Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


Plagegeister aller Art und deren Bekämpfung: Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 06.10.2013, 12:18   #1
M-K-D-B
/// TB-Ausbilder
 
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Standard

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


Servus,



wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.



Schritt 1
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
  • Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)





Schritt 2
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
FF Extension: pricealarm - C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\q66nwk3y.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_491425\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
Reg: reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Incredibar.com" /f
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 4

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 5
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von ZOEK,
  • die Logdatei von FRST,
  • die Logdatei von MBAM,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.
Alt 09.10.2013, 14:45   #2
M-K-D-B
/// TB-Ausbilder
 
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Standard

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Alt 16.10.2013, 16:17   #3
M-K-D-B
/// TB-Ausbilder
 
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Standard

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


Servus,



du hast mir eine PM geschrieben und gefragt, ob es weitergehen kann.


Ja, kann es. Poste mir alle Logdateien.
__________________
Alt 06.10.2013, 12:11   #4
Verena72
 
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Standard

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_63dd4169aa9a932e.manifest --a---- 2238 bytes [17:57 14/07/2009] [17:57 14/07/2009] 33E5EC4F7E81F4C8B9C8EAEF2A8EC7FC
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_a5ac6196f231571d.manifest --a---- 2241 bytes [17:57 14/07/2009] [17:57 14/07/2009] 8E97B063D90AC608286287124D3857B0
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_1413722bc729bf88.manifest ------- 2252 bytes [09:36 18/06/2012] [02:26 20/11/2010] B9B75B59DDD821A096012EBEA4C810E0
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_660e5531a78916c8.manifest ------- 2238 bytes [09:36 18/06/2012] [02:26 20/11/2010] 9103CB80CAF53EC17513955383C863B9
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_12c74f95f1034c6d.manifest --a---- 2238 bytes [17:57 14/07/2009] [17:57 14/07/2009] 416F0AD1D18E0C665354AA767B29B137
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b9961c3b23422616.manifest --a---- 2241 bytes [17:57 14/07/2009] [17:57 14/07/2009] F5033405BD06B5CCC329FA79A57597DF
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_c0cc6c9010a3f52d.manifest --a---- 2252 bytes [17:57 14/07/2009] [17:57 14/07/2009] B6ACC517D82B02131DBB5F6D998ABFFA
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_14f8635dedf1d007.manifest ------- 2238 bytes [09:36 18/06/2012] [02:25 20/11/2010] 7DC0400F3CC8AD52180265BE13C422E8
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_c2fd80580d9278c7.manifest ------- 2252 bytes [09:36 18/06/2012] [02:27 20/11/2010] 80DB3F26D9CEF3585E4838C73473DBC3
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_4ccd4a261e619c1f.manifest --a---- 2235 bytes [17:57 14/07/2009] [17:57 14/07/2009] 10A1B01654096D522280648BCD7EF7C3
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_7579516c1c6bb173.manifest --a---- 2249 bytes [17:57 14/07/2009] [17:57 14/07/2009] 1881020CBA18BB8B80A432089A7896AC
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_92688006fc394ff6.manifest --a---- 2238 bytes [17:57 14/07/2009] [17:57 14/07/2009] 3C3028F0370CA4BC06F82D0C4CF2E593
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_4efe5dee1b501fb9.manifest ------- 2235 bytes [09:36 18/06/2012] [02:26 20/11/2010] 61E4BC25AAEA921437916129496FCD9D
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_77aa6534195a350d.manifest ------- 2249 bytes [09:36 18/06/2012] [02:25 20/11/2010] A09FFEEF238D23172EA17EAF6C4EF9F8
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..nse-oem-homepremium_31bf3856ad364e35_6.1.7600.16385_none_a96852da1901f665.manifest --a---- 1058 bytes [01:48 14/07/2009] [01:45 14/07/2009] D691AF9412EB9578F76424DCC6F614FE
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..se-eval-homepremium_31bf3856ad364e35_6.1.7600.16385_none_c04caea90aaa04f0.manifest --a---- 1062 bytes [01:52 14/07/2009] [01:44 14/07/2009] 00329143DF8FA1818EE357F96EEFC6D8
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..se-oem-homepremiume_31bf3856ad364e35_6.1.7600.16385_none_8a7c3eb2f02f6a58.manifest --a---- 1062 bytes [01:50 14/07/2009] [01:45 14/07/2009] 94A23FEDACEA9006C37EDAE42093EE13
C:\Windows\winsxs\Manifests\x86_microsoft-windows-l..se-oem-homepremiumn_31bf3856ad364e35_6.1.7600.16385_none_8a1aef66f07865d1.manifest --a---- 1062 bytes [01:48 14/07/2009] [01:45 14/07/2009] 65CB8CC9A5FD2430B2EE2E8EF6DA544B

Searching for "*incredibar*"
No files found.

Searching for "*SimplyTech*"
No files found.

Searching for "*OpenCandy*"
No files found.

Searching for "*HomeTab*"
C:\AdwCleaner\Quarantine\C\Users\Mariejoanna81\AppData\Local\DownloadGuide\Offers\hometab.exe.vir --a---- 3618696 bytes [10:12 26/09/2013] [10:12 26/09/2013] 18ACCC6319051EE187A121A3AAEB4181

Searching for "*sweetim*"
No files found.

Searching for "*Crossrider*"
C:\Users\Mariejoanna81\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QJH4I95\CrossriderInfo[1].js --a---- 2084 bytes [10:14 26/09/2013] [10:14 26/09/2013] DF446F3DBD84A1DEB1058DBF4BEC2DD6
C:\Users\Mariejoanna81\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QJH4I95\CrossriderUtils[1].js --a---- 12231 bytes [10:14 26/09/2013] [10:14 26/09/2013] 4AA9356C3BD16EEFA0B71433B7091328
C:\Users\Mariejoanna81\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1M7GDF7\CrossriderAppUtils[1].js --a---- 5811 bytes [10:14 26/09/2013] [10:14 26/09/2013] 1F43EE7D7D526DB302BF483B9215B007
C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_491425\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\13_CrossriderAppUtils.js --a---- 5955 bytes [10:15 26/09/2013] [10:14 26/09/2013] A15314F10FA928B5C242EDDC4B91F503
C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_491425\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\14_CrossriderUtils.js --a---- 12369 bytes [10:15 26/09/2013] [10:14 26/09/2013] 56E07DB48844B5EB4DD57F053D87A38D
C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_491425\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\78_CrossriderInfo.js --a---- 2220 bytes [10:15 26/09/2013] [10:14 26/09/2013] EC3226E86137F361EEEF8F1244A0225A
C:\Users\Mariejoanna81\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_491425\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\crossrider_statusbar.png --a---- 1361 bytes [10:15 26/09/2013] [10:14 26/09/2013] 8B1EB9CB80417EC0022D278A44AB1DC7

Searching for "*certified-toolbar*"
No files found.

========== folderfind ==========

Searching for "*IBUpdater*"
No folders found.

Searching for "*Web Assistant*"
C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant d------ [17:01 02/10/2013]

Searching for "*Premium*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners d------ [10:10 15/06/2012]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners d------ [10:10 15/06/2012]
C:\Windows\System32\de-DE\Licenses\eval\HomePremium d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\eval\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\eval\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\OEM\HomePremium d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\OEM\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\OEM\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\_Default\HomePremium d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\_Default\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\System32\de-DE\Licenses\_Default\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\System32\spp\tokens\skus\Security-SPP-Component-SKU-HomePremium d------ [18:18 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\eval\HomePremium d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\eval\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\eval\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\OEM\HomePremium d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\OEM\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\OEM\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\_Default\HomePremium d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\_Default\HomePremiumE d------ [17:58 14/07/2009]
C:\Windows\SysWOW64\de-DE\Licenses\_Default\HomePremiumN d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-a..premiumed.resources_31bf3856ad364e35_6.1.7600.16385_de-de_603a0d18d8fc57e4 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-b..g-shell-homepremium_31bf3856ad364e35_6.1.7600.16385_none_9c05526173da9e18 d------ [05:30 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-b..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_a929f0f3243439af d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-b..ng-base-homepremium_31bf3856ad364e35_6.1.7600.16385_none_7de3f055667d5adf d------ [05:30 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_01cafd1aaa8ec853 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6e00f9e78298ad24 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bffbdced62f80464 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_70320daf7f8730be d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_c22cf0b55fe687fe d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_15b4b7bedb9f974c d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_1ceb0813c9016663 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6ee5eb19a960bda3 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_1f1c1bdbc5efe9fd d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_7116fee1a64f413d d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_a8ebe5a9d6bf0d55 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_d197ecefd4c922a9 d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ee871b8ab496c12c d------ [17:58 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_ab1cf971d3ad90ef d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_d3c900b7d1b7a643 d------ [12:50 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_6.1.7600.16385_none_bb5cbd0914a046fc d------ [05:30 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_6.1.7601.17514_none_bd8dd0d1118eca96 d------ [12:49 23/06/2012]
C:\Windows\winsxs\amd64_microsoft-windows-s..ent-sku-homepremium_31bf3856ad364e35_6.1.7600.16385_none_8b01e2f4127bf404 d------ [05:30 14/07/2009]
C:\Windows\winsxs\amd64_microsoft-windows-s..ent-sku-homepremium_31bf3856ad364e35_6.1.7601.17514_none_8d32f6bc0f6a779e d------ [09:42 18/06/2012]
C:\Windows\winsxs\wow64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_6.1.7600.16385_none_c5b1675b490108f7 d------ [05:30 14/07/2009]
C:\Windows\winsxs\wow64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_6.1.7601.17514_none_c7e27b2345ef8c91 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_11e25e63ca3b3bee d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_63dd4169aa9a932e d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7600.16385_de-de_a5ac6196f231571d d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_1413722bc729bf88 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_6.1.7601.17514_de-de_660e5531a78916c8 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_12c74f95f1034c6d d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b9961c3b23422616 d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7600.16385_de-de_c0cc6c9010a3f52d d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_14f8635dedf1d007 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_6.1.7601.17514_de-de_c2fd80580d9278c7 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_4ccd4a261e619c1f d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_7579516c1c6bb173 d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7600.16385_de-de_92688006fc394ff6 d------ [17:58 14/07/2009]
C:\Windows\winsxs\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_4efe5dee1b501fb9 d------ [12:50 23/06/2012]
C:\Windows\winsxs\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_6.1.7601.17514_de-de_77aa6534195a350d d------ [12:50 23/06/2012]

Searching for "*incredibar*"
No folders found.

Searching for "*SimplyTech*"
C:\AdwCleaner\Quarantine\C\Users\Mariejoanna81\AppData\LocalLow\SimplyTech d------ [17:01 02/10/2013]

Searching for "*OpenCandy*"
C:\AdwCleaner\Quarantine\C\Users\Mariejoanna81\AppData\Roaming\OpenCandy d------ [17:01 02/10/2013]

Searching for "*HomeTab*"
No folders found.

Searching for "*sweetim*"
No folders found.

Searching for "*Crossrider*"
No folders found.

Searching for "*certified-toolbar*"
No folders found.

========== regfind ==========

Searching for "IBUpdater"
No data found.

Searching for "Web Assistant"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant]

Searching for "Premium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-HomePremiumEEdition~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-HomePremiumNEdition~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\WinEmb-PremiumCodecs-WMV~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-HomePremiumEdition-wrapper~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Branding-HomePremium-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition-wrapper~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition-wrapper~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-HomePremiumEdition-wrapper~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="HomePremium.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-HomePremiumEdition~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-LocalPack-DE-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallLocation"="\\?\C:\temp\HomePremium\dism-sandbox\D84ACC58-CDE2-4C51-BA50-4C94371B5EC8\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-MobilePC-Client-Premium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-PhotoPremiumPackage~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Printing-PremiumTools-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Security-SPP-Component-SKU-HomePremium-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Networking-MPSSVC-Rules-HomePremiumEdition-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Server-Help-Package.ClientHomePremium~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\UpdateDetect\Server-Help-Package.ClientHomePremium-Update]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-a..indowshomepremiumed_31bf3856ad364e35_none_b5cdfdefdca2e0b7]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-a..premiumed.resources_31bf3856ad364e35_de-de_7a4c7762811205cb]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-b..epremium-deployment_31bf3856ad364e35_none_de05cb4f06528ace]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-b..g-shell-homepremium_31bf3856ad364e35_none_406c711d1a878c37]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-b..mepremium.resources_31bf3856ad364e35_de-de_40ee0fcd23612598]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-b..ng-base-homepremium_31bf3856ad364e35_none_fe920f0ce32021e8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-h..epremium-deployment_31bf3856ad364e35_none_dad3c57d7ec8bcdc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-h..epremium-deployment_31bf3856ad364e35_none_edc06ba8e0bfb01a]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..default-homepremium_31bf3856ad364e35_none_465ab4140d5502c6]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..e-eval-homepremiume_31bf3856ad364e35_none_bcd86b716ff3f3f2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..e-eval-homepremiumn_31bf3856ad364e35_none_bcd79e696ff4da9b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..efault-homepremiume_31bf3856ad364e35_none_67b2e5f408ec4ea9]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..efault-homepremiumn_31bf3856ad364e35_none_67bbe88e08e432b8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_5f9c2ca038d99d4b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_6fd07339a2ac6b14]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_e65b97046e398a8b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_434dc4d5645537a3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_7385e74469ea6c44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_fa4551a89f4a5984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_0c9243c5da72a4c3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_154ff135f35099ee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_4f82e91064dff1a2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..nse-oem-homepremium_31bf3856ad364e35_none_cd417a694907040c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..se-eval-homepremium_31bf3856ad364e35_none_29e195c6f549ad19]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..se-oem-homepremiume_31bf3856ad364e35_none_aeef214b311e68f1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-l..se-oem-homepremiumn_31bf3856ad364e35_none_aef823e531164d00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_none_71dc44a608aa7973]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-photopremiumdeployment_31bf3856ad364e35_none_4abb4de85674a744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..ent-sku-homepremium_31bf3856ad364e35_none_c9757b5f7aae82ab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..epremium-deployment_31bf3856ad364e35_none_bfd9e149002c405f]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_server-help-deploym..ienthomepremium.chm_31bf3856ad364e35_none_14efe52c56caeb31]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_server-help-deploym..ienthomepremium.h1s_31bf3856ad364e35_none_14f9d6fa56c0d737]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-m..aultlocationpremium_31bf3856ad364e35_none_7c30eef83d0b3b6e]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-photopremiumdeployment_31bf3856ad364e35_none_550ff83a8ad5693f]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..default-homepremium_31bf3856ad364e35_none_ea3c189054f79190]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..e-eval-homepremiume_31bf3856ad364e35_none_60b9cfedb79682bc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..e-eval-homepremiumn_31bf3856ad364e35_none_60b902e5b7976965]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..efault-homepremiume_31bf3856ad364e35_none_0b944a70508edd73]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..efault-homepremiumn_31bf3856ad364e35_none_0b9d4d0a5086c182]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_037d911c807c2c15]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_13b1d7b5ea4ef9de]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiume.resources_31bf3856ad364e35_de-de_8a3cfb80b5dc1955]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_17674bc0b18cfb0e]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_9e26b624e6ece84e]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..epremiumn.resources_31bf3856ad364e35_de-de_e72f2951abf7c66d]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_b073a8422215338d]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_b93155b23af328b8]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..mepremium.resources_31bf3856ad364e35_de-de_f3644d8cac82806c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..nse-oem-homepremium_31bf3856ad364e35_none_7122dee590a992d6]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..se-eval-homepremium_31bf3856ad364e35_none_cdc2fa433cec3be3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..se-oem-homepremiume_31bf3856ad364e35_none_52d085c778c0f7bb]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-l..se-oem-homepremiumn_31bf3856ad364e35_none_52d9886178b8dbca]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SMDEn]
"OEM3"="c:\programdata\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners\Microsoft Office - 60-Tage-Testversion.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SMDEn]
"OEM4"="c:\programdata\Microsoft\Windows\Start Menu\Programs\VAIO Premium Partners\VAIO Premium Partners.lnk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
"EditionID"="HomePremium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
"ProductName"="Windows 7 Home Premium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VAIO Premium Partners 1.00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VAIO Premium Partners 1.00]
"DisplayName"="VAIO Premium Partners 1.00"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion]
"EditionID"="HomePremium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion]
"ProductName"="Windows 7 Home Premium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sony Corporation\Installed Software\Modules\VAIO Premium Partners 150395]

Searching for "incredibar"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Incredibar.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Incredibar.com\incredibar]
[HKEY_USERS\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Incredibar.com]
[HKEY_USERS\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Incredibar.com\incredibar]

Searching for "SimplyTech"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"newtab"="%appdata%\SimplyTech\home\home.htm"

Searching for "OpenCandy"
No data found.

Searching for "HomeTab"
No data found.

Searching for "sweetim"
No data found.

Searching for "Crossrider"
No data found.

Searching for "certified-toolbar"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"TopResultURLFallback"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Default_Page_URL"="hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search]
"Start Page"="hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search]
"Start Default_Page_URL"="hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search]
"Search Bar"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search]
"Search Page"="hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"URL"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"TopResultURLFallback"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"TopResultURLFallback"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q=%s"
[HKEY_USERS\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B"
[HKEY_USERS\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"TopResultURLFallback"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q={searchTerms}"
[HKEY_USERS\S-1-5-21-2766355210-2261221984-3006064297-1000\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380146400000.000008&tguid=66920-6787-1380190410140-28748E41B5971D66C482CC116C114E9B&q=%s"

Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Resource> </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" > <InitializationParameters> <Param Name="PSVersion" Value="2.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_FREECOM&PROD_DATABAR&REV_1.00#12110000 000067BF&0#]
"DeviceDesc"="DATABAR "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#359374033266236 &0#]
"DeviceDesc"="S60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#359374033266236 &1#]
"DeviceDesc"="S60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_FREECOM&PROD_DATABAR&REV_1.00#12110000 000067BF&0#]
"DeviceDesc"="DATABAR "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#359374033266236 &0#]
"DeviceDesc"="S60 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#359374033266236 &1#]
"DeviceDesc"="S60 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_FREECOM&PROD_DATABAR&REV_1.00#1211 0000000067BF&0#]
"DeviceDesc"="DATABAR "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#35937403326 6236&0#]
"DeviceDesc"="S60 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&2&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_NOKIA&PROD_S60&REV_1.0#35937403326 6236&1#]
"DeviceDesc"="S60 "

-= EOF =-

Alt 06.10.2013, 12:12   #5
Verena72
 
Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Standard

Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


Ja ich konnte das kmplette nicht in einem post hier hochladen...weil die 12tausend Wort Grenze erreicht waren, daher hab ich das jetz für dich gesplitet.

Ich hoffe dass es so auch ausreicht für Dich


Antwort
Seite 2 von 2 1 2

Themen zu Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen
bekannte, download, dringend, hijacker, liebe, lieben, plagegeist, problem, programme, programmen, schonmal, schwierigkeiten, schätze, search.certified-toolbar.com / hijacker ? / unerwünschter downloaad /, tolle, unbekannte, unbekannten, unterstützung, wünsche


« TrojanDropper:Win32/Sirefef.B -oder doch nicht | QV06 entfernen! »


Ähnliche Themen: Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen


  1. PC nach unbekannten Programmen sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (3)
  2. PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (23)
  3. certified-toolbar.com entfernen
    Anleitungen, FAQs & Links - 10.10.2013 (2)
  4. search.certified-toolbar.com einfach gelöscht in Firefox
    Log-Analyse und Auswertung - 05.10.2013 (3)
  5. Selbstständiges Öffnen von Webseiten & Certified-Toolbar-Search
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (14)
  6. Certified Toolbar nach download eingefangen
    Log-Analyse und Auswertung - 16.09.2013 (14)
  7. Windows 7, search.certified-toolbar.com
    Log-Analyse und Auswertung - 14.09.2013 (21)
  8. Windows 7: Hijackerbefall search.certified-toolbar.com
    Log-Analyse und Auswertung - 11.09.2013 (9)
  9. search.certified-toolbar entfernen?
    Log-Analyse und Auswertung - 01.09.2013 (19)
  10. "NAV-Links" und "Certified-Toolbar (Search)" rauben mir den letzten Nerv! Was tun?
    Log-Analyse und Auswertung - 23.08.2013 (8)
  11. Search.certified-toolbar.com... Logfile Auswertung
    Log-Analyse und Auswertung - 30.06.2013 (11)
  12. Certified-toolbar -Search Startseite Problem
    Log-Analyse und Auswertung - 16.02.2013 (8)
  13. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (38)
  14. certified toolbar eingefangen - Browser hijacker
    Log-Analyse und Auswertung - 29.01.2013 (19)
  15. Search.certified-toolbar.com Browser Hijacker entfernen
    Anleitungen, FAQs & Links - 28.01.2013 (2)
  16. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (3)
  17. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen - Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Schritt 1 Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ Bitte deaktiviere während des - Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen...
Archiv
Du betrachtest: Hijacker? -> search.certified-toolbar / ständig download wünsche von unbekannten programmen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131