Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Savings Sidekick entfernen? (https://www.trojaner-board.de/127257-savings-sidekick-entfernen.html)

Littlecookie 19.11.2012 21:49
Savings Sidekick entfernen?
 
Hallo,
habe eben ein Add On "Savings Sidekick" in meinem Ordner entdeckt & mich ein wenig informiert und gesehen, dass es sich hier um einen Virus handelt? Würde zu den anderen Symptomen auf meinem Pc passen ..
Wie genau kann ich den Virus entfernen?
Vielen Dank :)

Swisstreasure 19.11.2012 23:54
:hallo:

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Schritt 1

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Schritt 2

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
explorer.exe
regedit.exe
winlogon.exe
wininit.exe
userinit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Littlecookie 22.11.2012 22:44
Hallo :)
Erstmal vielen Dank und hier die Logs:

Code:
# AdwCleaner v2.008 - Datei am 22/11/2012 um 22:21:54 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : LittleCookieMonster - SUNNY
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Browser Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\Uninstall.exe
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search
Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Secure Search
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AVG Secure Search
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Ask.com.tmp
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKU\S-1-5-21-2251252056-1386308966-2160917863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default
Datei : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\prefs.js

Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=[...]
Gefunden : user_pref("avg.install.userSPSettings", "Claro Search");
Gefunden : user_pref("browser.search.order.1", "Claro Search");
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1");
Gefunden : user_pref("extensions.asktb.cbid", "LL");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2012.01.10+14.00.25-toolbar011iad-DE-Q29sb2duZSxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Gefunden : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0018");
Gefunden : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "3de52a0a-94a6-4890-a2e6-68a1d168166e");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1353618890949");
Gefunden : user_pref("extensions.asktb.last-v", "3.14.0.100010");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Cologne,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "APN10023");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "4");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.timeinstalled", "10.01.2012 23:01:27");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.v", "3.14.0.100015");
Gefunden : user_pref("extensions.asktb.version", "5.14.0.19934");
Gefunden : user_pref("extensions.enabledAddons", "{dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175,toolbar@as[...]
Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Gefunden : user_pref("keyword.URL", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=[...]

-\\ Google Chrome v23.0.1271.64

Datei : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [14478 octets] - [22/11/2012 22:21:54]

########## EOF - C:\AdwCleaner[R1].txt - [14539 octets] ##########

und vom OTL:

Code:
OTL logfile created on: 22.11.2012 22:25:55 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\LittleCookieMonster\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 60,84% Memory free
7,90 Gb Paging File | 5,31 Gb Available in Paging File | 67,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,78 Gb Total Space | 387,55 Gb Free Space | 85,78% Space Free | Partition Type: NTFS
 
Computer Name: SUNNY | User Name: LittleCookieMonster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.22 22:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
PRC - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
PRC - [2012.10.09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012.10.09 14:41:08 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.08.09 01:03:43 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.10 05:43:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.10 05:43:04 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.10 05:43:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.10.01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.03.05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011.02.15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.29 04:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.11.26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 17:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.03.28 22:11:38 | 003,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.16 20:01:55 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d1a34ee93168657925ce2cfc68d8b63c\IAStorUtil.ni.dll
MOD - [2012.11.16 20:01:55 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\54d19fac3bfc693f87db68571844895a\IAStorCommon.ni.dll
MOD - [2012.11.16 17:11:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.16 17:10:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.16 17:10:47 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.16 17:10:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.16 17:10:23 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.16 17:10:16 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.16 17:10:12 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.16 17:10:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
MOD - [2012.11.02 19:59:20 | 002,139,168 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll
MOD - [2011.08.08 15:30:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.29 04:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.10.13 21:28:54 | 000,245,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010.10.13 21:28:54 | 000,200,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010.10.13 21:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.11.05 15:05:34 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe -- (Browser Manager)
SRV - [2012.10.10 18:09:05 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV - [2012.10.09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.08.30 12:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.10 05:43:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.10 05:43:04 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.10 05:43:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.19 18:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.04.29 16:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.03.30 08:09:12 | 001,021,112 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011.03.29 07:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.03.01 20:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.28 09:29:18 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.02.25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 21:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.02.14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.10.07 19:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.08.09 13:41:46 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.10 05:43:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.10 05:43:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.01.09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012.01.09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.05.07 16:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2011.04.29 16:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.04.29 16:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.04.29 16:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.04.29 16:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.04.29 16:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.04.29 16:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.04.29 16:19:34 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.29 10:00:53 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.03.29 09:55:05 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.29 07:51:30 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 07:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.29 04:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 16:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.02.17 04:06:44 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.02.16 13:50:45 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.13 21:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010.10.13 21:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010.10.13 21:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.09.19 04:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 04:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 04:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2012.08.30 12:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN27301980816160-1600&toolbarId=base&affiliateId=1001&Lan=de&utid=6a006b410000000000009439e59ca67d
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 39 81 93 F0 C8 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_4&babsrc=SP_clro&mntrId=6a006b410000000000009439e59ca67d
IE - HKCU\..\SearchScopes\{137CD41F-3FD0-4929-90DD-2009459EF53B}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\..\SearchScopes\{2AE2AA52-55F3-4A11-8FA9-50485DBD3540}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Claro Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175
FF - prefs.js..extensions.enabledAddons: toolbar@ask.com:3.14.0.100015
FF - prefs.js..keyword.URL: "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=6a006b410000000000009439e59ca67d&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\LittleCookieMonster\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\LittleCookieMonster\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.11.05 15:19:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.09.06 22:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.11.05 15:19:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 15:05:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012.11.05 15:02:07 | 000,000,000 | ---D | M]
 
[2012.01.07 21:10:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Extensions
[2012.11.21 23:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions
[2012.11.21 23:27:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.11.05 15:26:47 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\ffxtlbr@zonealarm.com
[2012.08.23 19:16:09 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com
[2012.08.18 22:39:19 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\firefox\profiles\pjkyo19l.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012.11.21 23:27:00 | 000,804,737 | ---- | M] () (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\firefox\profiles\pjkyo19l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.30 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.05 15:02:07 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.4.897.175\{61D8B74E-8D89-46FF-AFA6-33382C54AC73}\FIREFOXEXTENSION
[2012.11.05 15:05:34 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.10.13 21:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.11.05 15:05:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 16:55:48 | 000,003,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.11.05 15:02:14 | 000,006,522 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.11.05 15:05:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.05 15:05:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.05 15:05:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.05 15:05:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.05 15:05:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=HP_clro&mntrId=6a006b410000000000009439e59ca67d
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop\2.3.17.1_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110808065433.dll (McAfee, Inc.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120107213422.dll (McAfee, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6500FF66-A527-483E-BAEE-E230BB665EE8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\24897~1.175\{61d8b~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5450ba85-33da-11e2-93f0-9439e59ca67e}\Shell - "" = AutoRun
O33 - MountPoints2\{5450ba85-33da-11e2-93f0-9439e59ca67e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.22 22:23:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
[2012.11.22 22:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.11.22 22:11:50 | 000,000,000 | R--D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.11.21 17:39:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.11.21 17:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.11.21 17:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012.11.05 15:20:33 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012.11.05 15:20:31 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012.11.05 15:20:29 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.11.05 15:20:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.11.05 15:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.11.05 15:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2012.11.05 15:02:05 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick
[2012.11.05 15:01:53 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
[2012.11.05 15:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.05 15:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.10.31 11:38:36 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\Documents\ForceField Shared Files
[2012.10.31 00:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.10.31 00:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.10.24 16:56:29 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search
[2012.10.24 16:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.10.24 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012.10.24 16:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012.10.24 16:54:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.24 16:52:12 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\PDF Software
[2012.10.24 16:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Soda PDF 5
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.22 22:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
[2012.11.22 22:20:47 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.22 22:20:47 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.22 22:19:27 | 000,543,531 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
[2012.11.22 22:16:39 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.22 22:16:39 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.22 22:16:39 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.22 22:16:39 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.22 22:16:38 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.22 22:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.22 22:10:53 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.22 21:48:01 | 000,001,176 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000UA.job
[2012.11.22 21:48:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000Core.job
[2012.11.21 17:39:48 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.21 17:39:44 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.16 17:00:34 | 000,301,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.08 00:50:07 | 000,002,554 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Google Chrome.lnk
[2012.11.05 15:25:05 | 000,415,934 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.11.05 15:19:58 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.05 15:11:21 | 000,000,125 | ---- | M] () -- C:\user.js
[2012.11.03 21:30:44 | 000,690,037 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Seminarplan und Literatur.pdf
[2012.11.02 16:42:23 | 000,237,899 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Reading fur 29. Okt.(1).pdf
[2012.10.26 20:08:08 | 001,818,470 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Foto0616.jpg
[2012.10.24 17:39:32 | 007,922,260 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Connell_2009_Lg diversity and lg choice.pdf
[2012.10.24 17:03:11 | 000,065,081 | ---- | M] () -- C:\Users\LittleCookieMonster\Documents\Aufgabe vom 19.10.12 S.Groetelaer 5634121.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.22 22:19:15 | 000,543,531 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
[2012.11.21 17:03:35 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.21 17:03:35 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.16 11:13:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 11:02:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.05 15:19:58 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.05 15:11:21 | 000,000,125 | ---- | C] () -- C:\user.js
[2012.11.03 21:30:43 | 000,690,037 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Seminarplan und Literatur.pdf
[2012.11.02 16:42:23 | 000,237,899 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Reading fur 29. Okt.(1).pdf
[2012.10.26 20:08:18 | 001,818,470 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Foto0616.jpg
[2012.10.24 17:38:57 | 007,922,260 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Connell_2009_Lg diversity and lg choice.pdf
[2012.10.24 17:03:10 | 000,065,081 | ---- | C] () -- C:\Users\LittleCookieMonster\Documents\Aufgabe vom 19.10.12 S.Groetelaer 5634121.pdf
[2011.03.30 02:46:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.30 02:46:47 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.30 02:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 00:03:27 | 001,642,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.05 15:01:53 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
[2012.05.28 19:34:02 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\CheckPoint
[2012.10.24 17:01:07 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PDF Software
[2012.02.10 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PhotoFiltre 7
[2012.07.21 22:22:42 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PhotoScape
[2012.11.19 23:39:21 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\SoftGrid Client
[2012.04.16 19:56:40 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\TP
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< # AdwCleaner v2.008 - Datei am 22/11/2012 um 22:21:54 erstellt >
Invalid Switch: 2012 um 22:21:54 erstellt
 
< # Aktualisiert am 17/11/2012 von Xplode >
Invalid Switch: 2012 von Xplode
 
< # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.01.16 14:23:17 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000Core.job
[2012.01.16 14:23:17 | 000,001,176 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000UA.job
 
< # Benutzer : LittleCookieMonster - SUNNY >
 
< # Bootmodus : Normal >
 
< # Ausgeführt unter : C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe >
 
< # Option [Suche] >
 
<  >
 
<  >
 
< **** [Dienste] **** >
 
<  >
 
< Gefunden : Browser Manager >
 
<  >
 
< ***** [Dateien / Ordner] ***** >
Invalid Switch: Ordner] *****
 
<  >
 
< Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml >
 
< Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml >
 
< Datei Gefunden : C:\user.js >
 
< Datei Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\Uninstall.exe >
 
< Ordner Gefunden : C:\Program Files (x86)\Ask.com >
 
< Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search >
 
< Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search >
 
< Ordner Gefunden : C:\ProgramData\AVG Secure Search >
 
< Ordner Gefunden : C:\ProgramData\Babylon >
 
< Ordner Gefunden : C:\ProgramData\Browser Manager >
 
< Ordner Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\AskSearch >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AskToolbar >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AskToolbar >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AVG Secure Search >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Babylon >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com >
 
< Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} >
 
<  >
 
< ***** [Registrierungsdatenbank] ***** >
 
<  >
 
< Schlüssel Gefunden : HKCU\Software\APN >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick >
 
< Schlüssel Gefunden : HKCU\Software\Ask.com >
 
< Schlüssel Gefunden : HKCU\Software\Ask.com.tmp >
 
< Schlüssel Gefunden : HKCU\Software\AskToolbar >
 
< Schlüssel Gefunden : HKCU\Software\Conduit >
 
< Schlüssel Gefunden : HKCU\Software\Cr_Installer >
 
< Schlüssel Gefunden : HKCU\Software\DataMngr >
 
< Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar >
 
< Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} >
 
< Schlüssel Gefunden : HKCU\Software\Softonic >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} >
 
< Schlüssel Gefunden : HKLM\Software\APN >
 
< Schlüssel Gefunden : HKLM\Software\AskToolbar >
 
< Schlüssel Gefunden : HKLM\Software\Babylon >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} >
 
< Schlüssel Gefunden : HKLM\Software\DataMngr >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKU\S-1-5-21-2251252056-1386308966-2160917863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} >
 
< Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] >
 
< Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] >
 
< Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] >
 
< Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] >
 
<  >
 
< ***** [Internet Browser] ***** >
 
<  >
 
< -\\ Internet Explorer v9.0.8112.16421 >
 
<  >
 
< [OK] Die Registrierungsdatenbank ist sauber. >
 
<  >
 
< -\\ Mozilla Firefox v16.0.2 (de) >
 
<  >
 
< Profilname : default  >
 
< Datei : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\prefs.js >
 
<  >
 
< Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=[...] >
 
< Gefunden : user_pref("avg.install.userSPSettings", "Claro Search"); >
 
< Gefunden : user_pref("browser.search.order.1", "Claro Search"); >
 
< Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); >
 
< Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1"); >
 
< Gefunden : user_pref("extensions.asktb.cbid", "LL"); >
 
< Gefunden : user_pref("extensions.asktb.config-updated", true); >
 
< Gefunden : user_pref("extensions.asktb.crumb", "2012.01.10+14.00.25-toolbar011iad-DE-Q29sb2duZSxHZXJtYW55"); >
 
< Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...] >
 
< Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE"); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0018"); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C"); >
 
< Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true); >
 
< Gefunden : user_pref("extensions.asktb.fresh-install", false); >
 
< Gefunden : user_pref("extensions.asktb.guid", "3de52a0a-94a6-4890-a2e6-68a1d168166e"); >
 
< Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...] >
 
< Gefunden : user_pref("extensions.asktb.if", "first"); >
 
< Gefunden : user_pref("extensions.asktb.l", "dis"); >
 
< Gefunden : user_pref("extensions.asktb.last-config-req", "1353618890949"); >
 
< Gefunden : user_pref("extensions.asktb.last-v", "3.14.0.100010"); >
 
< Gefunden : user_pref("extensions.asktb.locale", "de_DE"); >
 
< Gefunden : user_pref("extensions.asktb.location", "Cologne,Germany"); >
 
< Gefunden : user_pref("extensions.asktb.notification-shown", true); >
 
< Gefunden : user_pref("extensions.asktb.o", "APN10023"); >
 
< Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); >
 
< Gefunden : user_pref("extensions.asktb.qsrc", "2871"); >
 
< Gefunden : user_pref("extensions.asktb.r", "4"); >
 
< Gefunden : user_pref("extensions.asktb.sa", "NO"); >
 
< Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true); >
 
< Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); >
 
< Gefunden : user_pref("extensions.asktb.themeid", ""); >
 
< Gefunden : user_pref("extensions.asktb.timeinstalled", "10.01.2012 23:01:27"); >
 
< Gefunden : user_pref("extensions.asktb.to", ""); >
 
< Gefunden : user_pref("extensions.asktb.v", "3.14.0.100015"); >
 
< Gefunden : user_pref("extensions.asktb.version", "5.14.0.19934"); >
 
< Gefunden : user_pref("extensions.enabledAddons", "{dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175,toolbar@as[...] >
 
< Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true); >
 
< Gefunden : user_pref("keyword.URL", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=[...] >
 
<  >
 
< -\\ Google Chrome v23.0.1271.64 >
 
<  >
 
< Datei : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Preferences >
 
<  >
 
< [OK] Die Datei ist sauber. >
 
<  >
 
< ************************* >
[2012.11.22 22:22:05 | 000,014,567 | ---- | M] () -- \AdwCleaner[R1].txt
[2012.11.22 22:10:53 | 3180,220,416 | -HS- | M] () -- \hiberfil.sys
[2011.08.08 06:20:58 | 000,321,188 | ---- | M] () -- \lv.log
[2012.11.22 22:10:55 | 4240,293,888 | -HS- | M] () -- \pagefile.sys
[2011.08.08 06:20:50 | 000,000,087 | -H-- | M] () -- \splash.idx
[2012.11.05 15:11:21 | 000,000,125 | ---- | M] () -- \user.js
[2011.01.10 18:27:44 | 000,004,112 | -H-- | M] () -- \version
 
<  >
 
< AdwCleaner[R1].txt - [14478 octets] - [22/11/2012 22:21:54] >
Invalid Switch: 2012 22:21:54]
 
<  >
 
< ########## EOF - C:\AdwCleaner[R1].txt - [14539 octets] ########## >

< End of report >

Littlecookie 22.11.2012 22:46
Hallo :)
Erstmal vielen Dank und hier die Logs:

Code:
# AdwCleaner v2.008 - Datei am 22/11/2012 um 22:21:54 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : LittleCookieMonster - SUNNY
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Browser Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\Uninstall.exe
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search
Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Secure Search
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AVG Secure Search
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Ask.com.tmp
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKU\S-1-5-21-2251252056-1386308966-2160917863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default
Datei : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\prefs.js

Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=[...]
Gefunden : user_pref("avg.install.userSPSettings", "Claro Search");
Gefunden : user_pref("browser.search.order.1", "Claro Search");
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1");
Gefunden : user_pref("extensions.asktb.cbid", "LL");
Gefunden : user_pref("extensions.asktb.config-updated", true);
Gefunden : user_pref("extensions.asktb.crumb", "2012.01.10+14.00.25-toolbar011iad-DE-Q29sb2duZSxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Gefunden : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0018");
Gefunden : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true);
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "3de52a0a-94a6-4890-a2e6-68a1d168166e");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1353618890949");
Gefunden : user_pref("extensions.asktb.last-v", "3.14.0.100010");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.location", "Cologne,Germany");
Gefunden : user_pref("extensions.asktb.notification-shown", true);
Gefunden : user_pref("extensions.asktb.o", "APN10023");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "4");
Gefunden : user_pref("extensions.asktb.sa", "NO");
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.timeinstalled", "10.01.2012 23:01:27");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.v", "3.14.0.100015");
Gefunden : user_pref("extensions.asktb.version", "5.14.0.19934");
Gefunden : user_pref("extensions.enabledAddons", "{dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175,toolbar@as[...]
Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Gefunden : user_pref("keyword.URL", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=[...]

-\\ Google Chrome v23.0.1271.64

Datei : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [14478 octets] - [22/11/2012 22:21:54]

########## EOF - C:\AdwCleaner[R1].txt - [14539 octets] ##########

und vom OTL:

Code:
OTL logfile created on: 22.11.2012 22:25:55 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\LittleCookieMonster\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 60,84% Memory free
7,90 Gb Paging File | 5,31 Gb Available in Paging File | 67,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,78 Gb Total Space | 387,55 Gb Free Space | 85,78% Space Free | Partition Type: NTFS
 
Computer Name: SUNNY | User Name: LittleCookieMonster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.22 22:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
PRC - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
PRC - [2012.10.09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012.10.09 14:41:08 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.08.09 01:03:43 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.10 05:43:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.10 05:43:04 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.05.10 05:43:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.10.01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.03.05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011.02.15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.29 04:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.11.26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 17:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.03.28 22:11:38 | 003,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.16 20:01:55 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d1a34ee93168657925ce2cfc68d8b63c\IAStorUtil.ni.dll
MOD - [2012.11.16 20:01:55 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\54d19fac3bfc693f87db68571844895a\IAStorCommon.ni.dll
MOD - [2012.11.16 17:11:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.16 17:10:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.16 17:10:47 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.16 17:10:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.16 17:10:23 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.16 17:10:16 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.16 17:10:12 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.16 17:10:03 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe
MOD - [2012.11.02 19:59:20 | 002,139,168 | ---- | M] () -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll
MOD - [2011.08.08 15:30:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.29 04:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.10.13 21:28:54 | 000,245,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010.10.13 21:28:54 | 000,200,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010.10.13 21:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010.03.10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.11.05 15:05:34 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe -- (Browser Manager)
SRV - [2012.10.10 18:09:05 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV - [2012.10.09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.08.30 12:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.10 05:43:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.10 05:43:04 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.05.10 05:43:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.19 18:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.04.29 16:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.04.29 16:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.03.30 08:09:12 | 001,021,112 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011.03.29 07:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.03.01 20:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.28 09:29:18 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.02.25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 21:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.02.14 12:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011.02.01 12:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 12:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.10.07 19:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 13:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.13 17:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.08.09 13:41:46 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.10 05:43:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.10 05:43:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.01.09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012.01.09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.05.07 16:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2011.04.29 16:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.04.29 16:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.04.29 16:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.04.29 16:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.04.29 16:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.04.29 16:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.04.29 16:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.04.29 16:19:34 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.29 10:00:53 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.03.29 09:55:05 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.29 07:51:30 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 07:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.29 04:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 16:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.02.17 04:06:44 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.02.16 13:50:45 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.13 21:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010.10.13 21:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010.10.13 21:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010.10.13 21:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.09.19 04:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 04:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 04:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2012.08.30 12:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN27301980816160-1600&toolbarId=base&affiliateId=1001&Lan=de&utid=6a006b410000000000009439e59ca67d
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 39 81 93 F0 C8 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_4&babsrc=SP_clro&mntrId=6a006b410000000000009439e59ca67d
IE - HKCU\..\SearchScopes\{137CD41F-3FD0-4929-90DD-2009459EF53B}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\..\SearchScopes\{2AE2AA52-55F3-4A11-8FA9-50485DBD3540}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Claro Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175
FF - prefs.js..extensions.enabledAddons: toolbar@ask.com:3.14.0.100015
FF - prefs.js..keyword.URL: "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=6a006b410000000000009439e59ca67d&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\LittleCookieMonster\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\LittleCookieMonster\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.11.05 15:19:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.09.06 22:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.11.05 15:19:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 15:05:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012.11.05 15:02:07 | 000,000,000 | ---D | M]
 
[2012.01.07 21:10:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Extensions
[2012.11.21 23:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions
[2012.11.21 23:27:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.11.05 15:26:47 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\ffxtlbr@zonealarm.com
[2012.08.23 19:16:09 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com
[2012.08.18 22:39:19 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\firefox\profiles\pjkyo19l.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012.11.21 23:27:00 | 000,804,737 | ---- | M] () (No name found) -- C:\Users\LittleCookieMonster\AppData\Roaming\mozilla\firefox\profiles\pjkyo19l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.30 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.05 15:02:07 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.4.897.175\{61D8B74E-8D89-46FF-AFA6-33382C54AC73}\FIREFOXEXTENSION
[2012.11.05 15:05:34 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.10.13 21:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.11.05 15:05:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 16:55:48 | 000,003,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.11.05 15:02:14 | 000,006,522 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.11.05 15:05:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.05 15:05:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.05 15:05:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.05 15:05:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.05 15:05:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=HP_clro&mntrId=6a006b410000000000009439e59ca67d
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop\2.3.17.1_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110808065433.dll (McAfee, Inc.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120107213422.dll (McAfee, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6500FF66-A527-483E-BAEE-E230BB665EE8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\24897~1.175\{61d8b~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5450ba85-33da-11e2-93f0-9439e59ca67e}\Shell - "" = AutoRun
O33 - MountPoints2\{5450ba85-33da-11e2-93f0-9439e59ca67e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.22 22:23:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
[2012.11.22 22:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.11.22 22:11:50 | 000,000,000 | R--D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.11.21 17:39:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012.11.21 17:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012.11.21 17:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012.11.05 15:20:33 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012.11.05 15:20:31 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012.11.05 15:20:29 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.11.05 15:20:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.11.05 15:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.11.05 15:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2012.11.05 15:02:05 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick
[2012.11.05 15:01:53 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
[2012.11.05 15:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.05 15:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.10.31 11:38:36 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\Documents\ForceField Shared Files
[2012.10.31 00:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.10.31 00:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.10.24 16:56:29 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search
[2012.10.24 16:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.10.24 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012.10.24 16:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012.10.24 16:54:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.24 16:52:12 | 000,000,000 | ---D | C] -- C:\Users\LittleCookieMonster\AppData\Roaming\PDF Software
[2012.10.24 16:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Soda PDF 5
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.22 22:23:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LittleCookieMonster\Desktop\OTL.exe
[2012.11.22 22:20:47 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.22 22:20:47 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.22 22:19:27 | 000,543,531 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
[2012.11.22 22:16:39 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.22 22:16:39 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.22 22:16:39 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.22 22:16:39 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.22 22:16:38 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.22 22:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.22 22:10:53 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.22 21:48:01 | 000,001,176 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000UA.job
[2012.11.22 21:48:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000Core.job
[2012.11.21 17:39:48 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.21 17:39:44 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.16 17:00:34 | 000,301,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.08 00:50:07 | 000,002,554 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Google Chrome.lnk
[2012.11.05 15:25:05 | 000,415,934 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.11.05 15:19:58 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.05 15:11:21 | 000,000,125 | ---- | M] () -- C:\user.js
[2012.11.03 21:30:44 | 000,690,037 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Seminarplan und Literatur.pdf
[2012.11.02 16:42:23 | 000,237,899 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Reading fur 29. Okt.(1).pdf
[2012.10.26 20:08:08 | 001,818,470 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Foto0616.jpg
[2012.10.24 17:39:32 | 007,922,260 | ---- | M] () -- C:\Users\LittleCookieMonster\Desktop\Connell_2009_Lg diversity and lg choice.pdf
[2012.10.24 17:03:11 | 000,065,081 | ---- | M] () -- C:\Users\LittleCookieMonster\Documents\Aufgabe vom 19.10.12 S.Groetelaer 5634121.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.22 22:19:15 | 000,543,531 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe
[2012.11.21 17:03:35 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.11.21 17:03:35 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.11.16 11:13:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 11:02:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.05 15:19:58 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.05 15:11:21 | 000,000,125 | ---- | C] () -- C:\user.js
[2012.11.03 21:30:43 | 000,690,037 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Seminarplan und Literatur.pdf
[2012.11.02 16:42:23 | 000,237,899 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Reading fur 29. Okt.(1).pdf
[2012.10.26 20:08:18 | 001,818,470 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Foto0616.jpg
[2012.10.24 17:38:57 | 007,922,260 | ---- | C] () -- C:\Users\LittleCookieMonster\Desktop\Connell_2009_Lg diversity and lg choice.pdf
[2012.10.24 17:03:10 | 000,065,081 | ---- | C] () -- C:\Users\LittleCookieMonster\Documents\Aufgabe vom 19.10.12 S.Groetelaer 5634121.pdf
[2011.03.30 02:46:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.30 02:46:47 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.30 02:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 00:03:27 | 001,642,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.05 15:01:53 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
[2012.05.28 19:34:02 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\CheckPoint
[2012.10.24 17:01:07 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PDF Software
[2012.02.10 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PhotoFiltre 7
[2012.07.21 22:22:42 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\PhotoScape
[2012.11.19 23:39:21 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\SoftGrid Client
[2012.04.16 19:56:40 | 000,000,000 | ---D | M] -- C:\Users\LittleCookieMonster\AppData\Roaming\TP
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< # AdwCleaner v2.008 - Datei am 22/11/2012 um 22:21:54 erstellt >
Invalid Switch: 2012 um 22:21:54 erstellt
 
< # Aktualisiert am 17/11/2012 von Xplode >
Invalid Switch: 2012 von Xplode
 
< # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.01.16 14:23:17 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000Core.job
[2012.01.16 14:23:17 | 000,001,176 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251252056-1386308966-2160917863-1000UA.job
 
< # Benutzer : LittleCookieMonster - SUNNY >
 
< # Bootmodus : Normal >
 
< # Ausgeführt unter : C:\Users\LittleCookieMonster\Desktop\adwcleaner.exe >
 
< # Option [Suche] >
 
<  >
 
<  >
 
< **** [Dienste] **** >
 
<  >
 
< Gefunden : Browser Manager >
 
<  >
 
< ***** [Dateien / Ordner] ***** >
Invalid Switch: Ordner] *****
 
<  >
 
< Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml >
 
< Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml >
 
< Datei Gefunden : C:\user.js >
 
< Datei Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\Uninstall.exe >
 
< Ordner Gefunden : C:\Program Files (x86)\Ask.com >
 
< Ordner Gefunden : C:\Program Files (x86)\AVG Secure Search >
 
< Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search >
 
< Ordner Gefunden : C:\ProgramData\AVG Secure Search >
 
< Ordner Gefunden : C:\ProgramData\Babylon >
 
< Ordner Gefunden : C:\ProgramData\Browser Manager >
 
< Ordner Gefunden : C:\Users\LITTLE~1\AppData\Local\Temp\AskSearch >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AskToolbar >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AskToolbar >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\LocalLow\AVG Secure Search >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Babylon >
 
< Ordner Gefunden : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com >
 
< Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} >
 
<  >
 
< ***** [Registrierungsdatenbank] ***** >
 
<  >
 
< Schlüssel Gefunden : HKCU\Software\APN >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider >
 
< Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick >
 
< Schlüssel Gefunden : HKCU\Software\Ask.com >
 
< Schlüssel Gefunden : HKCU\Software\Ask.com.tmp >
 
< Schlüssel Gefunden : HKCU\Software\AskToolbar >
 
< Schlüssel Gefunden : HKCU\Software\Conduit >
 
< Schlüssel Gefunden : HKCU\Software\Cr_Installer >
 
< Schlüssel Gefunden : HKCU\Software\DataMngr >
 
< Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar >
 
< Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} >
 
< Schlüssel Gefunden : HKCU\Software\Softonic >
 
< Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} >
 
< Schlüssel Gefunden : HKLM\Software\APN >
 
< Schlüssel Gefunden : HKLM\Software\AskToolbar >
 
< Schlüssel Gefunden : HKLM\Software\Babylon >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} >
 
< Schlüssel Gefunden : HKLM\Software\DataMngr >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} >
 
< Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF >
 
< Schlüssel Gefunden : HKU\S-1-5-21-2251252056-1386308966-2160917863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} >
 
< Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] >
 
< Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] >
 
< Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] >
 
< Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] >
 
<  >
 
< ***** [Internet Browser] ***** >
 
<  >
 
< -\\ Internet Explorer v9.0.8112.16421 >
 
<  >
 
< [OK] Die Registrierungsdatenbank ist sauber. >
 
<  >
 
< -\\ Mozilla Firefox v16.0.2 (de) >
 
<  >
 
< Profilname : default  >
 
< Datei : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\prefs.js >
 
<  >
 
< Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=[...] >
 
< Gefunden : user_pref("avg.install.userSPSettings", "Claro Search"); >
 
< Gefunden : user_pref("browser.search.order.1", "Claro Search"); >
 
< Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); >
 
< Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1"); >
 
< Gefunden : user_pref("extensions.asktb.cbid", "LL"); >
 
< Gefunden : user_pref("extensions.asktb.config-updated", true); >
 
< Gefunden : user_pref("extensions.asktb.crumb", "2012.01.10+14.00.25-toolbar011iad-DE-Q29sb2duZSxHZXJtYW55"); >
 
< Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...] >
 
< Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE"); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0018"); >
 
< Gefunden : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C"); >
 
< Gefunden : user_pref("extensions.asktb.first-restart-after-config-update", true); >
 
< Gefunden : user_pref("extensions.asktb.fresh-install", false); >
 
< Gefunden : user_pref("extensions.asktb.guid", "3de52a0a-94a6-4890-a2e6-68a1d168166e"); >
 
< Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...] >
 
< Gefunden : user_pref("extensions.asktb.if", "first"); >
 
< Gefunden : user_pref("extensions.asktb.l", "dis"); >
 
< Gefunden : user_pref("extensions.asktb.last-config-req", "1353618890949"); >
 
< Gefunden : user_pref("extensions.asktb.last-v", "3.14.0.100010"); >
 
< Gefunden : user_pref("extensions.asktb.locale", "de_DE"); >
 
< Gefunden : user_pref("extensions.asktb.location", "Cologne,Germany"); >
 
< Gefunden : user_pref("extensions.asktb.notification-shown", true); >
 
< Gefunden : user_pref("extensions.asktb.o", "APN10023"); >
 
< Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); >
 
< Gefunden : user_pref("extensions.asktb.qsrc", "2871"); >
 
< Gefunden : user_pref("extensions.asktb.r", "4"); >
 
< Gefunden : user_pref("extensions.asktb.sa", "NO"); >
 
< Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true); >
 
< Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); >
 
< Gefunden : user_pref("extensions.asktb.themeid", ""); >
 
< Gefunden : user_pref("extensions.asktb.timeinstalled", "10.01.2012 23:01:27"); >
 
< Gefunden : user_pref("extensions.asktb.to", ""); >
 
< Gefunden : user_pref("extensions.asktb.v", "3.14.0.100015"); >
 
< Gefunden : user_pref("extensions.asktb.version", "5.14.0.19934"); >
 
< Gefunden : user_pref("extensions.enabledAddons", "{dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175,toolbar@as[...] >
 
< Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true); >
 
< Gefunden : user_pref("keyword.URL", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=[...] >
 
<  >
 
< -\\ Google Chrome v23.0.1271.64 >
 
<  >
 
< Datei : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Preferences >
 
<  >
 
< [OK] Die Datei ist sauber. >
 
<  >
 
< ************************* >
[2012.11.22 22:22:05 | 000,014,567 | ---- | M] () -- \AdwCleaner[R1].txt
[2012.11.22 22:10:53 | 3180,220,416 | -HS- | M] () -- \hiberfil.sys
[2011.08.08 06:20:58 | 000,321,188 | ---- | M] () -- \lv.log
[2012.11.22 22:10:55 | 4240,293,888 | -HS- | M] () -- \pagefile.sys
[2011.08.08 06:20:50 | 000,000,087 | -H-- | M] () -- \splash.idx
[2012.11.05 15:11:21 | 000,000,125 | ---- | M] () -- \user.js
[2011.01.10 18:27:44 | 000,004,112 | -H-- | M] () -- \version
 
<  >
 
< AdwCleaner[R1].txt - [14478 octets] - [22/11/2012 22:21:54] >
Invalid Switch: 2012 22:21:54]
 
<  >
 
< ########## EOF - C:\AdwCleaner[R1].txt - [14539 octets] ########## >

< End of report >

Littlecookie 22.11.2012 22:49
Code:
OTL Extras logfile created on: 22.11.2012 22:25:55 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\LittleCookieMonster\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 60,84% Memory free
7,90 Gb Paging File | 5,31 Gb Available in Paging File | 67,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,78 Gb Total Space | 387,55 Gb Free Space | 85,78% Space Free | Partition Type: NTFS
 
Computer Name: SUNNY | User Name: LittleCookieMonster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ACFF930-B9ED-42E5-A2E2-068F240F4B2D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1786BB65-3971-4B5B-8872-F9AEBFFF52A6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2E762CEA-AB69-4A8D-8467-C90C79CAF525}" = rport=138 | protocol=17 | dir=out | app=system |
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2F031DC0-CCBA-4DCD-9E0D-5B26B11DF025}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{413CFDFB-1990-43B1-8CAE-824E3974D9C8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43E2199F-C80D-4A36-BCD5-B970D101B8E2}" = rport=445 | protocol=6 | dir=out | app=system |
"{44A241A3-186A-4B36-80F0-741090AF27AB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B999D34-8986-4F38-A309-C5C6B98C62DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DF94A25-D0F6-471F-9275-3CD7D1624EEC}" = rport=139 | protocol=6 | dir=out | app=system |
"{4E059E4B-6717-434C-8965-C5E597F4048B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{508092D0-223E-4A1F-944E-85E83C271715}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{597969F6-6128-4284-90B1-7EE697D4594F}" = rport=137 | protocol=17 | dir=out | app=system |
"{650372CD-0C67-46C0-92F9-A939AACA2507}" = lport=138 | protocol=17 | dir=in | app=system |
"{69D8CBAB-2921-43C7-9434-2E8172AA45CB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CCB33CE-D038-4F85-9109-A95B023253F4}" = lport=137 | protocol=17 | dir=in | app=system |
"{6FDE9876-B92D-4C5E-8DBA-B80C753E9319}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7AFA3D6B-DF38-4D78-B9F4-09E9FE657F28}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F3A26D6-89B5-4FD2-BA4A-81E8E7087449}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FBA7D26-2430-437F-B95A-403E4F32DA6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D450EFA-5131-4534-A1D1-522F39C962CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C906DE4B-20CB-45B4-B5F8-CFE53D457A7F}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1D325C0-60E7-4F84-A3F8-F06BB30E1D69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E06B7EF2-9E4F-41B6-A37B-3686158AD7EC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E9039601-C27B-499E-A194-2C708052EC96}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F7E7CD06-4164-4879-AEC5-2E1DE1F78C0B}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A83408E-EBE7-4497-AED1-1E78D596407A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24869D18-BE7C-4203-B304-0D6A35C1E62A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{35652576-6826-46D1-9130-8ED810C4B575}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38E190F8-1699-46B7-A141-C3EB5D47CAE2}" = protocol=6 | dir=out | app=system |
"{3CD5DD69-023B-454B-A223-CF6028C93521}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4E7D725C-E490-46BD-989B-FF9EA9B6E4CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F90BD83-5878-4746-84BB-3F23D7BB1FEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51B3E094-BB04-4DC6-BBDC-2678BA178D6A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6807BDB1-1E92-48A7-AC1D-643A23A7C787}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6EDDA7ED-135E-4FB0-B5B0-82C3F948C77A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8028D668-1F79-4310-B6E0-426C5531029E}" = dir=out | app=c:\users\littlecookiemonster\desktop\ssk_claro.exe |
"{949DA6E8-09A9-4146-9BBC-F4F1C2D5C50E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E9D1146-12BB-45AC-A2EF-9C33AA6571B1}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
"{A1B7BF59-DF5B-4FD1-ADE4-DD6D6CF43DBE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A72E7BCB-1B74-4665-AFDD-D81B77DB2EF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB630B0C-17F4-4593-8181-F0BE57B61899}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE2FBA25-5E8E-4951-AAFF-712EACC3B66C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AECCE46B-BA15-41F8-944A-29E90F14E08B}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{AF64B79C-5829-4EBC-96D4-703FCD61A0F3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B111E2DB-57D1-4DC0-BF64-EDCD661181F8}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{B8965AA4-D179-4116-B4BB-3398BB753E9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA1B9DB0-FCCB-408F-9FCF-5F7FD8E449C0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C161871F-B4A0-49FC-93BE-711F4728C6D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA668E3D-F5B3-452C-97AF-8986FAC509A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D382D88B-6B31-411C-9ACD-611B9A57B8D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DC0539E8-8094-4B0E-879F-4C484E6D3C8E}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
"{DF5F780C-BEF0-439D-B611-F323F629CC22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0A0686C-C530-4E1B-9A00-7AF89A622E37}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E3044F53-E2C4-435A-8582-61648BFEC647}" = dir=in | app=c:\users\littlecookiemonster\desktop\ssk_claro.exe |
"{E438C0E6-9D17-40DC-B0E9-7CE03C67AF7E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{E8E5E1B7-DB28-402D-A76C-213A820C7DCC}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe |
"{EFDC6F6B-9220-40A0-A4CB-B297E286ACC3}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
"{F424FB2E-6B90-4E07-A2C7-3D890DB566CB}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe |
"{FD90CCA8-8DF8-4E05-A419-0FC71222B480}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
"{FFB57FFD-F6BB-411C-8C18-4B67BF6FA899}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3F7C54EA-F59C-45DD-BA93-AD1E084A9550}" = Studie zur Verbesserung von HP Deskjet 1000 J110 series Produkten
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ECFFD23C-3111-4685-8118-E1F79644203F}" = HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{075A7877-02CA-4B15-8534-1211712A8E79}" = ZoneAlarm Firewall
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BD9E24B-DB16-491C-8092-F158664BB9F6}" = ZoneAlarm Security
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91989CE7-EE83-4A53-8E06-D97887928119}" = VAIO Care
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9532F6E0-ED0A-41A4-87F9-49478E44E8C1}" = ZoneAlarm Antivirus
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Hilfe
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"EADM" = EA Download Manager
"HP Photo Creations" = HP Photo Creations
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PhotoScape" = PhotoScape
"splashtop" = VAIO Quick Web Access
"VAIO Help and Support" =
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"WinLiveSuite" = Windows Live Essentials
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Google Chrome" = Google Chrome
"PhotoFiltre 7" = PhotoFiltre 7
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.10.2012 11:36:53 | Computer Name = Sunny | Source = WinMgmt | ID = 10
Description =
 
Error - 26.10.2012 17:18:51 | Computer Name = Sunny | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IswSvc.exe, Version: 1.5.380.0, Zeitstempel:
 0x4f635592  Name des fehlerhaften Moduls: CRYPT32.dll, Version: 6.1.7601.17856, Zeitstempel:
 0x4fc9a637  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000001ede2  ID des fehlerhaften
 Prozesses: 0x5f4  Startzeit der fehlerhaften Anwendung: 0x01cdb3bf679251ed  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\CRYPT32.dll  Berichtskennung: bcc0c97e-1fb2-11e2-bf73-9439e59ca67e
 
Error - 26.10.2012 17:19:51 | Computer Name = Sunny | Source = WinMgmt | ID = 10
Description =
 
Error - 27.10.2012 04:31:45 | Computer Name = Sunny | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IswSvc.exe, Version: 1.5.380.0, Zeitstempel:
 0x4f635592  Name des fehlerhaften Moduls: CRYPT32.dll, Version: 6.1.7601.17856, Zeitstempel:
 0x4fc9a637  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000001ede2  ID des fehlerhaften
 Prozesses: 0x5e0  Startzeit der fehlerhaften Anwendung: 0x01cdb41d6a247ece  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\CRYPT32.dll  Berichtskennung: bd392665-2010-11e2-916b-9439e59ca67e
 
Error - 27.10.2012 04:32:50 | Computer Name = Sunny | Source = WinMgmt | ID = 10
Description =
 
Error - 27.10.2012 14:33:10 | Computer Name = Sunny | Source = WinMgmt | ID = 10
Description =
 
Error - 27.10.2012 14:34:59 | Computer Name = Sunny | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IswSvc.exe, Version: 1.5.380.0, Zeitstempel:
 0x4f635592  Name des fehlerhaften Moduls: CRYPT32.dll, Version: 6.1.7601.17856, Zeitstempel:
 0x4fc9a637  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000001ede2  ID des fehlerhaften
 Prozesses: 0x60c  Startzeit der fehlerhaften Anwendung: 0x01cdb4714862740f  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\CRYPT32.dll  Berichtskennung: 02fcd5b2-2065-11e2-91b1-9439e59ca67e
 
Error - 28.10.2012 03:22:12 | Computer Name = Sunny | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IswSvc.exe, Version: 1.5.380.0, Zeitstempel:
 0x4f635592  Name des fehlerhaften Moduls: CRYPT32.dll, Version: 6.1.7601.17856, Zeitstempel:
 0x4fc9a637  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000001ede2  ID des fehlerhaften
 Prozesses: 0x5f4  Startzeit der fehlerhaften Anwendung: 0x01cdb4dcd2d0faf6  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\CRYPT32.dll  Berichtskennung: 3054724d-20d0-11e2-9003-9439e59ca67e
 
Error - 28.10.2012 03:23:00 | Computer Name = Sunny | Source = WinMgmt | ID = 10
Description =
 
Error - 28.10.2012 16:05:36 | Computer Name = Sunny | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IswSvc.exe, Version: 1.5.380.0, Zeitstempel:
 0x4f635592  Name des fehlerhaften Moduls: CRYPT32.dll, Version: 6.1.7601.17856, Zeitstempel:
 0x4fc9a637  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000001ede2  ID des fehlerhaften
 Prozesses: 0x5e0  Startzeit der fehlerhaften Anwendung: 0x01cdb54781a156f5  Pfad der
 fehlerhaften Anwendung: C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\CRYPT32.dll  Berichtskennung: d5d8eb36-213a-11e2-8b59-9439e59ca67e
 
[ System Events ]
Error - 20.11.2012 08:18:45 | Computer Name = Sunny | Source = WMPNetworkSvc | ID = 866300
Description =
 
Error - 20.11.2012 15:43:51 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 20.11.2012 16:12:22 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 20.11.2012 18:40:21 | Computer Name = Sunny | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst VAIO Event Service erreicht.
 
Error - 21.11.2012 08:54:12 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 21.11.2012 08:54:35 | Computer Name = Sunny | Source = WMPNetworkSvc | ID = 866300
Description =
 
Error - 21.11.2012 18:13:02 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 22.11.2012 07:06:54 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 22.11.2012 17:12:06 | Computer Name = Sunny | Source = Service Control Manager | ID = 7031
Description = Der Dienst "ZoneAlarm LTD Toolbar IswSvc" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000
Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 22.11.2012 17:12:32 | Computer Name = Sunny | Source = WMPNetworkSvc | ID = 866300
Description =
 
 
< End of report >

Swisstreasure 27.11.2012 01:22
Schritt 1
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Schritt 2

Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Littlecookie 03.12.2012 15:50
Hallo, erstmal herzlichen Dank
und hier anbei die logs vom 1. Schritt:
Code:
# AdwCleaner v2.008 - Datei am 03/12/2012 um 15:43:34 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : LittleCookieMonster - SUNNY
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\LittleCookieMonster\Desktop\Virus Krams\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Browser Manager

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\LITTLE~1\AppData\Local\Temp\Uninstall.exe
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\LITTLE~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Local\Savings Sidekick
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKU\S-1-5-21-2251252056-1386308966-2160917863-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default
Datei : C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\prefs.js

C:\Users\LittleCookieMonster\AppData\Roaming\Mozilla\Firefox\Profiles\pjkyo19l.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=[...]
Gelöscht : user_pref("avg.install.userSPSettings", "Claro Search");
Gelöscht : user_pref("browser.search.order.1", "Claro Search");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_9.0.1");
Gelöscht : user_pref("extensions.asktb.cbid", "LL");
Gelöscht : user_pref("extensions.asktb.config-updated", true);
Gelöscht : user_pref("extensions.asktb.crumb", "2012.01.10+14.00.25-toolbar011iad-DE-Q29sb2duZSxHZXJtYW55");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&[...]
Gelöscht : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Gelöscht : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Gelöscht : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "GMXX0018");
Gelöscht : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "3de52a0a-94a6-4890-a2e6-68a1d168166e");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1354474941025");
Gelöscht : user_pref("extensions.asktb.last-v", "3.14.0.100010");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.location", "Cologne,Germany");
Gelöscht : user_pref("extensions.asktb.notification-shown", true);
Gelöscht : user_pref("extensions.asktb.o", "APN10023");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "4");
Gelöscht : user_pref("extensions.asktb.sa", "NO");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "10.01.2012 23:01:27");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.14.0.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.14.0.19934");
Gelöscht : user_pref("extensions.enabledAddons", "{dfefbe51-ca52-484b-adf0-6b158b05262d}:2.4.897.175,toolbar@as[...]
Gelöscht : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Gelöscht : user_pref("keyword.URL", "hxxp://www.claro-search.com/?affID=114508&tt=4512_4&babsrc=KW_clro&mntrId=[...]

-\\ Google Chrome v23.0.1271.95

Datei : C:\Users\LittleCookieMonster\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [14567 octets] - [22/11/2012 22:21:54]
AdwCleaner[S1].txt - [14600 octets] - [03/12/2012 15:43:34]

########## EOF - C:\AdwCleaner[S1].txt - [14661 octets] ##########

Swisstreasure 04.12.2012 13:03
Und Schritt 2? ;)


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:08 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131