus (27.10.2012 um 19:32 Uhr) Grund: CODE-Tags |
|
25.10.2012, 12:26
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Browser wartet auf Antwort von pb.blabber.com adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren
__________________Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ |
|
27.10.2012, 08:51
| #3 |
| | Browser wartet auf Antwort von pb.blabber.com Hallo, danke erstmal für die Antwort :-)
__________________Also, inzwischen geht bei mir das browsen wieder. Ich denke mal es lag an dem Fund von Avira, den ich als erstes gepostet hatte. Allerdings geht mein Pc recht langsam, da ist wohl einiges im argen. Hier nun das Ergebnis vom Adw-Cleaner Code:
ATTFilter # AdwCleaner v2.005 - Datei am 27/10/2012 um 09:45:48 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Gerst - GERST-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Gerst\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : Browser Manager
Gefunden : IBUpdaterService
Gefunden : ICQ Service
Gefunden : Web Assistant Updater
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Gerst\AppData\Local\Temp\Uninstall.exe
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\browsemngr.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\MyStart Search.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Plusnetwork.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\SweetIm.xml
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\BabylonToolbar
Ordner Gefunden : C:\Program Files (x86)\BrowserCompanion
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\FreeMake
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\Program Files (x86)\IMVU_Inc
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files (x86)\SweetIM
Ordner Gefunden : C:\Program Files\Web Assistant
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\FreeMake
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\InstallMate
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMake
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\ProgramData\SweetIM
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Gerst\AppData\Local\APN
Ordner Gefunden : C:\Users\Gerst\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\CT2612669
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\CT3214568
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\iWin
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeMake
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\ConduitCommon
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\CT3214568
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{adca5064-9e30-43fe-9856-58b07a3149fe}
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\SweetPacksToolbarData
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Gerst\Documents\FreeMake
Ordner Gefunden : C:\Users\Oliver\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\Oliver\Documents\FreeMake
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ordner Gefunden : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Freecause
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Freemake
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\IMVU_Inc
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Freemake
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\kgficikadnmmefckdecajlmffkbagomp
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\AVG Secure Search
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\Freemake
Schlüssel Gefunden : HKLM\Software\IMVU_Inc
Schlüssel Gefunden : HKLM\Software\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kgficikadnmmefckdecajlmffkbagomp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660DE797-5EB5-4A06-A923-B305E8931A8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E2D7089-E2AA-45AB-848E-E0BE066119E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{786B2D71-892B-4464-A456-CF9B26FF806E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F53A28E5-4E41-4CEE-AA62-6ED99771222E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeMake Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKLM\SOFTWARE\Web Assistant
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=116267&tt=031012_ccp_4012_6&babsrc=HP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe
-\\ Mozilla Firefox v9.0.1 (de)
Profilname : default
Datei : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\prefs.js
Gefunden : user_pref("CT3214568.autoDisableScopes", -1);
Gefunden : user_pref("browser.search.order.1", "Ask.com");
Gefunden : user_pref("extensions.incredibar_i.aflt", "orgnl");
Gefunden : user_pref("extensions.incredibar_i.dfltLng", "");
Gefunden : user_pref("extensions.incredibar_i.did", "10665");
Gefunden : user_pref("extensions.incredibar_i.excTlbr", false);
Gefunden : user_pref("extensions.incredibar_i.id", "4ceb4670000000000000001f1fe1a3fe");
Gefunden : user_pref("extensions.incredibar_i.installerproductid", "26");
Gefunden : user_pref("extensions.incredibar_i.instlDay", "15530");
Gefunden : user_pref("extensions.incredibar_i.instlRef", "");
Gefunden : user_pref("extensions.incredibar_i.ms_url_id", "");
Gefunden : user_pref("extensions.incredibar_i.newTab", false);
Gefunden : user_pref("extensions.incredibar_i.ppd", "");
Gefunden : user_pref("extensions.incredibar_i.prdct", "incredibar");
Gefunden : user_pref("extensions.incredibar_i.productid", "26");
Gefunden : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Gefunden : user_pref("extensions.incredibar_i.smplGrp", "none");
Gefunden : user_pref("extensions.incredibar_i.tlbrId", "base");
Gefunden : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQCUKlbFX&loc=IB[...]
Gefunden : user_pref("extensions.incredibar_i.upn2", "6PQCUKlbFX");
Gefunden : user_pref("extensions.incredibar_i.upn2n", "92543199019085837");
Gefunden : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Gefunden : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:14:39");
Gefunden : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Gefunden : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb187?a=6PQCUKlbFX&i=26");
Gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb165?[...]
Gefunden : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F[...]
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "MyStart Search");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Gefunden : user_pref("CT2612669.autoDisableScopes", 0);
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultenginename", "Ask.com");
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://mystart.incredibar.com/mb187?a=(6PQCUK[...]
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gefunden [l.12] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE",
Gefunden [l.59] : icon_url = "hxxp://www.ask.com/favicon.ico",
Gefunden [l.62] : keyword = "ask.com",
Gefunden [l.65] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}",
Gefunden [l.66] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"
Gefunden [l.1865] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE",
Datei : C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\Toibas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [44213 octets] - [27/10/2012 09:45:48]
########## EOF - C:\AdwCleaner[R1].txt - [44274 octets] ##########
Geändert von cosinus (27.10.2012 um 19:34 Uhr) Grund: CODE-Tags |
|
27.10.2012, 19:39
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Browser wartet auf Antwort von pb.blabber.com Ok einiges an Toolbars ist da. Das entfernen wir später. 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Browser wartet auf Antwort von pb.blabber.com |
| adware, application/pdf:, audacity, aufrufe, avira, avira searchfree toolbar, babylon toolbar, babylontoolbar, bho, browser, browser manager, desktop, excel, fehler, firefox, flash player, google, home, ibupdaterservice, iexplore.exe, incredibar toolbar, installation, logfile, msiexec.exe, object, origin, plug-in, programm, prozesse, realtek, registry, rundll, security, svchospt.exe, svchost.exe, sweetim, taskhost.exe, teamspeak, windows, wuauclt.exe |
Linear-Darstellung
