Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Browser wartet auf Antwort von pb.blabber.com

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 23.10.2012, 13:39   #1
Jutta60
 
Browser wartet auf Antwort von pb.blabber.com - Unglücklich

Browser wartet auf Antwort von pb.blabber.com



Hallo,

ich bin in Sachen Pc ein ziemlicher Laie. Heute früh, als ich auf die Seite vom Arbeitsamt gehen wollte, dauerte es bis die Seite geladen hatte. Unten war dann aber zu lesen....warten auf www.pb.blabber.com. Dann öffnete sich ein Fenster, in dem mitgeteilt wurde, dass die Seite nicht reagiert mit der Option abbrechen oder Warten. Wenn ich auf warten klickte, ging nach knapp einer Minute die Seite wieder, sobald ich aber darin etwas aufrufen wollte, kam das mit blabber wieder. Auch wenn es sehr mühsam war, mit dem warten, fand ich über google den Link zu diesem Forum. Ich hab Malewarebytes auch runtergeladen, das Programm fand über 40 Dinge.
Desweiteren habe ich heute vormittag dann noch Avira installiert, da bekam ich dann auch eine Meldung.

Ich poste jetzt mal die txt. dateien und hoffe, dass mir hier jemand helfen kann.


Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 23. Oktober 2012  09:21


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : GERST-PC

Versionsinformationen:
BUILD.DAT      : 13.0.0.2688    48279 Bytes  28.09.2012 10:06:00
AVSCAN.EXE     : 13.4.0.190    625440 Bytes  26.09.2012 13:58:14
AVSCANRC.DLL   : 13.4.0.163     64800 Bytes  19.09.2012 17:20:53
LUKE.DLL       : 13.4.0.184     66848 Bytes  25.09.2012 09:00:15
AVSCPLR.DLL    : 13.4.0.190     93984 Bytes  26.09.2012 13:58:22
AVREG.DLL      : 13.4.0.180    245536 Bytes  24.09.2012 11:05:45
avlode.dll     : 13.4.0.202    419616 Bytes  23.10.2012 05:32:34
avlode.rdf     : 13.0.0.24       7196 Bytes  27.09.2012 09:30:38
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 13:50:29
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 13:50:31
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 13:50:34
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 13:50:36
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 13:50:37
VBASE005.VDF   : 7.11.34.116  4034048 Bytes  29.06.2012 13:42:40
VBASE006.VDF   : 7.11.41.250  4902400 Bytes  06.09.2012 13:42:40
VBASE007.VDF   : 7.11.45.207  2363904 Bytes  11.10.2012 05:32:19
VBASE008.VDF   : 7.11.45.208     2048 Bytes  11.10.2012 05:32:19
VBASE009.VDF   : 7.11.45.209     2048 Bytes  11.10.2012 05:32:19
VBASE010.VDF   : 7.11.45.210     2048 Bytes  11.10.2012 05:32:19
VBASE011.VDF   : 7.11.45.211     2048 Bytes  11.10.2012 05:32:19
VBASE012.VDF   : 7.11.45.212     2048 Bytes  11.10.2012 05:32:19
VBASE013.VDF   : 7.11.45.213     2048 Bytes  11.10.2012 05:32:19
VBASE014.VDF   : 7.11.46.65    220160 Bytes  16.10.2012 05:32:20
VBASE015.VDF   : 7.11.46.153   173568 Bytes  18.10.2012 05:32:21
VBASE016.VDF   : 7.11.46.223   162304 Bytes  19.10.2012 05:32:21
VBASE017.VDF   : 7.11.47.35    126464 Bytes  22.10.2012 05:32:22
VBASE018.VDF   : 7.11.47.36      2048 Bytes  22.10.2012 05:32:22
VBASE019.VDF   : 7.11.47.37      2048 Bytes  22.10.2012 05:32:22
VBASE020.VDF   : 7.11.47.38      2048 Bytes  22.10.2012 05:32:22
VBASE021.VDF   : 7.11.47.39      2048 Bytes  22.10.2012 05:32:22
VBASE022.VDF   : 7.11.47.40      2048 Bytes  22.10.2012 05:32:22
VBASE023.VDF   : 7.11.47.41      2048 Bytes  22.10.2012 05:32:22
VBASE024.VDF   : 7.11.47.42      2048 Bytes  22.10.2012 05:32:22
VBASE025.VDF   : 7.11.47.43      2048 Bytes  22.10.2012 05:32:22
VBASE026.VDF   : 7.11.47.44      2048 Bytes  22.10.2012 05:32:23
VBASE027.VDF   : 7.11.47.45      2048 Bytes  22.10.2012 05:32:23
VBASE028.VDF   : 7.11.47.46      2048 Bytes  22.10.2012 05:32:23
VBASE029.VDF   : 7.11.47.47      2048 Bytes  22.10.2012 05:32:23
VBASE030.VDF   : 7.11.47.48      2048 Bytes  22.10.2012 05:32:23
VBASE031.VDF   : 7.11.47.62      5632 Bytes  23.10.2012 05:32:23
Engineversion  : 8.2.10.187
AEVDF.DLL      : 8.1.2.10      102772 Bytes  19.09.2012 13:42:55
AESCRIPT.DLL   : 8.1.4.60      463227 Bytes  23.10.2012 05:32:33
AESCN.DLL      : 8.1.9.2       131444 Bytes  26.09.2012 13:54:07
AESBX.DLL      : 8.2.5.12      606578 Bytes  28.08.2012 15:58:06
AERDL.DLL      : 8.1.9.15      639348 Bytes  27.08.2012 13:50:15
AEPACK.DLL     : 8.3.0.38      811382 Bytes  23.10.2012 05:32:32
AEOFFICE.DLL   : 8.1.2.48      201082 Bytes  24.09.2012 13:06:59
AEHEUR.DLL     : 8.1.4.118    5423480 Bytes  23.10.2012 05:32:31
AEHELP.DLL     : 8.1.25.2      258423 Bytes  23.10.2012 05:32:24
AEGEN.DLL      : 8.1.5.38      434548 Bytes  26.09.2012 13:54:07
AEEXP.DLL      : 8.2.0.6       115060 Bytes  23.10.2012 05:32:33
AEEMU.DLL      : 8.1.3.2       393587 Bytes  19.09.2012 13:42:55
AECORE.DLL     : 8.1.28.2      201079 Bytes  26.09.2012 13:54:07
AEBB.DLL       : 8.1.1.3        53621 Bytes  23.10.2012 05:32:24
AVWINLL.DLL    : 13.4.0.163     25888 Bytes  19.09.2012 17:09:30
AVPREF.DLL     : 13.4.0.163     50464 Bytes  19.09.2012 17:07:51
AVREP.DLL      : 13.4.0.163    177952 Bytes  19.09.2012 17:08:15
AVARKT.DLL     : 13.4.0.184    260384 Bytes  25.09.2012 08:51:51
AVEVTLOG.DLL   : 13.4.0.185    167200 Bytes  25.09.2012 08:52:37
SQLITE3.DLL    : 3.7.0.1       397088 Bytes  19.09.2012 17:17:40
AVSMTP.DLL     : 13.4.0.163     62240 Bytes  19.09.2012 17:08:54
NETNT.DLL      : 13.4.0.163     15648 Bytes  19.09.2012 17:16:26
RCIMAGE.DLL    : 13.4.0.163   4780832 Bytes  19.09.2012 17:21:16
RCTEXT.DLL     : 13.4.0.163     68384 Bytes  19.09.2012 17:21:16

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_50862f0a\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: vollständig

Beginn des Suchlaufs: Dienstag, 23. Oktober 2012  09:21

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'AvastSvc.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'FreemakeUtilsService.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'ibsvc.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'ICQ Service.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'MotoHelperService.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'ForwardDaemon.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtlService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtWlan.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'MotoHelperAgent.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'ExtensionUpdaterService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'dmwu.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'vsnpstd3.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'GPlayer.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'FixCamera.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'tsnpstd3.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACDaemon.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchospt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'cy-Software.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'AvastUI.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SweetPacksUpdateManager.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'ArcCon.ac' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'tbhcn.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchosptd.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Gerst\AppData\Local\Temp\YontooSetup-Silent.exe'
C:\Users\Gerst\AppData\Local\Temp\YontooSetup-Silent.exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/Yontoo.E.1
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '562cd4cd.qua' verschoben!


Ende des Suchlaufs: Dienstag, 23. Oktober 2012  09:22
Benötigte Zeit: 00:53 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   1170 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   1169 Dateien ohne Befall
     12 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
OTL Logfile:
         
Code:
ATTFilter
OTL logfile created on: 23.10.2012 13:48:32 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gerst\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,29% Memory free
7,50 Gb Paging File | 6,01 Gb Available in Paging File | 80,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,30 Gb Total Space | 7,73 Gb Free Space | 8,20% Space Free | Partition Type: NTFS
Drive D: | 59,48 Gb Total Space | 22,11 Gb Free Space | 37,18% Space Free | Partition Type: NTFS
Drive E: | 32,43 Gb Total Space | 0,25 Gb Free Space | 0,76% Space Free | Partition Type: NTFS
 
Computer Name: GERST-PC | User Name: Gerst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.23 13:47:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gerst\Downloads\OTL.exe
PRC - [2012.10.19 02:26:06 | 001,573,584 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.10.06 11:23:36 | 000,592,640 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.08.23 15:40:04 | 000,188,760 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012.07.29 16:28:12 | 004,862,424 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe
PRC - [2012.06.28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.28 14:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.05.31 12:53:00 | 000,096,768 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012.02.26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.06.27 08:27:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.06.25 17:41:38 | 001,126,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtWlan.exe
PRC - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
PRC - [2007.05.10 13:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe
PRC - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\Windows\tsnpstd3.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.02 08:02:30 | 002,105,368 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.07.02 11:16:06 | 000,695,448 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe
MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe
MOD - [2007.05.10 13:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe
MOD - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\Windows\tsnpstd3.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.09.13 15:26:50 | 001,259,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (WebOptimizer)
SRV - [2012.10.09 18:49:43 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.06 11:23:36 | 000,592,640 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.08.23 15:40:04 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.05.31 12:53:00 | 000,096,768 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.04.16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe -- (Realtek11nSU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.09.13 15:52:59 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.06.28 14:52:39 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.06.28 14:52:36 | 000,958,912 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.06.28 14:52:36 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.06.28 14:52:36 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.06.28 14:52:35 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.06.28 14:52:34 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.06.08 16:08:28 | 000,031,232 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 20:00:04 | 000,031,832 | ---- | M] (Cybits AG) [verify-U]_System) [verify-U]_System [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cy-driver.sys -- ([verify-U]_System)
DRV:64bit: - [2011.06.28 11:37:16 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.08.12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.01.21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010.01.21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010.01.21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2010.01.07 03:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.19 11:26:34 | 001,154,560 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2008.04.24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007.10.16 10:36:46 | 010,693,120 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2010.11.22 10:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys -- (X5XSEx)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.10.16 10:35:58 | 010,376,576 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\snpstd3.sys -- (SNPSTD3)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04}
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.02010003&st=12&q={searchTerms}&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=116267&tt=031012_ccp_4012_6&babsrc=HP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = about:blank [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 E9 77 F5 9D 1E CC 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0E56EB6B-AFC4-439F-AB39-40693BF25B51}: "URL" = hxxp://ws.infospace.com/gamers_brw/ws/redir?_iceUrl=true&user_id=%userid&tool_id=%toolid&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=116267&tt=031012_ccp_4012_6&babsrc=SP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe
IE - HKCU\..\SearchScopes\{165E4D4F-A036-48BA-AD91-0F9C5FDC87E5}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE
IE - HKCU\..\SearchScopes\{3F156C3E-BC8D-47D8-82CD-532708C206DB}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{849EC6B9-1AFE-4BED-9F22-852F0703B527}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{9B00DCB6-800A-4479-B45D-9EB370AD1CE1}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_deDE472
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb187?a=(6PQCUKlbFX)&search={searchTerms}&i=26
IE - HKCU\..\SearchScopes\{E406284B-E174-4AAE-9985-EB0FDF2F0185}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{E8356815-64A8-44A1-B82D-4B35780D47D1}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.02010003&st=12&q={searchTerms}&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.3.4
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb165?a=6PQCUKlbFX&i=26"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.08.31 13:01:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.03 19:22:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.06.13 18:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.08.31 13:01:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.23 22:59:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.10 14:55:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.06 11:24:58 | 000,000,000 | ---D | M]
 
[2011.12.23 23:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\Extensions
[2012.10.23 07:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions
[2012.10.07 19:38:39 | 000,000,000 | ---D | M] (IMVU Inc) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2012.06.13 18:02:06 | 000,000,000 | ---D | M] (FreeMake Community Toolbar) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{adca5064-9e30-43fe-9856-58b07a3149fe}
[2012.08.24 07:38:45 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com
[2012.10.23 07:30:51 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@ask.com
[2012.10.06 11:26:10 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Users\Gerst\AppData\Roaming\mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@web.de
[2012.02.19 23:26:07 | 000,018,684 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\ich@maltegoetz.de.xpi
[2012.10.06 11:26:06 | 000,563,640 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\toolbar@web.de.xpi
[2012.08.07 22:29:57 | 000,172,310 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.10.06 11:26:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012.10.06 11:26:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012.10.06 11:26:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire
[2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire
[2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012.10.06 11:26:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire
[2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire
[2012.10.06 11:26:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire
[2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire
[2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire
[2012.10.06 11:26:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire
[2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012.10.06 11:26:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire
[2012.10.06 11:26:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012.10.06 11:26:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012.10.06 11:26:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2012.10.06 11:26:30 | 000,000,933 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\11-suche.xml
[2012.10.23 07:30:51 | 000,002,344 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\askcom.xml
[2012.10.06 11:24:57 | 000,002,547 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\browsemngr.xml
[2012.06.05 17:20:58 | 000,000,919 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\conduit.xml
[2012.10.06 11:26:31 | 000,002,419 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\englische-ergebnisse.xml
[2012.10.06 11:26:29 | 000,010,525 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\gmx-suche.xml
[2012.10.06 11:26:31 | 000,002,457 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\lastminute.xml
[2012.10.06 11:40:10 | 000,002,126 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\MyStart Search.xml
[2012.08.24 07:38:45 | 000,002,792 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\Plusnetwork.xml
[2012.08.07 22:30:13 | 000,004,003 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\sweetim.xml
[2012.10.06 11:26:27 | 000,005,508 | ---- | M] () -- C:\Users\Gerst\AppData\Roaming\mozilla\firefox\profiles\5y6df0pe.default\searchplugins\webde-suche.xml
[2012.04.04 19:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.04 19:07:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.13 18:02:36 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX
[2012.08.31 13:01:15 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012.10.06 11:24:58 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.762.17\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.03.08 12:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll
[2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.06 11:24:43 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: king.com - Game controller for firefox (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmidas.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Avira Toolbar = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.29869_0\
CHR - Extension: YouTube = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Browser Companion Helper = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Google-Suche = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: avast! WebRep = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: Freemake Video Converter = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: New tab for Chrome\\u2122 = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: FreemakeTB = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\2.3.17.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Facecons = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\2.0_0\
CHR - Extension: Settings Protector = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Avira Toolbar = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.10.29869_0\
CHR - Extension: YouTube = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Browser Companion Helper = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
CHR - Extension: Google-Suche = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: avast! WebRep = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: Freemake Video Converter = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: New tab for Chrome\\u2122 = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: FreemakeTB = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\2.3.17.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Facecons = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\2.0_0\
CHR - Extension: Settings Protector = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (FreeMake Toolbar) - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FACECONS Class) - {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files (x86)\Facecons\facecons.dll (Facecons)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (FreeMake Toolbar) - {adca5064-9e30-43fe-9856-58b07a3149fe} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FreeMake Toolbar) - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - C:\Program Files (x86)\FreeMake\prxtbFree.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKCU..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - Startup: C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Gerst\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CE976F9-0BE1-4D2D-8773-C839AFCF0B7B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28971C0A-B5D4-436E-A623-321BDD4BD2FA}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{407316FD-96FB-4A7F-8010-DF46878B8816}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46DCC40F-AB48-4726-8C36-4F68BF427F0D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF8E938-8437-447E-9B80-14C9D34F7281}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADC954C4-9302-4A68-8CDE-7A5B72F4DF3F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2E6A9AD-8C62-4C4A-AED1-3082D1B70BAF}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53aec07a-8a90-11e0-af16-0025228ccbe2}\Shell - "" = AutoRun
O33 - MountPoints2\{53aec07a-8a90-11e0-af16-0025228ccbe2}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{544d7c6d-a14e-11e0-b89d-0025228ccbe2}\Shell - "" = AutoRun
O33 - MountPoints2\{544d7c6d-a14e-11e0-b89d-0025228ccbe2}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\{544d7c72-a14e-11e0-b89d-0025228ccbe2}\Shell - "" = AutoRun
O33 - MountPoints2\{544d7c72-a14e-11e0-b89d-0025228ccbe2}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.23 08:28:46 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Malwarebytes
[2012.10.23 08:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.23 08:28:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.23 08:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.23 08:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.23 07:34:53 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Avira
[2012.10.23 07:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.23 07:30:37 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\AskToolbar
[2012.10.23 07:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.10.23 07:30:13 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\APN
[2012.10.23 07:29:50 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.23 07:29:50 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.10.23 07:29:50 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.10.23 07:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.23 07:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.10.10 12:49:35 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 12:49:34 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 12:49:33 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 12:49:28 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 12:49:28 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 12:49:27 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 12:49:27 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 12:49:26 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 12:49:26 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 12:49:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 12:49:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 12:49:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 12:49:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 12:49:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 12:49:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 12:49:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 12:49:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 12:49:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 12:49:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 12:49:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 12:49:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 12:49:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 12:49:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 12:49:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 12:49:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 12:49:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 12:49:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 12:49:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 12:49:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 12:49:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 12:49:21 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 12:49:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 12:49:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 12:49:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 12:49:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 12:49:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 12:49:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 12:49:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 12:49:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 12:49:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 12:49:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 12:49:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 12:49:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 12:49:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 12:49:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 12:49:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 12:48:48 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 12:48:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.07 19:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMVU_Inc
[2012.10.06 11:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012.10.06 11:50:03 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\PC_Drivers_Headquarters
[2012.10.06 11:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2012.10.06 11:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012.10.06 11:27:17 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Local\Macromedia
[2012.10.06 11:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2012.10.06 11:25:05 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012.10.06 11:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.10.06 11:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.10.06 10:59:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.10.06 10:59:50 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.10.06 10:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.10.06 10:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012.10.06 09:18:15 | 000,000,000 | ---D | C] -- C:\Users\Gerst\AppData\Roaming\Canneverbe Limited
[2012.10.06 09:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.10.06 09:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012.09.27 15:03:18 | 000,035,328 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2012.09.26 05:16:05 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.23 13:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.23 13:43:50 | 000,000,000 | ---- | M] () -- C:\Users\Gerst\defogger_reenable
[2012.10.23 13:31:59 | 000,017,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 13:31:59 | 000,017,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 13:24:18 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.23 13:23:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.23 13:23:48 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.23 13:20:30 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.23 11:10:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-782898060-67044703-3243815555-1002UA.job
[2012.10.23 11:10:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-782898060-67044703-3243815555-1002Core.job
[2012.10.23 08:28:38 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.23 07:31:01 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.23 06:19:30 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.23 06:19:30 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.23 06:19:30 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.23 06:19:30 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.23 06:19:30 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.09 18:49:42 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 18:49:42 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.07 19:38:42 | 000,000,009 | ---- | M] () -- C:\END
[2012.10.06 11:28:00 | 000,002,495 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2012.10.06 09:18:02 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.23 13:43:50 | 000,000,000 | ---- | C] () -- C:\Users\Gerst\defogger_reenable
[2012.10.23 08:28:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.23 07:31:01 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 19:38:42 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.06 11:28:00 | 000,002,495 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
[2012.10.06 09:18:02 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.10.06 09:18:02 | 000,001,895 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.09.27 15:03:18 | 001,259,888 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe
[2012.08.07 22:29:17 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012.05.26 10:52:10 | 000,270,806 | ---- | C] () -- C:\Users\Gerst\Bewerbung Klinikum SüW.pdf
[2012.03.10 08:32:15 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2012.03.10 08:32:15 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll
[2012.02.25 20:13:04 | 001,590,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.09 15:50:04 | 000,009,728 | ---- | C] () -- C:\Users\Gerst\Weihnachtstombola der Naturfreunde.wps
[2011.12.09 15:39:32 | 000,014,622 | ---- | C] () -- C:\Users\Gerst\Weihnachtstombola der Naturfreunde.odt
[2011.12.08 14:33:45 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2011.10.16 11:56:22 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2011.09.30 18:05:49 | 000,000,680 | RHS- | C] () -- C:\Users\Gerst\ntuser.pol
[2011.08.24 13:18:50 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011.06.10 15:30:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.06.09 18:03:34 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011.06.09 18:03:24 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2011.06.09 18:03:24 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2011.06.09 18:03:23 | 000,155,648 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2011.06.09 18:03:23 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2011.06.09 18:03:23 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2011.06.09 18:03:23 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2011.06.02 11:59:54 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011.06.02 11:59:54 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011.05.31 20:06:43 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2011.05.30 14:50:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.05.30 09:41:17 | 000,143,360 | R--- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2011.05.30 09:41:08 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2011.05.30 09:40:42 | 000,002,123 | R--- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2011.05.30 09:40:42 | 000,000,094 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.10.2012 13:48:32 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gerst\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,29% Memory free
7,50 Gb Paging File | 6,01 Gb Available in Paging File | 80,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,30 Gb Total Space | 7,73 Gb Free Space | 8,20% Space Free | Partition Type: NTFS
Drive D: | 59,48 Gb Total Space | 22,11 Gb Free Space | 37,18% Space Free | Partition Type: NTFS
Drive E: | 32,43 Gb Total Space | 0,25 Gb Free Space | 0,76% Space Free | Partition Type: NTFS
 
Computer Name: GERST-PC | User Name: Gerst | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3A65BD88-3DA7-46E9-8B7E-B949781CE597}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot | 
"{9AF94A04-1259-4D74-B307-B184F9FEE679}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot | 
"{F7332919-DD5D-4929-9871-04CFB91F96AA}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0266AF75-8D91-4563-88DE-2DDFEE05B149}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{0C32D58F-F5A3-4C81-9286-9C8BF1340042}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{0CE05ECF-A68E-4A5C-8C3C-2072FC388666}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{1F38CE2F-FCFD-47D9-B454-4EE4857EA38A}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{37FE820C-FD37-4303-9921-F6D6F53EBA13}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3B59BE10-F2CD-4A56-936F-C71093ED3008}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{4394B77F-A615-4EAF-8A11-2057E5A96061}" = protocol=6 | dir=in | app=c:\program files (x86)\hama\wireless lan rtl8192su\rtwlan.exe | 
"{44E25921-0AE4-437C-9341-8D8938647E25}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{468D685C-0BFD-4548-A576-261013792523}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{5401BA3A-3731-4A3D-A24D-AA90187DB922}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{5F773F45-6C99-48CF-938F-D88F6943B169}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{845E682C-406E-4FA4-8593-3905F609FE20}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{92789CD6-6283-4CFF-AD64-84217451F235}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{958650BC-EB80-468E-B0E6-619BFA14B7A3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{9C7B26BF-8B5E-40BA-88EF-85601D273788}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 
"{A28A2C2B-8A40-464E-A785-7686DFD0E543}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A73FF78D-1669-4E66-A47C-21AF9B2C43CA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A96A7188-70BF-4502-ADF5-07B2DFE88BE4}" = protocol=17 | dir=in | app=c:\program files (x86)\hama\wireless lan rtl8192su\rtwlan.exe | 
"{BA131863-4815-41E4-803C-02CE498ED657}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{C8D71B59-9055-4079-882F-E54F5DE6C287}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{CE138D92-6EAC-4F90-84E4-61A8052EC221}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{D332E49E-D404-47E7-B137-C98066FF1B92}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{E840EAC5-A048-4364-AC00-D93EB955C66B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{38137F8A-EAA7-4F76-B658-D44F1D963B39}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
"UDP Query User{BD002E5F-75A6-47B6-9D2A-B7BDA8745BA3}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4E7CCB76-687B-4C53-9A5E-08780AF3A551}" = Motorola Mobile Drivers Installation 5.9.0
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A2862596-B7C3-4D7F-A227-40FEDDF1332B}" = WEB.DE Toolbar MSVC100 CRT x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"38BB6F2F20AD589004D14C8F9B04E9BE033828B2" = Windows-Treiberpaket - Ralink (netr28ux) Net  (04/21/2008 2.01.06.0000)
"418E0AE0FB62AFD7C73A95F3BEF0D83B37684839" = Windows-Treiberpaket - Atheros Communications Inc. (athrusb) Net  (03/26/2008 2.2.0.15)
"5FEC02015B1D869BDDC0AE1E5B573F8B3632FE20" = Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net  (05/19/2008 2.00.06.0000)
"93A6F6D028ABE440673A298C1022FF011EF69A50" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187) Net  (01/30/2007 6.1281.0130.2007)
"A9580A5A4845F3496B74332CAA559990264D75FE" = Windows-Treiberpaket - Ralink (rt70x64) Net  (10/09/2007 3.01.00.0000)
"AEB58C7600F3E7F186524F3093CEC6C99B9603D7" = Windows-Treiberpaket - Ralink Technology Corp. (rt61x64) Net  (09/28/2007 2.01.00.0000)
"C17B1F81B9B462DE0D3C29AC6F621693D7D413F8" = Windows-Treiberpaket - Realtek Semiconductor Corp. (RTL8187B) Net  (09/04/2007 6.1102.0904.2007)
"CD89980E6EC55B37A729DFD159B87C86CB4A3D0F" = Windows-Treiberpaket - Ralink Technology, Inc. (RT2500) Net  (06/01/2006 3.02.00.0000)
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"D70E51E1F6FCCAB16F80032C95267FF16609C9DC" = Windows-Treiberpaket - Ralink (netr7364) Net  (02/26/2008 3.01.4.0000)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SURF-SITTER PC" = JuSProg
"WNLT" = Web Optimizer
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{09D95363-4C6D-4C37-B9E0-B4C7D5B1F7BF}" = OpenOffice.org 3.2
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{1650594B-3979-48DB-B8F2-4634CAA872A3}_is1" = Bounty Bay Online
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2AADC4EE-94C8-422B-977B-547774C4A463}" = Motorola Device Software Update
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4AEFE4FD-8EF1-4D61-B3CF-52016EAE6692}" = Hama Webcam Suite
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{60CE924D-12CB-4A96-8B75-18F92CE1D585}" = CrazyTalk v6.21 PRO Testversion
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774C0434-9948-4DEE-A14E-69CDD316E36C}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8F4507EF-C5F3-46CE-9718-9D3698821333}" = Motorola Driver Installation
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1" = Artweaver Free 3.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Hama Wireless LAN Adapter
"{9F8B32EB-0B7D-4565-8627-26AEB84BE9DA}_is1" = Asgars wilde Abeneteuer
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Hama Webcam AC-150
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = WEB.DE Toolbar für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira Free Antivirus
"BabylonToolbar" = Babylon toolbar 
"BrowserCompanion" = BrowserCompanion
"Call of Duty" = Call of Duty
"exent_642550" = Jewel Quest 3
"Facecons" = Facecons
"Foxit Reader_is1" = Foxit Reader 5.0
"FreeMake Toolbar" = FreeMake Toolbar
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.0.2
"Game Cam" = Game Cam 2.6.1.0
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"IMVU_Inc Toolbar" = IMVU Inc Toolbar
"incredibar" = Incredibar Toolbar  on IE
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"king.com" = king.com (remove only)
"LG Internet Kit" = LG Internet Kit
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Updater Service" = Updater Service
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.10.2012 00:00:25 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2012 03:12:28 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2012 06:37:39 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2012 09:17:54 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2012 10:22:24 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.10.2012 14:27:21 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 00:14:14 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 00:32:34 | Computer Name = Gerst-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: a34    Startzeit: 01cdb0d73fc2d4ee    Endzeit: 5    Anwendungspfad: C:\Program
 Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 23.10.2012 01:47:16 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 07:25:38 | Computer Name = Gerst-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 07.07.2012 01:41:01 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 07:40:55 - Fehler beim Herstellen der Internetverbindung.  07:40:55 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 27.07.2012 02:05:12 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 08:05:04 - Fehler beim Herstellen der Internetverbindung.  08:05:04 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.09.2012 11:17:53 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:17:53 - Fehler beim Herstellen der Internetverbindung.  17:17:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.09.2012 11:18:03 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:17:58 - Fehler beim Herstellen der Internetverbindung.  17:17:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.09.2012 12:18:08 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 18:18:08 - Fehler beim Herstellen der Internetverbindung.  18:18:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.09.2012 12:18:15 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 18:18:13 - Fehler beim Herstellen der Internetverbindung.  18:18:13 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.09.2012 11:43:41 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:43:41 - Fehler beim Herstellen der Internetverbindung.  17:43:41 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.09.2012 11:43:52 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:43:47 - Fehler beim Herstellen der Internetverbindung.  17:43:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.10.2012 11:42:03 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:42:03 - Fehler beim Herstellen der Internetverbindung.  17:42:03 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.10.2012 11:42:13 | Computer Name = Gerst-PC | Source = MCUpdate | ID = 0
Description = 17:42:09 - Fehler beim Herstellen der Internetverbindung.  17:42:09 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 22.10.2012 10:20:50 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 22.10.2012 10:21:20 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Freemake Improver erreicht.
 
Error - 22.10.2012 10:21:20 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 22.10.2012 14:25:38 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 22.10.2012 14:26:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Freemake Improver erreicht.
 
Error - 22.10.2012 14:26:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 23.10.2012 00:12:40 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 23.10.2012 00:13:26 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 ICQ Service erreicht.
 
Error - 23.10.2012 01:45:45 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
Error - 23.10.2012 07:24:08 | Computer Name = Gerst-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%3
 
 
< End of report >
         
--- --- ---

Geändert von cosinus (27.10.2012 um 19:32 Uhr) Grund: CODE-Tags

Alt 25.10.2012, 12:26   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser wartet auf Antwort von pb.blabber.com - Standard

Browser wartet auf Antwort von pb.blabber.com



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________

__________________

Alt 27.10.2012, 08:51   #3
Jutta60
 
Browser wartet auf Antwort von pb.blabber.com - Standard

Browser wartet auf Antwort von pb.blabber.com



Hallo, danke erstmal für die Antwort :-)

Also, inzwischen geht bei mir das browsen wieder. Ich denke mal es lag an dem Fund von Avira, den ich als erstes gepostet hatte. Allerdings geht mein Pc recht langsam, da ist wohl einiges im argen.

Hier nun das Ergebnis vom Adw-Cleaner

Code:
ATTFilter
# AdwCleaner v2.005 - Datei am 27/10/2012 um 09:45:48 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Gerst - GERST-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Gerst\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Browser Manager
Gefunden : IBUpdaterService
Gefunden : ICQ Service
Gefunden : Web Assistant Updater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Gerst\AppData\Local\Temp\Uninstall.exe
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\browsemngr.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\MyStart Search.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\Plusnetwork.xml
Datei Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\searchplugins\SweetIm.xml
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\BabylonToolbar
Ordner Gefunden : C:\Program Files (x86)\BrowserCompanion
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\FreeMake
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\Program Files (x86)\IMVU_Inc
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files (x86)\SweetIM
Ordner Gefunden : C:\Program Files\Web Assistant
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\FreeMake
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\InstallMate
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMake
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\ProgramData\SweetIM
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Gerst\AppData\Local\APN
Ordner Gefunden : C:\Users\Gerst\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\CT2612669
Ordner Gefunden : C:\Users\Gerst\AppData\Local\Temp\CT3214568
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Gerst\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\iWin
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeMake
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\ConduitCommon
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\CT3214568
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\{adca5064-9e30-43fe-9856-58b07a3149fe}
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\bbrs_002@blabbers.com
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\SweetPacksToolbarData
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Gerst\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Gerst\Documents\FreeMake
Ordner Gefunden : C:\Users\Oliver\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Oliver\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Users\Oliver\Documents\FreeMake
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\FreeMake
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\IMVU_Inc
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\incredibar.com
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Toibas\AppData\LocalLow\SweetIM
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ordner Gefunden : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Freecause
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Freemake
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\IMVU_Inc
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Freemake
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\kgficikadnmmefckdecajlmffkbagomp
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\AVG Secure Search
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\Freemake
Schlüssel Gefunden : HKLM\Software\IMVU_Inc
Schlüssel Gefunden : HKLM\Software\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{04CEFF5B-A46D-4417-8018-43A059BDF9A6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kgficikadnmmefckdecajlmffkbagomp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660DE797-5EB5-4A06-A923-B305E8931A8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E2D7089-E2AA-45AB-848E-E0BE066119E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{786B2D71-892B-4464-A456-CF9B26FF806E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F53A28E5-4E41-4CEE-AA62-6ED99771222E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADCA5064-9E30-43FE-9856-58B07A3149FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeMake Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKLM\SOFTWARE\Web Assistant
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKU\S-1-5-21-782898060-67044703-3243815555-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{ADCA5064-9E30-43FE-9856-58B07A3149FE}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F495EF-CA62-47F7-B716-52B5F832EB04}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=116267&tt=031012_ccp_4012_6&babsrc=HP_ss&mntrId=4ceb4670000000000000001f1fe1a3fe

-\\ Mozilla Firefox v9.0.1 (de)

Profilname : default 
Datei : C:\Users\Gerst\AppData\Roaming\Mozilla\Firefox\Profiles\5y6df0pe.default\prefs.js

Gefunden : user_pref("CT3214568.autoDisableScopes", -1);
Gefunden : user_pref("browser.search.order.1", "Ask.com");
Gefunden : user_pref("extensions.incredibar_i.aflt", "orgnl");
Gefunden : user_pref("extensions.incredibar_i.dfltLng", "");
Gefunden : user_pref("extensions.incredibar_i.did", "10665");
Gefunden : user_pref("extensions.incredibar_i.excTlbr", false);
Gefunden : user_pref("extensions.incredibar_i.id", "4ceb4670000000000000001f1fe1a3fe");
Gefunden : user_pref("extensions.incredibar_i.installerproductid", "26");
Gefunden : user_pref("extensions.incredibar_i.instlDay", "15530");
Gefunden : user_pref("extensions.incredibar_i.instlRef", "");
Gefunden : user_pref("extensions.incredibar_i.ms_url_id", "");
Gefunden : user_pref("extensions.incredibar_i.newTab", false);
Gefunden : user_pref("extensions.incredibar_i.ppd", "");
Gefunden : user_pref("extensions.incredibar_i.prdct", "incredibar");
Gefunden : user_pref("extensions.incredibar_i.productid", "26");
Gefunden : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Gefunden : user_pref("extensions.incredibar_i.smplGrp", "none");
Gefunden : user_pref("extensions.incredibar_i.tlbrId", "base");
Gefunden : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQCUKlbFX&loc=IB[...]
Gefunden : user_pref("extensions.incredibar_i.upn2", "6PQCUKlbFX");
Gefunden : user_pref("extensions.incredibar_i.upn2n", "92543199019085837");
Gefunden : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Gefunden : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:14:39");
Gefunden : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Gefunden : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb187?a=6PQCUKlbFX&i=26");
Gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb165?[...]
Gefunden : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.02010003&st=12&barid={C2F[...]
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "MyStart Search");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale[...]
Gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Gefunden : user_pref("CT2612669.autoDisableScopes",  0);
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultenginename", "Ask.com");
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://mystart.incredibar.com/mb187?a=(6PQCUK[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Gerst\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.12] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE",
Gefunden [l.59] : icon_url = "hxxp://www.ask.com/favicon.ico",
Gefunden [l.62] : keyword = "ask.com",
Gefunden [l.65] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=4d495a22-3780-4c56-90b8-dd81efb6744e&apn_ptnrs=%5EAGS&apn_sauid=0F52967E-EE34-4C6D-A946-867E0A67AEFE&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}",
Gefunden [l.66] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}"
Gefunden [l.1865] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE",

Datei : C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Toibas\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [44213 octets] - [27/10/2012 09:45:48]

########## EOF - C:\AdwCleaner[R1].txt - [44274 octets] ##########
         
__________________

Geändert von cosinus (27.10.2012 um 19:34 Uhr) Grund: CODE-Tags

Alt 27.10.2012, 19:39   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser wartet auf Antwort von pb.blabber.com - Standard

Browser wartet auf Antwort von pb.blabber.com



Ok einiges an Toolbars ist da. Das entfernen wir später.

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Browser wartet auf Antwort von pb.blabber.com
adware, application/pdf:, audacity, aufrufe, avira, avira searchfree toolbar, babylon toolbar, babylontoolbar, bho, browser, browser manager, desktop, excel, fehler, firefox, flash player, google, home, ibupdaterservice, iexplore.exe, incredibar toolbar, installation, logfile, msiexec.exe, object, origin, plug-in, programm, prozesse, realtek, registry, rundll, security, svchospt.exe, svchost.exe, sweetim, taskhost.exe, teamspeak, windows, wuauclt.exe




Ähnliche Themen: Browser wartet auf Antwort von pb.blabber.com


  1. Wie kann ich eine Antwort posten?
    Lob, Kritik und Wünsche - 07.04.2014 (6)
  2. Antwort auf meinen Thread
    Lob, Kritik und Wünsche - 17.01.2014 (2)
  3. Antwort erwünscht
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (22)
  4. Antwort an Cosinus unmöglich
    Lob, Kritik und Wünsche - 23.09.2013 (0)
  5. Ca. 50 PUP.Blabber Trojaner !
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (34)
  6. search plus site in Google Chrome und PUP.Blabber entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (10)
  7. PUP Blabber auf dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (1)
  8. Seit 48 Stunden keine Antwort
    Lob, Kritik und Wünsche - 17.01.2012 (1)
  9. Keine Antwort
    Lob, Kritik und Wünsche - 15.03.2009 (3)
  10. mein log bitte um antwort
    Mülltonne - 04.02.2009 (0)
  11. HiJackThis Log-File (bitte um Antwort)
    Mülltonne - 21.10.2008 (0)
  12. Danke für die schnelle antwort
    Plagegeister aller Art und deren Bekämpfung - 10.09.2008 (9)
  13. Keine direkt Antwort möglich?
    Lob, Kritik und Wünsche - 24.09.2007 (6)
  14. Bitte um Auswertung und Antwort !
    Mülltonne - 06.11.2006 (1)
  15. kurze frage, schnelle antwort? ;)
    Alles rund um Windows - 08.10.2005 (15)
  16. trojana jeder antwort were hilfreich
    Log-Analyse und Auswertung - 20.07.2005 (2)

Zum Thema Browser wartet auf Antwort von pb.blabber.com - Hallo, ich bin in Sachen Pc ein ziemlicher Laie. Heute früh, als ich auf die Seite vom Arbeitsamt gehen wollte, dauerte es bis die Seite geladen hatte. Unten war dann - Browser wartet auf Antwort von pb.blabber.com...
Archiv
Du betrachtest: Browser wartet auf Antwort von pb.blabber.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.