Beiträge von Tentacle

OTL Extras logfile created on: 15.01.2014 14:09:10 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop\wichtige Programme
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,21% Memory free
7,81 Gb Paging File | 5,51 Gb Available in Paging File | 70,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,27 Gb Total Space | 113,27 Gb Free Space | 39,57% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07067C91-2775-4875-AB99-EB9BD8F0D5DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{100B6CD1-23DB-4879-A9D2-E83D0A85DFBB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{19423F5F-1076-4882-A30E-40B3CB3E5CE8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{29BDD05A-A340-4C69-8175-6EBC3F9596DC}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{2BFDFF8C-7227-4EEE-8490-C81F74ED69BD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{30D78E20-69C9-4F99-8205-ADC6D8D878B3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{32EF6728-B7E9-43DC-A2A4-885C96B04E57}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3CEAB9DB-366F-4232-8FF2-74A57A25BE77}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4E2591E3-5782-4AC5-A401-469C4A74AD81}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{50F0129A-40F8-4B9C-A2E3-3A448F7C4FCB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{58E529BC-3D2F-456D-B6C8-3BCD7F85C61E}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{731B10E5-5478-4B00-B791-95155DAFD09E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8C28F9B4-74B8-43A7-93B9-D2F856FFFAF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8ED03001-DE74-4DB3-A580-3C724F165E2D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{9AE370FD-3252-4846-802E-C2F1483F15A2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A5DC0E16-413E-4ACE-BA8E-FEB092E7B480}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{C8351E08-5586-40ED-87FC-BE597901B25A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C88B081A-7BB0-4EFB-8A54-561935686C45}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C9796CF8-FA61-4EB8-AB6C-07C5714ABCE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CFBC40D5-3EF5-4677-A4C2-B6122A05E628}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D24365BB-E26B-4AD3-B131-7EDE21ADFCD8}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{DBD8F7D9-E26B-4777-A776-26BFF15CF63D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DF1E96E4-0400-4E6B-A54C-672FDC276F3F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E5C59A28-0552-4766-A1F4-C2FC582F1FB9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E6D84FC9-0A4D-495E-9FA2-545652F68F38}" = lport=139 | protocol=6 | dir=in | app=system | 
"{F24BEFA8-4B98-4389-AB02-1FE12A199B1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02954F75-B270-4849-AFF6-4D5395510513}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | 
"{06E96504-AF12-4762-9980-BB780365927C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{0F79D7B5-E811-48E6-BC0A-188202455F54}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{196AEDA8-605A-4781-AAA9-9D27F11560DD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{20CFF796-8800-4E84-8530-BF4633DA92D8}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{2A7FE5CF-3188-4EB8-846F-EF6BFA8E5E6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2EA781B4-0DEB-4B6E-8B98-754A2378C2DD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{30B729CB-534D-446F-95EF-4B636F72ACEC}" = protocol=6 | dir=in | app=c:\windows\temp\kd_installer.exe | 
"{3CF46D3C-3732-47B9-B759-9E0911D17762}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe | 
"{3F120E17-0B99-464E-85A5-D925A94DF6F5}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{4246ECE8-D941-4A84-AB97-EF8208598DDA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{43956D67-CE3B-4006-B421-3347BB997A40}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{49E7725F-C0CB-4EDA-BBC2-21F96A8A0F67}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"{50CCBE42-7172-4C74-9F5A-465E8CE4EB46}" = protocol=17 | dir=in | app=c:\windows\temp\kd_installer.exe | 
"{5368A901-CB0A-4A92-9256-3F4FDFF07A5B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5673FDE4-DB54-4781-9AFA-BF0113BB6F7A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{67CC4B78-05DB-443F-85E7-62B6503F3DF0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6F1CBEE1-E4A7-43D8-BF95-2A3365EA5B7F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6FF35E2F-8ACA-4015-AF78-EA32938667AD}" = protocol=17 | dir=in | app=c:\windows\temp\kd_installer.exe | 
"{7332E42E-4B4D-4E7D-AFA9-B91B9D295A46}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
"{7F486900-5488-4210-9C42-045DC1663B07}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8907A2E2-EF74-4226-9829-68B01FE2A7F3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8C38ED09-78D3-420A-AC9D-C3B239F48E9A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{8EA19F3B-C367-4654-AA0E-0C4326FAE4D8}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{9AFE88A5-F657-484F-8F91-36C151615C9F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{9BD2A36E-7389-4FE4-9F3E-A2DDFC5CE50B}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{9CD14434-F5EC-4897-855F-549567EC0AB0}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | 
"{9F7E4C64-D002-479E-B78A-CBB118EBB8E1}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{A268C48B-D832-428F-8FAE-3896396B51E0}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{A37439D7-290C-4F42-B082-4005735F9B21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A4270B74-E083-4ECC-B574-FBF7B63DE92E}" = protocol=6 | dir=out | app=system | 
"{AD2CFB2F-3DD4-4E87-A626-9C87E06E5627}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | 
"{AD40FAB1-2F11-4A04-9E5A-3265A7E83821}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B67A39C7-3E25-42DF-B190-F09485A83EF4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C3492028-4AD8-4BED-930B-8B9ABB4E14AB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | 
"{C4E0F1CE-E57A-4CFA-821E-6683D32BD937}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{CA4E7F4E-049D-40F0-831B-8C053D706A53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CFFAF664-7CA2-40F6-946B-35BAF6E852FB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{D0EB6E98-D55F-46B0-B625-B328D52A7E02}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"{D2F22E28-55D1-41CC-A7CC-2190232B1440}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe | 
"{D8129B20-7148-4F96-BC19-AB118A6281BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D9093F9C-1A9B-4CBD-A6AC-89556FBE20CF}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | 
"{DAF94773-AB26-450C-BF82-07A42EB0A538}" = protocol=6 | dir=in | app=c:\windows\temp\kd_installer.exe | 
"{DB7C4336-CDFE-4C42-949E-685488AF424B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DDC1317E-0092-4FA3-984B-1EBA79932D38}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{DFE3F467-3797-4D4A-8C14-E75F4CA57CBB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E585915E-D14E-47F0-A499-10360EFEAC29}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{E9B86408-658E-4879-82BE-B8EE1A5B9EBE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EB84A576-9475-42E3-B9A7-01257043B4B8}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{F25A9C86-D889-4A60-902A-7B958591B321}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F47BF1CE-B05A-431A-A4BF-366C14628951}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"{F5A401B9-AADC-4667-AE62-8E94C22354A3}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{F9215578-9D6C-471B-A834-0A0C8EB2D629}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{F9965308-E58E-436F-A902-F0F09832F70B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{FDDAC1A0-890E-4E30-955E-DC348489B7BB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{33215627-D721-42F0-95C8-F5E7330112E4}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"TCP Query User{40B87909-D3E8-4DDE-A093-CA947498D993}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{6C861838-5C2B-4D96-98F6-0FEE3E3F360D}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{7AF9B563-0364-4EA0-81B4-07F294EA6269}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"TCP Query User{7FB8A9E5-E793-4142-9371-9AA199515703}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe | 
"TCP Query User{AD3AF2ED-BEAF-4F32-A5F5-557D37584526}C:\program files (x86)\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"UDP Query User{339EC61D-962C-4410-A0AC-F657EA73929F}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe | 
"UDP Query User{6FF439D5-04D2-40F5-AE3A-639A4C6F1CBA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{B36886AD-E787-43F2-9FC9-867F67EA5BBA}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"UDP Query User{B8A2FD56-6E5A-4CA5-B42A-D7A8403A59A3}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{E3741F3F-B46B-4F52-80D3-F1749C5E1B62}C:\program files (x86)\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 
"UDP Query User{F2AC0300-8926-4528-9F19-13C534965345}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}" = IBM SPSS Statistics 21
"{22D52438-53C0-8381-AB8D-6A295D46262C}" = ATI AVIVO64 Codecs
"{33954531-89ED-B9F6-2CDF-041414713D86}" = ATI Catalyst Install Manager
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF7F89F4-9021-8591-7872-1A4F98B88A47}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C862EC05-1C15-4327-B15D-C7788D6CFF73}" = Image Resizer Powertoy Clone for Windows (64 bit)
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"EPSON SX125 Series" = EPSON SX125 Series Printer Uninstall
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TAP-Windows" = TAP-Windows 9.9.2
"US122 Driver_is1" = US122 Driver 3.40
"USB_AUDIO_DEusb-audio.deTascam" = US-122 MKII / US-144 MKII
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{041A006A-50C4-3FE2-FF4A-83D530E53BEF}" = CCC Help English
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C02326F-8F79-5C12-1793-DE114BD64F54}" = CCC Help Swedish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23188A71-69D2-3DE4-29DC-6FFF5A662B47}" = CCC Help German
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2793958A-372D-2C12-1BF0-DC5E62FE5962}" = CCC Help Italian
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{30B056AF-F414-4B68-B9B0-6EFDB9FCDF18}" = ArcSoft MediaImpression 2
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3EF39A99-10DB-79C0-4BD6-A7EEC27C825B}" = CCC Help Greek
"{40F5AB80-7B12-8AA9-3963-319E1B88B769}" = Catalyst Control Center Graphics Full Existing
"{42C3C65A-C4C7-AE3A-6819-DC529039A597}" = CCC Help Danish
"{44561056-2746-4C06-2F96-D8EC7B07E69E}" = Catalyst Control Center Graphics Previews Vista
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{47245954-1CD8-BB67-DFCD-ED5370AA2859}" = Catalyst Control Center InstallProxy
"{47FB77D0-F03E-4CF7-DE93-27CEB24B98D3}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6AA7A397-0D7F-2614-7943-DB101F30C544}" = Catalyst Control Center Graphics Light
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7B937101-FD85-4CA9-9176-ADA6492314AF}" = ArcSoft WebCam Companion 3
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.6.0
"{82006630-3125-5DF1-B78B-BBA2355E9D96}" = CCC Help Polish
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87A33416-F8AE-06D8-C8B3-DC713A535916}" = CCC Help Finnish
"{8D13E566-CC9B-5332-0E78-F3D63A3DF1F5}" = PX Profile Update
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F97AEB7-87E1-CD50-5E46-393F7BFCF201}" = ccc-core-static
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A2A1BF69-5453-2486-1C47-EDAC3B9B03CE}" = CCC Help Thai
"{A60B1DCA-02CE-C245-A623-52B76C54D840}" = CCC Help Dutch
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Deutsch
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{B23F0617-BD7D-AA4C-FDAB-80471A91CEDB}" = CCC Help Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BC48A169-492F-67FD-B101-21B2C5AED844}" = Catalyst Control Center Localization All
"{C1BDF54B-32D6-3B9C-9156-E4B7723DC9F1}" = CCC Help Chinese Standard
"{CD71916A-2E4D-59AE-71EE-F2051B8364EF}" = CCC Help Chinese Traditional
"{CDD15F95-C894-0C78-32E9-07C5D48DFA84}" = CCC Help Hungarian
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.92.624
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3E7E286-A884-AD4F-E3FA-9682B3E7F618}" = Catalyst Control Center Core Implementation
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D491EC73-2679-F12E-620B-3E9D5D26D77B}" = CCC Help Russian
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.21.0001
"{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5D20B64-EEC6-4A0B-3AC4-8820D05835E1}" = CCC Help Norwegian
"{E71FB966-14AD-A192-C79D-B2B83F6638DE}" = Catalyst Control Center Graphics Full New
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0A28600-322A-797D-FCDA-588CF0308AA8}" = CCC Help French
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4B5C8FF-307C-0781-A4FF-CD5358E23BA1}" = CCC Help Japanese
"{F4DC4228-B42A-AFA9-7DE7-A902AC5381CA}" = CCC Help Portuguese
"{F90685DD-3231-2512-7ABE-38F986F7377D}" = CCC Help Korean
"{FB1804A0-16FB-433A-BB9F-7429ECD1CA3E}" = GeekBuddy
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater
"{FF3925CB-2007-F777-2CE1-F32F1FDE9C68}" = CCC Help Turkish
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"AudioCon" = AudioCon
"Brother MFC-620CN" = Brother MFC-620CN
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Comodo Dragon" = Comodo Dragon
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series Manual" = EPSON SX125 Series Handbuch
"FastStone Photo Resizer" = FastStone Photo Resizer 3.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.3.1206
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"Highway Pursuit_is1" = Highway Pursuit v1.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"Inkscape" = Inkscape 0.48.1 
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenVPN" = OpenVPN 2.3.2-I003 
"S3" = Die Siedler III Gold Edition
"SilverEdition - WAVtoMP3" = SilverEdition - WAVtoMP3
"SopCast" = SopCast 3.2.9
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XMind" = XMind
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 15.01.2014 08:33:30 | Computer Name = | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2014/01/15 13:33:30.700]: [00002812]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 15.01.2014 08:33:32 | Computer Name = | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2014/01/15 13:33:32.201]: [00002812]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 15.01.2014 08:33:33 | Computer Name =  | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2014/01/15 13:33:33.732]: [00002812]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 15.01.2014 08:33:35 | Computer Name =  | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2014/01/15 13:33:35.277]: [00002812]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 15.01.2014 08:33:36 | Computer Name =  | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2014/01/15 13:33:36.821]: [00002812]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 15.01.2014 08:36:39 | Computer Name = | Source = Brother BrLog | ID = 1001
Description = CTLCN BrtCTLCN: [2014/01/15 13:36:39.744]: [00003464]: brccFCtl.dll:
 ### ERROR ### LoadLibrary Functions failed. m_fpIsAvailable-Return = FALSE  
 
Error - 15.01.2014 08:36:39 | Computer Name = | Source = Brother BrLog | ID = 1001
Description = CTLCN BrtCTLCN: [2014/01/15 13:36:39.744]: [00003464]: brccFCtl.dll:
 ### ERROR ### m_fpGetLanguageInfo = NULL  
 
Error - 15.01.2014 08:36:39 | Computer Name =| Source = Brother BrLog | ID = 1001
Description = CTLCN BrtCTLCN: [2014/01/15 13:36:39.744]: [00003464]: brccFCtl.dll:
 ### ERROR ### Get OmniPage Language-ID Failed  
 
Error - 15.01.2014 09:07:20 | Computer Name = | Source = Application Hang | ID = 1002
Description = Programm OTL (1).exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: c90    Startzeit: 
01cf11f21c02eaa4    Endzeit: 7    Anwendungspfad: C:\Users\user\Downloads\OTL (1).exe    Berichts-ID:
 e36c9281-7de5-11e3-bfe2-001f16acf62f  
 
Error - 15.01.2014 09:08:10 | Computer Name =  | Source = Application Hang | ID = 1002
Description = Programm OTL (1).exe, Version 3.2.69.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 6ec    Startzeit: 
01cf11f2bdf5d537    Endzeit: 10    Anwendungspfad: C:\Users\user\Desktop\wichtige Programme\OTL
 (1).exe    Berichts-ID:   
 
[ Media Center Events ]
Error - 18.04.2012 15:15:45 | Computer Name =  | Source = MCUpdate | ID = 0
Description = 21:15:45 - Fehler beim Herstellen der Internetverbindung.  21:15:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.04.2012 15:16:01 | Computer Name =  | Source = MCUpdate | ID = 0
Description = 21:15:51 - Fehler beim Herstellen der Internetverbindung.  21:15:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.04.2012 16:16:06 | Computer Name = | Source = MCUpdate | ID = 0
Description = 22:16:06 - Fehler beim Herstellen der Internetverbindung.  22:16:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.04.2012 16:16:13 | Computer Name =  | Source = MCUpdate | ID = 0
Description = 22:16:11 - Fehler beim Herstellen der Internetverbindung.  22:16:11 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.04.2012 17:16:18 | Computer Name =  | Source = MCUpdate | ID = 0
Description = 23:16:18 - Fehler beim Herstellen der Internetverbindung.  23:16:18 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.04.2012 17:16:25 | Computer Name =  | Source = MCUpdate | ID = 0
Description = 23:16:23 - Fehler beim Herstellen der Internetverbindung.  23:16:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.04.2012 17:32:29 | Computer Name = | Source = MCUpdate | ID = 0
Description = 23:32:29 - Fehler beim Herstellen der Internetverbindung.  23:32:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.04.2012 17:32:40 | Computer Name = | Source = MCUpdate | ID = 0
Description = 23:32:34 - Fehler beim Herstellen der Internetverbindung.  23:32:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 22.04.2012 11:09:51 | Computer Name = | Source = MCUpdate | ID = 0
Description = 17:09:51 - Fehler beim Herstellen der Internetverbindung.  17:09:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 22.04.2012 11:10:03 | Computer Name = | Source = MCUpdate | ID = 0
Description = 17:09:56 - Fehler beim Herstellen der Internetverbindung.  17:09:56 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 14.01.2014 07:10:26 | Computer Name = | Source = DCOM | ID = 10010
Description = 
 
Error - 14.01.2014 16:58:21 | Computer Name = | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Mobile Partner. OUC erreicht.
 
Error - 14.01.2014 16:58:21 | Computer Name =  | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 14.01.2014 16:58:51 | Computer Name =  | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   CFRMD
 
Error - 15.01.2014 04:32:29 | Computer Name = | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Mobile Partner. OUC erreicht.
 
Error - 15.01.2014 04:32:29 | Computer Name =  | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 15.01.2014 04:32:32 | Computer Name =  | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   CFRMD
 
Error - 15.01.2014 08:35:50 | Computer Name =  | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Mobile Partner. OUC erreicht.
 
Error - 15.01.2014 08:35:50 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 15.01.2014 08:35:52 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   CFRMD
 
 
< End of report >

OTL logfile created on: 15.01.2014 14:09:10 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\user\Desktop\wichtige Programme
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,21% Memory free
7,81 Gb Paging File | 5,51 Gb Available in Paging File | 70,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,27 Gb Total Space | 113,27 Gb Free Space | 39,57% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\user\Desktop\wichtige Programme\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions, Inc.)
PRC - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Users\user\AppData\Local\Temp\WDE1322.tmp\ombrowser.lng ()
MOD - C:\Users\user\AppData\Local\Temp\WDE1322.tmp\ml_online.lng ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (GeekBuddyRSP) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
SRV - (CLPSLauncher) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Mobile Partner. RunOuc) -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe (The OpenVPN Project)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (cmdAgent) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (BRA_Scheduler) -- C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe ()
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (dtpd) -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe ()
SRV - (iked) -- C:\Programme\ShrewSoft\VPN Client\iked.exe ()
SRV - (ipsecd) -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe ()
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (ODDPwrSvc) -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:[b]64bit:[/b] - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TASCAM_US122144) -- C:\Windows\SysNative\drivers\tascusb2.sys (TASCAM)
DRV:[b]64bit:[/b] - (vflt) -- C:\Windows\SysNative\drivers\vfilter.sys (Shrew Soft Inc)
DRV:[b]64bit:[/b] - (vnet) -- C:\Windows\SysNative\drivers\virtualnet.sys (Shrew Soft Inc)
DRV:[b]64bit:[/b] - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (NETw1v64) -- C:\Windows\SysNative\drivers\NETw1v64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:[b]64bit:[/b] - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:[b]64bit:[/b] - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:[b]64bit:[/b] - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (CFRMD) -- C:\Windows\SysWOW64\drivers\CFRMD.sys (Windows (R) Win 7 DDK provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8510t&r=273601093616l0348z1j5t4751b206
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "https://www.google.com/search"
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.15 13:20:19 | 000,000,000 | ---D | M]
 
[2014.01.05 17:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2014.01.05 17:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions\net.openvpn.client
[2014.01.15 13:28:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions
[2013.12.29 22:16:58 | 000,000,000 | ---D | M] (WOT) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.08.27 08:34:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.01.14 14:07:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions\staged
[2014.01.14 10:53:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions\trash
[2013.11.07 09:43:52 | 000,000,000 | ---D | M] (YouTube Unblocker) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\oo97tx57.default\extensions\youtubeunblocker@unblocker.yt
[2013.11.06 00:52:38 | 000,214,277 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\oo97tx57.default\extensions\{a110da17-55ad-4380-b935-d9d9b36eae9f}.xpi
[2013.10.30 13:57:52 | 000,022,188 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\oo97tx57.default\extensions\{ade468d2-532b-480c-843b-5e01e5931e1e}.xpi
[2013.12.24 21:58:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\oo97tx57.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.12.15 23:42:35 | 000,287,503 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\oo97tx57.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014.01.14 10:48:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.12.20 19:39:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.20 19:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.12.20 19:39:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.10.13 17:12:46 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com
 
O1 HOSTS File: ([2011.11.13 12:02:12 | 000,001,339 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: Code:
O1 - Hosts: 127.0.0.1 activate.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com 
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com 
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 adobeereg.com 
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com 
O1 - Hosts: 127.0.0.1 ereg.adobe.com 
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com 
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com 
O1 - Hosts: 127.0.0.1 192.150.18.108 
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com 
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com 
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com 
O1 - Hosts: 127.0.0.1 wip3.adobe.com 
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O2:[b]64bit:[/b] - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Global Registration] C:\Program Files (x86)\Acer\Registration\GREG.exe (Acer Incorporated)
O4 - HKCU..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe -update plugin File not found
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Neuer Wert #1 = Reg Error: Unknown registry data type File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02CD7178-3FC2-408F-A12D-304EE88DD097}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02CD7178-3FC2-408F-A12D-304EE88DD097}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E53E6065-E41D-4F0E-85EE-67E5AF08EBD6}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDAE51A-D8D8-43D0-806C-E9EA63B69242}: NameServer = 139.7.30.126 139.7.30.125
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3818e69d-3d1e-11e0-8d05-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{3818e69d-3d1e-11e0-8d05-001f16acf62f}\Shell\AutoRun\command - "" = E:\S3\Autorun.exe
O33 - MountPoints2\{3818e6c0-3d1e-11e0-8d05-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{3818e6c0-3d1e-11e0-8d05-001f16acf62f}\Shell\AutoRun\command - "" = F:\S3\Autorun.exe
O33 - MountPoints2\{a0cc881c-e70c-11e1-97f1-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{a0cc881c-e70c-11e1-97f1-001f16acf62f}\Shell\AutoRun\command - "" = D:\DPFMate.exe
O33 - MountPoints2\{b4d29c08-1f8a-11e3-80c5-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{b4d29c08-1f8a-11e3-80c5-001f16acf62f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b4d29c24-1f8a-11e3-80c5-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{b4d29c24-1f8a-11e3-80c5-001f16acf62f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b4d29c3c-1f8a-11e3-80c5-001f16acf62f}\Shell - "" = AutoRun
O33 - MountPoints2\{b4d29c3c-1f8a-11e3-80c5-001f16acf62f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014.01.15 13:37:12 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\wichtige Programme
[2014.01.15 13:23:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.01.14 14:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
[2014.01.14 14:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
[2014.01.14 13:39:08 | 000,040,664 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2014.01.14 13:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\TAP-Windows
[2014.01.14 12:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShrewSoft VPN Client
[2014.01.14 10:42:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.13 21:52:26 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.01.13 21:52:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.01.13 21:52:24 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.01.13 21:52:22 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.01.13 21:41:42 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.01.13 21:17:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014.01.13 21:17:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014.01.13 21:17:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014.01.13 21:17:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014.01.13 21:17:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014.01.13 21:17:23 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014.01.13 21:17:23 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014.01.13 21:17:23 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014.01.13 21:17:23 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014.01.13 21:17:23 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014.01.13 21:17:23 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014.01.13 21:17:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014.01.13 21:17:23 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014.01.13 21:17:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014.01.13 21:17:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014.01.13 21:17:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014.01.13 21:17:23 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014.01.13 21:17:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014.01.13 21:17:22 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.01.13 21:17:22 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014.01.13 21:17:22 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014.01.13 21:17:22 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014.01.13 21:17:21 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.01.13 21:17:21 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.01.13 21:11:09 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014.01.13 21:11:08 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014.01.13 21:11:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014.01.13 21:11:08 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014.01.13 21:04:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014.01.13 20:38:33 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014.01.13 20:38:33 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014.01.13 20:38:33 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014.01.13 20:38:33 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014.01.13 20:38:33 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014.01.13 20:38:33 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014.01.13 20:38:33 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014.01.13 20:38:33 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014.01.13 20:38:33 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014.01.13 20:38:33 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014.01.13 20:38:33 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014.01.13 20:38:33 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014.01.13 20:38:33 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014.01.13 20:38:33 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014.01.13 20:38:33 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014.01.13 20:38:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014.01.13 20:38:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014.01.13 20:38:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014.01.13 20:38:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014.01.13 20:38:33 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014.01.13 20:38:33 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014.01.13 20:38:32 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014.01.13 20:38:31 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014.01.13 20:38:31 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014.01.13 20:38:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014.01.13 20:38:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014.01.13 20:38:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014.01.13 20:38:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014.01.13 20:38:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014.01.13 20:38:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014.01.13 20:38:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014.01.13 20:38:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014.01.13 20:37:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014.01.13 20:37:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014.01.13 20:37:06 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014.01.13 20:37:06 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014.01.13 20:37:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014.01.13 20:37:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014.01.13 20:36:47 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014.01.13 20:36:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014.01.13 20:36:46 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014.01.13 20:36:46 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014.01.13 20:36:46 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014.01.13 20:36:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014.01.13 20:36:46 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014.01.13 20:36:21 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014.01.13 20:36:18 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014.01.13 20:36:16 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014.01.13 20:36:08 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014.01.13 20:36:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014.01.13 20:36:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014.01.13 20:35:45 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.01.13 20:35:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014.01.13 20:35:41 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.01.13 20:35:37 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014.01.13 20:35:35 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014.01.13 20:35:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014.01.13 20:35:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014.01.13 20:35:23 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014.01.13 20:35:13 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014.01.13 20:35:13 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014.01.13 20:35:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014.01.13 20:35:13 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014.01.13 20:35:13 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014.01.13 20:34:56 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014.01.13 20:34:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014.01.13 20:34:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014.01.13 20:34:39 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014.01.13 20:34:39 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014.01.13 20:34:39 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014.01.13 20:34:38 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014.01.13 20:34:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014.01.13 20:34:32 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.01.13 20:34:32 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.01.13 20:34:26 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014.01.13 20:34:15 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014.01.13 20:34:15 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014.01.13 20:34:14 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014.01.13 20:34:13 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014.01.13 20:34:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014.01.13 20:34:13 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014.01.13 20:34:12 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014.01.13 20:34:12 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014.01.13 20:34:12 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014.01.13 20:34:11 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014.01.13 20:34:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014.01.13 20:34:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014.01.13 20:34:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014.01.13 20:34:09 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014.01.13 20:34:09 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014.01.13 20:22:56 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014.01.13 16:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2014.01.13 16:25:13 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014.01.13 16:25:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014.01.13 16:23:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2014.01.13 16:22:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Winamp
[2014.01.13 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2014.01.05 17:18:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN
[2014.01.05 17:15:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\OpenVPN Technologies
[2014.01.05 17:15:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\OpenVPN Technologies
[2014.01.05 17:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN Technologies
[2013.12.23 23:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
[2013.12.23 23:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free WMA to MP3 Converter
[2013.12.20 19:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.10.03 21:09:56 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Users\user\taskmgr.exe
[2009.09.01 02:39:46 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014.01.15 14:24:35 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014.01.15 13:50:03 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.15 13:43:21 | 000,023,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.15 13:43:20 | 000,023,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.15 13:36:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.15 13:35:14 | 004,976,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.15 13:34:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.15 13:34:41 | 3144,773,632 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.15 13:33:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.14 17:06:50 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.14 17:06:50 | 000,699,666 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.01.14 17:06:50 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.14 17:06:50 | 000,149,774 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.01.14 17:06:50 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.14 14:01:57 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk
[2014.01.14 13:39:08 | 000,040,664 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2014.01.13 21:44:40 | 001,594,892 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.01.06 14:17:47 | 510,233,957 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014.01.14 13:40:35 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk
[2014.01.13 21:11:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.10.30 12:16:05 | 000,002,163 | ---- | C] () -- C:\Users\user\.recently-used.xbel
[2013.08.22 15:09:47 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2013.08.22 15:09:46 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2013.01.06 22:25:04 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.09.09 10:55:04 | 001,594,892 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.29 21:36:47 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.05.06 19:30:02 | 000,000,000 | ---- | C] () -- C:\Program Files (x86)\error.dat
[2012.05.06 19:30:02 | 000,000,000 | ---- | C] () -- C:\Windows\BROWNIE.INI
[2012.05.06 19:30:02 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2012.05.06 19:30:02 | 000,000,000 | ---- | C] () -- C:\Windows\briwm04a.ini
[2012.05.06 19:30:01 | 000,000,026 | ---- | C] () -- C:\Windows\brpp2ka.ini
[2012.04.19 11:30:46 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.03.08 18:51:52 | 000,009,728 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.08 12:44:29 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\Temptable.xml
[2010.11.10 19:50:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.18 19:28:08 | 000,001,160 | ---- | C] () -- C:\Users\user\AppData\Local\9A5FF4EA.il
[2010.10.18 19:28:08 | 000,000,280 | ---- | C] () -- C:\Users\user\AppData\Local\IndexIE_9A5FF4EA.il
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54


< End of report >

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 11:18:33
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10969 octets] - [14/01/2014 10:55:23]
AdwCleaner[R2].txt - [11079 octets] - [14/01/2014 11:03:36]
AdwCleaner[R3].txt - [11134 octets] - [14/01/2014 11:10:34]
AdwCleaner[R4].txt - [10850 octets] - [14/01/2014 11:18:33]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]
AdwCleaner[S1].txt - [11008 octets] - [14/01/2014 10:58:30]
AdwCleaner[S2].txt - [11118 octets] - [14/01/2014 11:06:47]
AdwCleaner[S3].txt - [11173 octets] - [14/01/2014 11:14:47]


########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [11155 octets] ##########

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 11:46:35
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10969 octets] - [14/01/2014 10:55:23]
AdwCleaner[R2].txt - [11079 octets] - [14/01/2014 11:03:36]
AdwCleaner[R3].txt - [11134 octets] - [14/01/2014 11:10:34]
AdwCleaner[R4].txt - [11256 octets] - [14/01/2014 11:18:33]
AdwCleaner[R5].txt - [10911 octets] - [14/01/2014 11:46:35]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]
AdwCleaner[S1].txt - [11008 octets] - [14/01/2014 10:58:30]
AdwCleaner[S2].txt - [11118 octets] - [14/01/2014 11:06:47]
AdwCleaner[S3].txt - [11173 octets] - [14/01/2014 11:14:47]
AdwCleaner[S4].txt - [11295 octets] - [14/01/2014 11:22:51]


########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [11277 octets] ##########

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 10:42:41
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Downloads\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gefunden : C:\users\user\AppData\Local\Temp\Searchqu.ini
Datei Gefunden : C:\users\user\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\Askcom.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\daemon-search.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-10.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-11.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-12.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-13.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-14.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-15.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-16.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-3.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-4.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-5.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-6.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-7.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-8.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\icqplugin-9.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\searchplugins\Search_Results.xml
Datei Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Searchqu Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\users\user\AppData\Local\PackageAware
Ordner Gefunden C:\users\user\AppData\Local\torch
Ordner Gefunden C:\users\user\AppData\LocalLow\AskToolbar
Ordner Gefunden C:\users\user\AppData\LocalLow\koyotesofttoolbarnew
Ordner Gefunden C:\users\user\AppData\LocalLow\Searchqutoolbar
Ordner Gefunden C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\ICQToolbarData
Ordner Gefunden C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\koyotesofttoolbarnew
Ordner Gefunden C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Searchqutoolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\Ask.com
Schlüssel Gefunden : [x64] HKCU\Software\AskToolbar
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : [x64] HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gefunden : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-webcam-companion_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-webcam-companion_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Schlüssel Gefunden : HKLM\Software\SearchquMediabarTb
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428


Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd


-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]


Gefunden : homepage
Gefunden : urls_to_restore_on_startup
Gefunden : search_url


*************************


AdwCleaner[R0].txt - [21817 octets] - [14/01/2014 10:42:41]


########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21878 octets] ##########

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 10:55:23
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Downloads\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10746 octets] - [14/01/2014 10:55:23]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]


########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [10868 octets] ##########

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 11:03:36
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10969 octets] - [14/01/2014 10:55:23]
AdwCleaner[R2].txt - [10795 octets] - [14/01/2014 11:03:36]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]
AdwCleaner[S1].txt - [11008 octets] - [14/01/2014 10:58:30]


########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [10978 octets] ##########

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 11:10:34
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - JAN-PC
# Gestartet von : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : ICQ Service


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\DTToolbar@toolbarnet.com
Ordner Gefunden : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\Extensions\toolbar@ask.com
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gefunden C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden C:\Program Files (x86)\Windows Searchqu Toolbar
Ordner Gefunden C:\users\user\AppData\Local\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]


Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
Zeile gefunden : user_pref("browser.search.order.1", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Zeile gefunden : user_pref("extensions.asktb.abar-war-timeout", "4000");
Zeile gefunden : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.cbid", "PV");
Zeile gefunden : user_pref("extensions.asktb.config-updated", true);
Zeile gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Zeile gefunden : user_pref("extensions.asktb.displaybehavior", "");
Zeile gefunden : user_pref("extensions.asktb.displaytext", "");
Zeile gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
Zeile gefunden : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sau[...]
Zeile gefunden : user_pref("extensions.asktb.fresh-install", false);
Zeile gefunden : user_pref("extensions.asktb.guid", "BD250736-ADFB-4B30-AD87-DA9DD36B18EB");
Zeile gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Zeile gefunden : user_pref("extensions.asktb.if", "su");
Zeile gefunden : user_pref("extensions.asktb.l", "dis");
Zeile gefunden : user_pref("extensions.asktb.last-config-req", "1324926491763");
Zeile gefunden : user_pref("extensions.asktb.last-v", "3.12.2.100007");
Zeile gefunden : user_pref("extensions.asktb.locale", "de_DE");
Zeile gefunden : user_pref("extensions.asktb.lstation", "");
Zeile gefunden : user_pref("extensions.asktb.o", "15000");
Zeile gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Zeile gefunden : user_pref("extensions.asktb.pstate", "");
Zeile gefunden : user_pref("extensions.asktb.qsrc", "2871");
Zeile gefunden : user_pref("extensions.asktb.r", "4");
Zeile gefunden : user_pref("extensions.asktb.sa", "YES");
Zeile gefunden : user_pref("extensions.asktb.saguid", "6A290C34-AA87-409F-9D90-51617125F2F4");
Zeile gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Zeile gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-first", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Zeile gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Zeile gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Zeile gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Zeile gefunden : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Zeile gefunden : user_pref("extensions.asktb.themeid", "");
Zeile gefunden : user_pref("extensions.asktb.v", "3.13.1.100009");
Zeile gefunden : user_pref("extensions.asktb.volume", "");
Zeile gefunden : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,toolbar@ask.com:3.11.3.15590,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA[...]
Zeile gefunden : user_pref("icqtoolbar.allowSendURL", false);
Zeile gefunden : user_pref("icqtoolbar.defSearchChange", true);
Zeile gefunden : user_pref("icqtoolbar.engineVerified", true);
Zeile gefunden : user_pref("icqtoolbar.geolastmodified", 1324369591);
Zeile gefunden : user_pref("icqtoolbar.hiddenElements", "itb_options");
Zeile gefunden : user_pref("icqtoolbar.history", "the%20west%20tool||the%20west%20braune%20fellhosen||the%20west%20sets||the%20west%20pfadfinderbeil||the%20west%20st%C3%BCckchen%20kohle||h%C3%BClsenfr%C3%BCchte||kiefe[...]
Zeile gefunden : user_pref("icqtoolbar.hpChange", true);
Zeile gefunden : user_pref("icqtoolbar.icqgeo", 49);
Zeile gefunden : user_pref("icqtoolbar.installTime", "1324369591");
Zeile gefunden : user_pref("icqtoolbar.installsource", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab2_state", false);
Zeile gefunden : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gefunden : user_pref("icqtoolbar.newtab_state", "1");
Zeile gefunden : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gefunden : user_pref("icqtoolbar.previousFFVersion", "8.0");
Zeile gefunden : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gefunden : user_pref("icqtoolbar.suggestions", false);
Zeile gefunden : user_pref("icqtoolbar.uniqueID", "162186274018828852541286988094155");
Zeile gefunden : user_pref("icqtoolbar.usageStatstTimestamp", 1324854436);
Zeile gefunden : user_pref("icqtoolbar.userEngineApproved", true);
Zeile gefunden : user_pref("icqtoolbar.userHpApproved", true);
Zeile gefunden : user_pref("icqtoolbar.version", "1.4.2");
Zeile gefunden : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gefunden : user_pref("icqtoolbar.voucherWasShown", 12);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gefunden : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gefunden : user_pref("icqtoolbar.xmlLanguage", "de");
Zeile gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_DE&apn_uid=BD250736-ADFB-4B30-AD87-DA9DD36B18EB&apn_ptnrs=PV&apn_sauid=6A290C34-AA87-409F-9D90-51[...]


-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10969 octets] - [14/01/2014 10:55:23]
AdwCleaner[R2].txt - [11079 octets] - [14/01/2014 11:03:36]
AdwCleaner[R3].txt - [10789 octets] - [14/01/2014 11:10:34]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]
AdwCleaner[S1].txt - [11008 octets] - [14/01/2014 10:58:30]
AdwCleaner[S2].txt - [11118 octets] - [14/01/2014 11:06:47]


########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [11033 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org


Datenbank Version: v2014.01.14.03


Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
user :: JAN-PC [Administrator]


14.01.2014 14:43:41
MBAM-log-2014-01-14 (19-48-47).txt


Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 597728
Laufzeit: 5 Stunde(n), 1 Minute(n), 1 Sekunde(n)


Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)


Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)


Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)


Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)


Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)


Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)


Infizierte Dateien: 2
C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Temp\SetupDataMngr_Searchqu.exe.vir (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
C:\Users\user\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Keine Aktion durchgeführt.


(Ende)

# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 13:28:08
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : user - 
# Gestartet von : C:\Users\user\Desktop\AdwCleaner (1).exe
# Option : Suchen


***** [ Dienste ] *****




***** [ Dateien / Ordner ] *****




***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.16428




-\\ Mozilla Firefox v26.0 (de)


[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\oo97tx57.default\prefs.js ]




-\\ Google Chrome v31.0.1650.63


[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [22043 octets] - [14/01/2014 10:42:41]
AdwCleaner[R1].txt - [10969 octets] - [14/01/2014 10:55:23]
AdwCleaner[R2].txt - [11079 octets] - [14/01/2014 11:03:36]
AdwCleaner[R3].txt - [11134 octets] - [14/01/2014 11:10:34]
AdwCleaner[R4].txt - [11256 octets] - [14/01/2014 11:18:33]
AdwCleaner[R5].txt - [11378 octets] - [14/01/2014 11:46:35]
AdwCleaner[R6].txt - [1221 octets] - [14/01/2014 13:28:08]
AdwCleaner[S0].txt - [21166 octets] - [14/01/2014 10:47:13]
AdwCleaner[S1].txt - [11008 octets] - [14/01/2014 10:58:30]
AdwCleaner[S2].txt - [11118 octets] - [14/01/2014 11:06:47]
AdwCleaner[S3].txt - [11173 octets] - [14/01/2014 11:14:47]
AdwCleaner[S4].txt - [11295 octets] - [14/01/2014 11:22:51]
AdwCleaner[S5].txt - [11420 octets] - [14/01/2014 12:06:58]


########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [1647 octets] ##########