besserpunker | 09.05.2013 21:51 | Hi smeenk!
Vielen Dank für deine Hilfe! :daumenhoc Ich hatte den ersten Beitrag eigentlich versehentlich durch Enter-drücken gepostet, war da etwas hastig. Ich hatte auch schon logfiles mit OTL erstellt und wartete ncoh auf den gmer scan, aber währenddessen hatte ich einen Bluescreen, ich nehme an, dass der gmer Scan durch die eingebaute SSD mein System ein bisschen überfordert hat.
nichts desto trotz, hier mein Log: Code:
Zoek.exe Version 4.0.0.2 Updated 06-May-2013
Tool run by Thomas on 09.05.2013 at 22:36:27,60.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default
---- Lines incredibar removed from prefs.js ----
user_pref("extensions.incredibar.actvtyRptTime", "1363808633484");
user_pref("extensions.incredibar.admin", true);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.afterInstallRpt", "sent");
user_pref("extensions.incredibar.cntry", "DE");
user_pref("extensions.incredibar.dfltLng", "EN");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.dfltlng", "en");
user_pref("extensions.incredibar.dfltsrch", "false");
user_pref("extensions.incredibar.did", "10643");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "C775B4DEE77A764FB459EFA8798ABB1E");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.hrdid", "680e2ea700000000000000059a3c7a00");
user_pref("extensions.incredibar.id", "680e2ea700000000000000059a3c7a00");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15720");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.instlday", "15720");
user_pref("extensions.incredibar.instlref", "");
user_pref("extensions.incredibar.isDcmntCmplt", false);
user_pref("extensions.incredibar.isdcmntcmplt", "false");
user_pref("extensions.incredibar.keywordurl", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1414:29:09");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.newtab", "false");
user_pref("extensions.incredibar.newtaburl", "");
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "1451");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.prtnrid", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.smplgrp", "none");
user_pref("extensions.incredibar.srch", "");
user_pref("extensions.incredibar.srchprvdr", "");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrid", "base");
user_pref("extensions.incredibar.upn2", "6PQVSG5mdW");
user_pref("extensions.incredibar.upn2n", "92544276328418224");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1414:29:09");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar.vrsnts", "1.5.11.1414:29:09");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10643");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "680e2ea700000000000000059a3c7a00");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15720");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "1451");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQVSG5mdW&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6PQVSG5mdW");
user_pref("extensions.incredibar_i.upn2n", "92544276328418224");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1414:29:09");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
---- Lines incredibar modified from prefs.js ----
---- Lines incredibar removed from user.js ----
---- Lines mystart removed from prefs.js ----
---- Lines mystart modified from prefs.js ----
---- Lines mystart removed from user.js ----
---- Lines ask.com removed from prefs.js ----
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- Lines ask.com modified from prefs.js ----
---- Lines ask.com removed from user.js ----
---- Lines Web Search removed from prefs.js ----
---- Lines Web Search modified from prefs.js ----
---- Lines Web Search removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user__2238_.backup
prefs__2238_.backup
==== Deleting Files \ Folders ======================
"C:\user.js" deleted
"C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\searchplugins\MyStart Search.xml" deleted
"C:\user.js" deleted
"C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\searchplugins\MyStart Search.xml" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted
"C:\Program Files (x86)\PriceGong" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted
"C:\Users\Thomas\AppData\LocalLow\PriceGong" deleted
"C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\jetpack" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Thomas\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2013-05-03 13:38:27 F1CA8FEDC78B502E3A2C7D17D493BA5A 113976 ----a-w- C:\Windows\SysWOW64\SynTPCOM.dll
2013-05-03 13:38:27 A025950C3C1DE4BF048E1EF1E5AF712C 539960 ----a-w- C:\Windows\SysWOW64\SynCOM.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-05-03 13:38:27 5CFA3EF0998CDC92E9E820AFE07D0F49 229176 ----a-w- C:\Windows\Sysnative\SynTPAPI.dll
2013-05-03 13:38:27 06EBBD161241E7990ABA9FED25664C1A 177976 ----a-w- C:\Windows\Sysnative\SynTPCo14.dll
2013-05-02 10:32:22 BAC5074667751F72A9CE48CDC31BAC48 10752 ----a-w- C:\Windows\Sysnative\E_GCINST.DLL
2013-05-02 10:32:22 6FE91BDE1F8B9FD1A49D434643DE1370 118784 ----a-w- C:\Windows\Sysnative\E_YLMHHE.DLL
2013-05-02 10:32:22 28D7498FC2EEFB421602A115B11A949C 83456 ----a-w- C:\Windows\Sysnative\E_YD4BHHE.DLL
2013-05-02 10:21:41 AE218165501881AF5A4CDF3A74711DC2 145408 ----a-w- C:\Windows\Sysnative\E_2LM0CE.DLL
2013-05-02 10:21:41 8159960E8BA20F1C4A4EBCF0DAEC60E5 83968 ----a-w- C:\Windows\Sysnative\E_2D4B0CE.DLL
====== C:\Windows\Sysnative\drivers =====
2013-05-03 13:38:27 BB3E8D7B5165672A71392DB27028144B 460600 ----a-w- C:\Windows\Sysnative\drivers\SynTP.sys
2013-05-03 13:38:26 E11C9E13E92DA6747363924CFFCBD7EF 44344 ----a-w- C:\Windows\Sysnative\drivers\Smb_driver_Intel.sys
2013-05-03 13:36:29 96E22173FD0E2670A2A20C1EEECA162A 598808 ----a-w- C:\Windows\Sysnative\drivers\btwampfl.sys
2013-05-03 13:34:49 EDD953D635F3AA89EF902E3F82D60D22 21544 ----a-w- C:\Windows\Sysnative\drivers\btwrchid.sys
2013-05-03 13:34:49 B1ACFD00CDD13B48D86F46BFEC153BF9 39976 ----a-w- C:\Windows\Sysnative\drivers\btwl2cap.sys
2013-05-03 13:34:49 A771078558477068DFD8037B82EB00F8 184144 ----a-w- C:\Windows\Sysnative\drivers\btwaudio.sys
2013-05-03 13:34:49 9FF58F76024D25784755B01F926B00BE 210984 ----a-w- C:\Windows\Sysnative\drivers\btwavdt.sys
2013-05-02 08:46:56 4BDDB42CB6BF46452FA7155EA5381576 83160 ----a-w- C:\Windows\Sysnative\drivers\avnetflt.sys
2013-04-24 12:20:39 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2013-04-10 06:35:45 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys
====== C:\Windows\Tasks ======
2013-05-06 09:14:17 00A20C3E8CA6E0605677F422FF73CE1E 382 ----a-w- C:\Windows\Tasks\VideoSaver Update.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-05-02 10:35:54 -------- d-----w- C:\Program Files\Common Files\EPSON
======= C:\Program Files (x86) =====
2013-05-06 09:14:17 -------- d-----w- C:\Program Files (x86)\VideoSaver
2013-05-06 09:13:50 -------- d-----w- C:\Program Files (x86)\Google Books Downloader
2013-05-03 12:45:38 -------- d-----w- C:\Program Files (x86)\XING Connector
2013-05-03 12:43:07 -------- d-----w- C:\Program Files (x86)\MSECache
2013-04-22 13:05:05 -------- d-----w- C:\Program Files (x86)\RocketDock
2013-04-22 12:40:59 -------- d-----w- C:\Program Files (x86)\Microcontroller
2013-04-22 12:39:34 -------- d-----w- C:\Program Files (x86)\fritzing.2013.02.25.pc
2013-04-22 08:28:25 -------- d-----w- C:\Program Files (x86)\arduino-1.0.4
2013-04-22 08:19:22 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2013-04-22 08:19:22 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
======= C: =====
====== C:\Users\Thomas\AppData\Roaming ======
2013-05-09 20:30:58 -------- d-----w- C:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-05-04 07:58:27 -------- d-----w- C:\users\Thomas\AppData\Local\Broadcom
2013-05-03 12:59:24 60141C171E6CF80CE7CE6DE457C9FE83 37511 ----a-w- C:\users\Thomas\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2013-05-03 12:48:32 -------- d-----w- C:\users\Thomas\AppData\Local\XING Connector
2013-04-22 13:25:38 -------- d-----w- C:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-04-22 12:52:20 -------- d-----w- C:\users\Thomas\AppData\Roaming\Fritzing
2013-04-22 08:30:17 -------- d-----w- C:\users\Thomas\AppData\Roaming\Arduino
2013-04-20 11:16:20 -------- d-----w- C:\users\Thomas\AppData\Local\Apps
2013-04-19 09:46:57 -------- d-----w- C:\users\Thomas\AppData\Roaming\DVDVideoSoft
2013-04-19 09:03:56 -------- d-----w- C:\users\Thomas\AppData\Roaming\Intelore
====== C:\Users\Thomas ======
2013-05-09 19:53:06 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Thomas\defogger_reenable
2013-05-06 09:13:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Books Downloader
2013-05-03 13:40:06 -------- d-----w- C:\ProgramData\Intel
2013-05-03 13:39:45 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2013-05-02 10:01:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2013-04-28 18:54:25 -------- d-----w- C:\Users\Thomas\Application Data
2013-04-24 12:25:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2013-04-22 13:05:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2013-04-19 09:47:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
====== C: exe-files ==
2013-05-09 20:17:02 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Thomas\Desktop\gmer_2.1.19163.exe
2013-05-09 20:17:02 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Dokumente und Einstellungen\Thomas\Desktop\gmer_2.1.19163.exe
2013-05-09 20:17:02 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Documents and Settings\Thomas\Desktop\gmer_2.1.19163.exe
2013-05-09 19:52:22 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Users\Thomas\Desktop\Defogger.exe
2013-05-09 19:52:22 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Dokumente und Einstellungen\Thomas\Desktop\Defogger.exe
2013-05-09 19:52:22 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Documents and Settings\Thomas\Desktop\Defogger.exe
2013-05-09 19:50:30 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Thomas\AppData\Local\Temp\4960AAAB-52D0-479F-954F-E54C39E19AEA\DismHost.exe
2013-05-09 19:50:30 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Dokumente und Einstellungen\Thomas\AppData\Local\Temp\4960AAAB-52D0-479F-954F-E54C39E19AEA\DismHost.exe
2013-05-09 19:50:30 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Documents and Settings\Thomas\AppData\Local\Temp\4960AAAB-52D0-479F-954F-E54C39E19AEA\DismHost.exe
2013-05-09 19:42:15 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 19:42:15 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 19:42:15 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Thomas\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 19:28:30 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Thomas\Desktop\OTL.exe
2013-05-09 19:28:30 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
2013-05-09 19:28:30 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Documents and Settings\Thomas\Desktop\OTL.exe
2013-05-09 19:27:34 A95866BA166A09E360BB88DA72D4531D 628743 ----a-w- C:\Users\Thomas\Desktop\adwcleaner.exe
2013-05-09 19:27:34 A95866BA166A09E360BB88DA72D4531D 628743 ----a-w- C:\Dokumente und Einstellungen\Thomas\Desktop\adwcleaner.exe
2013-05-09 19:27:34 A95866BA166A09E360BB88DA72D4531D 628743 ----a-w- C:\Documents and Settings\Thomas\Desktop\adwcleaner.exe
2013-05-09 19:26:08 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Users\Thomas\Desktop\SystemLook.exe
2013-05-09 19:26:08 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Dokumente und Einstellungen\Thomas\Desktop\SystemLook.exe
2013-05-09 19:26:08 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Documents and Settings\Thomas\Desktop\SystemLook.exe
2013-05-09 11:14:45 21AD226CB0196E86929AB0DF72902358 329496 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000038cf\updatus.15747965_RUNASUSER.exe
2013-05-09 11:14:45 21AD226CB0196E86929AB0DF72902358 329496 ----a-w- C:\Dokumente und Einstellungen\All Users\NVIDIA\Updatus\Packages\000038cf\updatus.15747965_RUNASUSER.exe
2013-05-09 11:14:45 21AD226CB0196E86929AB0DF72902358 329496 ----a-w- C:\Documents and Settings\All Users\NVIDIA\Updatus\Packages\000038cf\updatus.15747965_RUNASUSER.exe
2013-05-07 13:19:55 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Thomas\AppData\Local\Temp\06A24F8D-8AF9-44A4-BFD3-B13F31A3C829\DismHost.exe
2013-05-07 13:19:55 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Dokumente und Einstellungen\Thomas\AppData\Local\Temp\06A24F8D-8AF9-44A4-BFD3-B13F31A3C829\DismHost.exe
2013-05-07 13:19:55 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Documents and Settings\Thomas\AppData\Local\Temp\06A24F8D-8AF9-44A4-BFD3-B13F31A3C829\DismHost.exe
2013-05-06 09:14:17 03562A80C038C33A358328BC2FC0AEB5 130721 ----a-w- C:\Program Files (x86)\VideoSaver\Uninstall.exe
2013-05-06 09:13:50 D1C99ED0D1D218D8A367C55EE6AAA450 448512 ----a-w- C:\Program Files (x86)\Google Books Downloader\gbooks.exe
2013-05-06 09:13:50 C03E87258FCA816E39F4ED422CB473B2 48668 ----a-w- C:\Program Files (x86)\Google Books Downloader\j2p.exe
2013-05-06 09:13:50 365B02C2DE2C845CCAEB419642FAE5EF 715038 ----a-w- C:\Program Files (x86)\Google Books Downloader\unins000.exe
2013-05-06 09:13:34 345EE1CF1F434378F7C13253506D763D 657781 ----a-w- C:\Users\Thomas\Downloads\gbooks.exe
2013-05-06 09:13:34 345EE1CF1F434378F7C13253506D763D 657781 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\gbooks.exe
2013-05-06 09:13:34 345EE1CF1F434378F7C13253506D763D 657781 ----a-w- C:\Documents and Settings\Thomas\Downloads\gbooks.exe
2013-05-04 08:10:41 F64ED2E0CF4F82F5F8CCEEBCD6B828FC 103272 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2013-05-04 08:10:41 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2013-05-04 08:10:41 3ECAC6384B793F4E73C71C822581EE63 54632 ----a-w- C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2013-05-04 08:10:41 2842F93E0B8EEE31CCC29C44BBE131B1 130408 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2013-05-04 08:10:41 004E16C7DCA3FB38896478DDCC4F00F0 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2013-05-03 13:38:28 4A200203E59FAABEE476367C10C762C8 123704 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2013-05-03 13:38:28 45F4888E86153C10C96D1F29F7EA46AA 339256 ----a-w- C:\Program Files\Synaptics\SynTP\Tutorial.exe
2013-05-03 13:38:28 1FAED311D7FA325CDCA1E04F1743127A 253240 ----a-w- C:\Program Files\Synaptics\SynTP\SynZMetr.exe
2013-05-03 13:38:28 1F9E83FD466C93968F42B0DC85A3DE17 158008 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
2013-05-03 13:38:27 2D98976458BF9F5F41FDE6F469F4DCF9 245048 ----a-w- C:\Program Files\Synaptics\SynTP\SynMood.exe
2013-05-03 13:38:26 CEDA968F47D8CBAB83502B24217865E6 227640 ----a-w- C:\Program Files\Synaptics\SynTP\InstNT.exe
2013-05-03 13:38:22 2F62CF6938FFCCBBF0B75D620DB217A1 59816 ----a-r- C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{1D2FF661-4402-4D75-AA40-B23FCAF81D32}\ARPPRODUCTICON.exe
2013-05-03 13:38:22 2F62CF6938FFCCBBF0B75D620DB217A1 59816 ----a-r- C:\Dokumente und Einstellungen\Thomas\AppData\Roaming\Microsoft\Installer\{1D2FF661-4402-4D75-AA40-B23FCAF81D32}\ARPPRODUCTICON.exe
2013-05-03 13:38:22 2F62CF6938FFCCBBF0B75D620DB217A1 59816 ----a-r- C:\Documents and Settings\Thomas\AppData\Roaming\Microsoft\Installer\{1D2FF661-4402-4D75-AA40-B23FCAF81D32}\ARPPRODUCTICON.exe
2013-05-03 13:37:48 906F5592CD68267E58456B6260F07320 53248 ----a-r- C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe
2013-05-03 13:37:48 906F5592CD68267E58456B6260F07320 53248 ----a-r- C:\Dokumente und Einstellungen\Thomas\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe
2013-05-03 13:37:48 906F5592CD68267E58456B6260F07320 53248 ----a-r- C:\Documents and Settings\Thomas\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe
2013-05-03 13:37:40 FEAF037ABEE5E0982715BBD1CFC1ECD1 81256 ----a-w- C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
2013-05-03 13:37:40 DCFC26141227B091E5E03ABADFD7FBDE 107880 ----a-w- C:\Program Files\Lenovo\HOTKEY\tpfnf9.exe
2013-05-03 13:37:40 DC5468747FFA249391F1298376BB0BC3 58928 ----a-w- C:\Program Files\Lenovo\HOTKEY\tpfnf8.exe
2013-05-03 13:37:40 D4A6A21E7681A1D544B22157DB43A520 797760 ----a-w- C:\Program Files\Lenovo\HOTKEY\TpFnF5.exe
2013-05-03 13:37:40 D3815DD9926D3DF4DC650D80B3C0BEC4 60512 ----a-w- C:\Program Files\Lenovo\HOTKEY\pmev2_1.exe
2013-05-03 13:37:40 C50637C1DE450C2B49F076EC485BD1BD 87136 ----a-w- C:\Program Files\Lenovo\HOTKEY\micmutes.exe
2013-05-03 13:37:40 A470093B8E24AA4993F842EC7595BEC3 107664 ----a-w- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
2013-05-03 13:37:40 864EEF4B5A7C4F8B51795A43BBD02B91 57952 ----a-w- C:\Program Files\Lenovo\HOTKEY\hlp8.exe
2013-05-03 13:37:40 7CFE36AF06E9C0984021796EDC8AC207 127072 ----a-w- C:\Program Files\Lenovo\HOTKEY\micmute.exe
2013-05-03 13:37:40 70E55D7F71DF7F57A55E4DB66117FA5C 331408 ----a-w- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
2013-05-03 13:37:40 618D5274811BB147B1A7A808110A191D 103520 ----a-w- C:\Program Files\Lenovo\HOTKEY\micmutec.exe
2013-05-03 13:37:40 5DDFA9674618D49E75A2D6607C851555 255072 ----a-w- C:\Program Files\Lenovo\HOTKEY\tpfnf6.exe
2013-05-03 13:37:40 5B62F45C87CC0FB176C5358EEA6CFB4C 125504 ----a-w- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
2013-05-03 13:37:40 5183322D039A66569D27FD00987390E6 69568 ----a-w- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
2013-05-03 13:37:40 373B3EABBE1B07E3CDE98E1452B6D131 127120 ----a-w- C:\Program Files\Lenovo\HOTKEY\tphkload.exe
2013-05-03 13:37:40 2D837F457F0BD154076C1501A8B5830C 101008 ----a-w- C:\Program Files\Lenovo\HOTKEY\shtctky.exe
2013-05-03 13:37:40 12C03195C65B3B0CEDB2FF47369DC341 96864 ----a-w- C:\Program Files\Lenovo\HOTKEY\tpfnf2.exe
2013-05-03 13:37:39 713CE098D154CB2A623D4E55D5A5BE88 45504 ----a-w- C:\Program Files\Lenovo\HOTKEY\2ndlcd.exe
2013-05-03 13:27:50 DE30D887A7E0DA9AA1AEB15ADD162780 76200 ----a-w- C:\ProgramData\Lenovo\SystemUpdate\session\Repository\lpuw32_1324\lpudetector_32.exe
2013-05-03 13:27:50 DE30D887A7E0DA9AA1AEB15ADD162780 76200 ----a-w- C:\Dokumente und Einstellungen\All Users\Lenovo\SystemUpdate\session\Repository\lpuw32_1324\lpudetector_32.exe
2013-05-03 13:27:50 DE30D887A7E0DA9AA1AEB15ADD162780 76200 ----a-w- C:\Documents and Settings\All Users\Lenovo\SystemUpdate\session\Repository\lpuw32_1324\lpudetector_32.exe
2013-05-03 13:27:50 B8F618C9DD0C008E9CA1E9F41A3B840F 76200 ----a-w- C:\ProgramData\Lenovo\SystemUpdate\session\Repository\lpuw64_1324\lpudetector_64.exe
2013-05-03 13:27:50 B8F618C9DD0C008E9CA1E9F41A3B840F 76200 ----a-w- C:\Dokumente und Einstellungen\All Users\Lenovo\SystemUpdate\session\Repository\lpuw64_1324\lpudetector_64.exe
2013-05-03 13:27:50 B8F618C9DD0C008E9CA1E9F41A3B840F 76200 ----a-w- C:\Documents and Settings\All Users\Lenovo\SystemUpdate\session\Repository\lpuw64_1324\lpudetector_64.exe
2013-05-03 13:27:50 A40BEA3584CBF0941D4EEDA09EBF36C3 50536 ----a-w- C:\ProgramData\Lenovo\SystemUpdate\session\Repository\g1c781wwpatch01\acpatch59501.exe
2013-05-03 13:27:50 A40BEA3584CBF0941D4EEDA09EBF36C3 50536 ----a-w- C:\Dokumente und Einstellungen\All Users\Lenovo\SystemUpdate\session\Repository\g1c781wwpatch01\acpatch59501.exe
2013-05-03 13:27:50 A40BEA3584CBF0941D4EEDA09EBF36C3 50536 ----a-w- C:\Documents and Settings\All Users\Lenovo\SystemUpdate\session\Repository\g1c781wwpatch01\acpatch59501.exe
2013-05-03 13:27:50 7A8D7BD370DF31E358FC9EB88D9DBE16 62824 ----a-w- C:\ProgramData\Lenovo\SystemUpdate\session\Repository\g7fu03ww\bfudet.exe
2013-05-03 13:27:50 7A8D7BD370DF31E358FC9EB88D9DBE16 62824 ----a-w- C:\Dokumente und Einstellungen\All Users\Lenovo\SystemUpdate\session\Repository\g7fu03ww\bfudet.exe
2013-05-03 13:27:50 7A8D7BD370DF31E358FC9EB88D9DBE16 62824 ----a-w- C:\Documents and Settings\All Users\Lenovo\SystemUpdate\session\Repository\g7fu03ww\bfudet.exe
2013-05-03 13:27:50 567791A7E178A12171F11410F1012231 54120 ----a-w- C:\ProgramData\Lenovo\SystemUpdate\session\Repository\tpfnf510045patch01\tpfnf5patch.exe
2013-05-03 13:27:50 567791A7E178A12171F11410F1012231 54120 ----a-w- C:\Dokumente und Einstellungen\All Users\Lenovo\SystemUpdate\session\Repository\tpfnf510045patch01\tpfnf5patch.exe
2013-05-03 13:27:50 567791A7E178A12171F11410F1012231 54120 ----a-w- C:\Documents and Settings\All Users\Lenovo\SystemUpdate\session\Repository\tpfnf510045patch01\tpfnf5patch.exe
2013-05-03 12:45:19 B4859CD31C50E47E9F144A085B2EA463 2534440 ----a-w- C:\Users\Thomas\Downloads\XING_Connector_x86_v1.2_install.exe
2013-05-03 12:45:19 B4859CD31C50E47E9F144A085B2EA463 2534440 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\XING_Connector_x86_v1.2_install.exe
2013-05-03 12:45:19 B4859CD31C50E47E9F144A085B2EA463 2534440 ----a-w- C:\Documents and Settings\Thomas\Downloads\XING_Connector_x86_v1.2_install.exe
2013-05-03 12:44:24 06C51ED6BA6A17B0FECC4B5167E64A14 12605960 ----a-w- C:\Users\Thomas\Downloads\OSCFB-x86-de-de.exe
2013-05-03 12:44:24 06C51ED6BA6A17B0FECC4B5167E64A14 12605960 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\OSCFB-x86-de-de.exe
2013-05-03 12:44:24 06C51ED6BA6A17B0FECC4B5167E64A14 12605960 ----a-w- C:\Documents and Settings\Thomas\Downloads\OSCFB-x86-de-de.exe
2013-05-03 12:43:48 0CC2C83438A8BB9D4460B81CD2C60625 12603768 ----a-w- C:\Users\Thomas\Downloads\OSCFB-x86-en-us.exe
2013-05-03 12:43:48 0CC2C83438A8BB9D4460B81CD2C60625 12603768 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\OSCFB-x86-en-us.exe
2013-05-03 12:43:48 0CC2C83438A8BB9D4460B81CD2C60625 12603768 ----a-w- C:\Documents and Settings\Thomas\Downloads\OSCFB-x86-en-us.exe
2013-05-03 12:42:49 8CE201B4FA532E1DF4C90EF8A19896CB 10159624 ----a-w- C:\Users\Thomas\Downloads\OSCFB-x64-de-de.exe
2013-05-03 12:42:49 8CE201B4FA532E1DF4C90EF8A19896CB 10159624 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\OSCFB-x64-de-de.exe
2013-05-03 12:42:49 8CE201B4FA532E1DF4C90EF8A19896CB 10159624 ----a-w- C:\Documents and Settings\Thomas\Downloads\OSCFB-x64-de-de.exe
=== C: other files ==
2013-05-09 19:34:07 9EDD9D9D88AC3583E783E1C984F869C2 534214 ----a-w- C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
2013-05-09 19:34:07 9EDD9D9D88AC3583E783E1C984F869C2 534214 ----a-w- C:\Dokumente und Einstellungen\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
2013-05-09 19:34:07 9EDD9D9D88AC3583E783E1C984F869C2 534214 ----a-w- C:\Documents and Settings\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
2013-05-04 12:24:19 474AA84683E96DBE0F77BB54DACC31CF 493587826 ----a-w- C:\Users\Thomas\Downloads\2013-02-09-wheezy-raspbian(1).zip
2013-05-04 12:24:19 474AA84683E96DBE0F77BB54DACC31CF 493587826 ----a-w- C:\Dokumente und Einstellungen\Thomas\Downloads\2013-02-09-wheezy-raspbian(1).zip
2013-05-04 12:24:19 474AA84683E96DBE0F77BB54DACC31CF 493587826 ----a-w- C:\Documents and Settings\Thomas\Downloads\2013-02-09-wheezy-raspbian(1).zip
2013-05-03 13:38:27 BB3E8D7B5165672A71392DB27028144B 460600 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2013-05-03 13:38:26 E11C9E13E92DA6747363924CFFCBD7EF 44344 ----a-w- C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-05-03 13:36:29 96E22173FD0E2670A2A20C1EEECA162A 598808 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-05-03 13:34:49 EDD953D635F3AA89EF902E3F82D60D22 21544 ----a-w- C:\Windows\System32\drivers\btwrchid.sys
2013-05-03 13:34:49 EDD953D635F3AA89EF902E3F82D60D22 21544 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwrchid.sys
2013-05-03 13:34:49 D70CEC0C62FDC1772ACD42EEF467F491 165688 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\bcbtums.sys
2013-05-03 13:34:49 B1ACFD00CDD13B48D86F46BFEC153BF9 39976 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys
2013-05-03 13:34:49 B1ACFD00CDD13B48D86F46BFEC153BF9 39976 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\BTWL2CAP.sys
2013-05-03 13:34:49 A771078558477068DFD8037B82EB00F8 184144 ----a-w- C:\Windows\System32\drivers\btwaudio.sys
2013-05-03 13:34:49 A771078558477068DFD8037B82EB00F8 184144 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwaudio.sys
2013-05-03 13:34:49 9FF58F76024D25784755B01F926B00BE 210984 ----a-w- C:\Windows\System32\drivers\btwavdt.sys
2013-05-03 13:34:49 9FF58F76024D25784755B01F926B00BE 210984 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwavdt.sys
2013-05-03 13:34:49 96E22173FD0E2670A2A20C1EEECA162A 598808 ----a-w- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwampfl.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Thomas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe"
[HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart"
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HPUsageTrackingLEDM"="C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe C:\Program Files (x86)\HP\HP UT LEDM\"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Cisco AnyConnect Secure Mobility Agent for Windows"="C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe -minimized"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Thomas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t"
"PasswordManager"="C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"AcWin7Hlpr"="C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe"
"PSQLLauncher"="C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe /startup"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe"
"TpShocks"="TpShocks.exe"
"IntelPROSet"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PROSet/Wireless"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Folders ======================
2012-12-10 09:37:26 1057 ----a-w- C:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-05-03 13:34:45 890 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2012-11-09 06:36:59 2210 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
2012-11-21 06:50:35 2342 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Driver.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [28.04.2013 19:51]
C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job --a------ C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [20.07.2012 19:59]
C:\Windows\tasks\VideoSaver Update.job --a------ C:\Program Files (x86)\VideoSaver\vdsvrur.exe [23.04.2013 23:57]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default
- ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
- VideoSaver - C:\Program Files (x86)\VideoSaver\FF
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\ich@maltegoetz.de
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- FireGestures - %ProfilePath%\extensions\firegestures@xuldev.org.xpi
- ProxMate - unblock the Internet - %ProfilePath%\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
- All-in-One Sidebar - %ProfilePath%\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Smartest Bookmarks Bar - %ProfilePath%\extensions\{b442f4c0-c292-4998-aabe-48608a73ba75}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\zt4y1k0p.default
F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files (x86)\PriceGong\2.6.11\pricegong.crx[]
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]
geempcnjhccnoepfmahaeemnnfnignab - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx[23.10.2012 10:09]
ifjgookacnmjghjfagggbkpebmndnbib - C:\Program Files (x86)\VideoSaver\Chrome.crx[23.04.2013 23:57]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://mystart.incredibar.com/mb201?a=6PQVSG5mdW&i=26"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-749215193-2318488270-1408264733-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Thomas\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thomas\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\users\Thomas\AppData\Local\Mozilla\Firefox\Profiles\zt4y1k0p.default\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Thomas\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied |