live security platinum

emmibemmi · 26.07.2012, 19:28

ich hab mir heute leider diesen blöden virus eingefangen und bitte euch mir zu helfen.

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

26.07.2012 17:19:03
mbam-log-2012-07-26 (17-19-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 393714
Laufzeit: 2 Stunde(n), 57 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Toshiba\Drivers\DVD\DirectX\tdxinstall.exe (Spyware.Zbot.OUT) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3b1c8303-27e5ee22 (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus · 30.07.2012, 10:14

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

emmibemmi · 30.07.2012, 10:55

Hallo Arne,
ja ich habe mit Malwarebytes schon meherere Quikscans und auch vollständige Suchläufe durchgeführt....wenn ich unter Logdateien gehe stehen da alle Scans einzeln aufgeführt. Wenn ich die einzelnen Posten anklicke geht ein kleines Fenster auf, soll ich das von allen Scans kopieren und hier einfügen, oder nun von dem letzten vollständigen Scan? Bitte nicht lachen

hab wirklich nicht viel Ahnung von PC! LG

cosinus · 30.07.2012, 16:08

Nein, davon will ich bitte alle sehen

emmibemmi · 30.07.2012, 16:16

So, jetzt gehts los

2012/07/30 00:36:25 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/30 00:36:37 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/30 00:36:37 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.28.07 to version v2012.07.29.09
2012/07/30 00:36:40 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/30 17:11:17 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/30 17:11:20 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/30 17:11:23 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/30 17:11:23 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

2012/07/29 00:35:42 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/29 00:35:52 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/29 00:35:52 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.27.11 to version v2012.07.28.07
2012/07/29 00:36:07 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/29 20:11:32 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/29 20:11:37 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/29 20:11:40 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/29 20:11:40 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

2012/07/28 00:40:54 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/28 00:41:05 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/28 00:41:05 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.26.16 to version v2012.07.27.11
2012/07/28 00:41:26 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully

2012/07/27 01:01:25 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/27 01:01:35 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.26.11 to version v2012.07.26.16
2012/07/27 01:01:35 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/27 01:01:37 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully

2012/07/26 16:27:25 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 16:27:30 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 16:27:33 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 16:27:33 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/07/26 16:27:42 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/26 16:27:48 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/26 16:43:07 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/26 16:43:08 +0200 SHORTYTINE-PC shortytine MESSAGE Database already up-to-date
2012/07/26 17:18:02 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 17:18:06 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 17:18:09 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 17:18:09 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/07/26 20:34:15 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 20:34:19 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 20:34:22 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 20:34:22 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.29.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

30.07.2012 13:44:24
mbam-log-2012-07-30 (13-44-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 397228
Laufzeit: 3 Stunde(n), 6 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\shortytine\AppData\Local\Temp\tmp59606db0\jquery-uigui.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\Temp\tmp848dc81c\jquery-uigui.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.26.16

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

27.07.2012 18:48:16
mbam-log-2012-07-27 (18-48-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 395087
Laufzeit: 2 Stunde(n), 46 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.26.16

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

27.07.2012 18:43:00
mbam-log-2012-07-27 (18-43-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203683
Laufzeit: 5 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

26.07.2012 17:19:03
mbam-log-2012-07-26 (17-19-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 393714
Laufzeit: 2 Stunde(n), 57 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Toshiba\Drivers\DVD\DirectX\tdxinstall.exe (Spyware.Zbot.OUT) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3b1c8303-27e5ee22 (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [limitiert]

Schutz: Aktiviert

26.07.2012 16:38:34
mbam-log-2012-07-26 (16-38-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203668
Laufzeit: 7 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\shortytine\Downloads\SoftonicDownloader_fuer_kaspersky-free-cleaner.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

So, das waren alle, hoffe du kannst damit was anfangen,
LG emmibemmi

cosinus · 30.07.2012, 20:06

Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
Dein Anti-Virus-Programm während des Scans deaktivieren.

Button (<< klick) drücken.
- Firefox-User:
  Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User:
  müssen das Installieren eines ActiveX Elements erlauben.
Setze den einen Haken bei Yes, i accept the Terms of Use.
Drücke den Button.
Warte bis die Komponenten herunter geladen wurden.
Setze einen Haken bei "Scan archives".
Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
drücken.
Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

Klicke Finish.
Browser schließen.

Drücke bitte die

+ R Taste und kopiere folgenden Text in das Ausführen Fenster.

Code:

ATTFilter

"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"

Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:

ATTFilter

"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"

Poste nun den Inhalt der log.txt.

emmibemmi · 31.07.2012, 14:06

Hallo Arne, habe jetzt nach deiner Anweisung ESET ausgeführt, hier das Ergebnis:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=964901916e17eb449cb12c9b74e65b21
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-31 12:39:43
# local_time=2012-07-31 02:39:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 14320460 14320460 0 0
# compatibility_mode=5892 16776574 66 100 446561 181263672 0 0
# compatibility_mode=8192 67108863 100 0 159 159 0 0
# scanned=201078
# found=1
# cleaned=0
# scan_time=7438
C:\Users\shortytine\Downloads\Programme\SweetImSetup (2).exe a variant of Win32/SweetIM.A application (unable to clean) 00000000000000000000000000000000 I

LG emmibemmi

cosinus · 31.07.2012, 19:30

Code:

ATTFilter

C:\Users\shortytine\Downloads\SoftonicDownloader_fuer_kaspersky-free-cleaner.exe

Vermüllte Software von Softonic scheint gerade stark in Mode zu sein!

Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

emmibemmi · 31.07.2012, 19:59

Hallo Arne, hier der Inhalt von der Log Datei,LG emmibemmi

# AdwCleaner v1.703 - Logfile created 07/31/2012 at 20:56:31
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : shortytine - SHORTYTINE-PC
# Running from : C:\Users\shortytine\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Found : C:\Users\shortytine\AppData\LocalLow\Conduit
Folder Found : C:\Users\shortytine\AppData\LocalLow\PriceGong
Folder Found : C:\Users\shortytine\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Gast\AppData\LocalLow\PriceGong
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\Conduit
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitCommon
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitEngine
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\SweetIMToolbarData
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Program Files\PriceGong
Folder Found : C:\Program Files\Softonic
Folder Found : C:\Program Files\SweetIM
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

***** [H. Navipromo] *****

File Found : C:\Users\shortytine\AppData\Local\qiueiam.bat
File Found : C:\Users\shortytine\AppData\Local\qiueiam.dat
File Found : C:\Users\shortytine\AppData\Local\qiueiam_nav.dat
File Found : C:\Users\shortytine\AppData\Local\qiueiam_navps.dat

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIm
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\SOFTWARE\SweetIM
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Found : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\prefs.js

Found : user_pref("CT2431245..clientLogIsEnabled", false);
Found : user_pref("CT2431245..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2431245..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2431245.AppTrackingLastCheckTime", "Sat May 26 2012 07:17:15 GMT+0200");
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129453394044193841", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129659302539581540", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129682601309982614", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129780209672379590", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129790544018252482", true);
Found : user_pref("CT2431245.CTID", "CT2431245");
Found : user_pref("CT2431245.CurrentServerDate", "31-7-2012");
Found : user_pref("CT2431245.DialogsAlignMode", "LTR");
Found : user_pref("CT2431245.DialogsGetterLastCheckTime", "Mon Jul 30 2012 08:19:01 GMT+0200");
Found : user_pref("CT2431245.DownloadReferralCookieData", "");
Found : user_pref("CT2431245.EMailNotifierPollDate", "Wed Dec 15 2010 22:04:47 GMT+0100");
Found : user_pref("CT2431245.EnableClickToSearchBox", false);
Found : user_pref("CT2431245.EnableSearchHistory", true);
Found : user_pref("CT2431245.EnableSearchSuggest", false);
Found : user_pref("CT2431245.FeedLastCount129009402595187825", 961);
Found : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Found : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Found : user_pref("CT2431245.FeedTTL7470634014970726540", 2);
Found : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Found : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Found : user_pref("CT2431245.FirstServerDate", "12-12-2010");
Found : user_pref("CT2431245.FirstTime", true);
Found : user_pref("CT2431245.FirstTimeFF3", true);
Found : user_pref("CT2431245.FixPageNotFoundErrors", true);
Found : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2431245.HasUserGlobalKeys", true);
Found : user_pref("CT2431245.HomePageProtectorEnabled", false);
Found : user_pref("CT2431245.HomepageBeforeUnload", "hxxp://www.google.com");
Found : user_pref("CT2431245.Initialize", true);
Found : user_pref("CT2431245.InitializeCommonPrefs", true);
Found : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2431245.InstallationId", "integrated_CT2431245 .exe");
Found : user_pref("CT2431245.InstallationType", "ConduitIntegration");
Found : user_pref("CT2431245.InstalledDate", "Sun Dec 12 2010 09:31:41 GMT+0100");
Found : user_pref("CT2431245.InvalidateCache", false);
Found : user_pref("CT2431245.IsAlertDBUpdated", true);
Found : user_pref("CT2431245.IsGrouping", false);
Found : user_pref("CT2431245.IsMulticommunity", false);
Found : user_pref("CT2431245.IsOpenThankYouPage", false);
Found : user_pref("CT2431245.IsOpenUninstallPage", true);
Found : user_pref("CT2431245.LanguagePackLastCheckTime", "Mon Jul 30 2012 20:06:44 GMT+0200");
Found : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2431245.LastLogin_3.11.0.3", "Sun May 06 2012 17:58:09 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.12.2.3", "Mon May 21 2012 18:58:49 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.13.0.6", "Tue Jul 31 2012 16:21:47 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.2.1.3", "Thu Dec 16 2010 14:17:45 GMT+0100");
Found : user_pref("CT2431245.LatestVersion", "3.14.1.0");
Found : user_pref("CT2431245.Locale", "de-de");
Found : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Found : user_pref("CT2431245.MCDetectTooltipShow", false);
Found : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Found : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2431245.RadioIsPodcast", false);
Found : user_pref("CT2431245.RadioLastCheckTime", "Wed Dec 15 2010 09:32:10 GMT+0100");
Found : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Found : user_pref("CT2431245.RadioMediaID", "20503672");
Found : user_pref("CT2431245.RadioMediaType", "Media Player");
Found : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Found : user_pref("CT2431245.RadioShrinked", "shrinked");
Found : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Found : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Found : user_pref("CT2431245.SHRINK_TOOLBAR", 0);
Found : user_pref("CT2431245.SavedHomepage", "hxxp://www.google.de/");
Found : user_pref("CT2431245.SearchBackToDefaultEngine", false);
Found : user_pref("CT2431245.SearchBoxWidth", 164);
Found : user_pref("CT2431245.SearchEngineBeforeUnload", "ICQ Search");
Found : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Found : user_pref("CT2431245.SearchInNewTabEnabled", true);
Found : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2431245.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2431245.SearchProtectorEnabled", false);
Found : user_pref("CT2431245.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2431245.ServiceMapLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.SettingsLastCheckTime", "Tue Jul 31 2012 17:04:30 GMT+0200");
Found : user_pref("CT2431245.SettingsLastUpdate", "1339926569");
Found : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Sat May 19 2012 15:48:15 GMT+0200");
Found : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1331806000");
Found : user_pref("CT2431245.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2431245");
Found : user_pref("CT2431245.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2431245.UserID", "UN84968042798076232");
Found : user_pref("CT2431245.ValidationData_Search", 2);
Found : user_pref("CT2431245.ValidationData_Toolbar", 2);
Found : user_pref("CT2431245.WeatherNetwork", "");
Found : user_pref("CT2431245.WeatherPollDate", "Wed Dec 15 2010 22:01:11 GMT+0100");
Found : user_pref("CT2431245.WeatherUnit", "C");
Found : user_pref("CT2431245.alertChannelId", "825452");
Found : user_pref("CT2431245.approveUntrustedApps", false);
Found : user_pref("CT2431245.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Found : user_pref("CT2431245.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Found : user_pref("CT2431245.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Found : user_pref("CT2431245.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Found : user_pref("CT2431245.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Found : user_pref("CT2431245.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Found : user_pref("CT2431245.backendstorage./9b+7e06cg5el8:", "6E6D6E6D6C746C6D7174");
Found : user_pref("CT2431245.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737473727A7273777A242F4B4947[...]
Found : user_pref("CT2431245.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Found : user_pref("CT2431245.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Found : user_pref("CT2431245.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Found : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Found : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Found : user_pref("CT2431245.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Found : user_pref("CT2431245.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Found : user_pref("CT2431245.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Found : user_pref("CT2431245.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Found : user_pref("CT2431245.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Found : user_pref("CT2431245.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Found : user_pref("CT2431245.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Found : user_pref("CT2431245.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Found : user_pref("CT2431245.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Found : user_pref("CT2431245.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Found : user_pref("CT2431245.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Found : user_pref("CT2431245.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Found : user_pref("CT2431245.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2431245.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Found : user_pref("CT2431245.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Found : user_pref("CT2431245.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Found : user_pref("CT2431245.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Found : user_pref("CT2431245.backendstorage./9b-0?3g>d", "3E686A3F724042737A7775477920497E4A7A25207D21242A54[...]
Found : user_pref("CT2431245.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2431245.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2431245.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2431245.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Found : user_pref("CT2431245.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2431245.backendstorage./9b5ba==9cjag", "6C3F706E404340407A4277717A7875494B4F207B4D");
Found : user_pref("CT2431245.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D6C746C6D717176767B");
Found : user_pref("CT2431245.backendstorage./9b90e@8ff=eg", "393F352F3E");
Found : user_pref("CT2431245.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2431245.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2431245.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2431245.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2431245.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2431245.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2431245.backendstorage.autocompletepro_enable_auto", "31");
Found : user_pref("CT2431245.backendstorage.ct2431245isadsdisabled", "66616C7365");
Found : user_pref("CT2431245.backendstorage.printitgreenstatus", "74727565");
Found : user_pref("CT2431245.backendstorage.shoppingapp.gk.exipres", "546875204D617920303320323031322030383A[...]
Found : user_pref("CT2431245.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Found : user_pref("CT2431245.components.1000034", false);
Found : user_pref("CT2431245.components.1000082", false);
Found : user_pref("CT2431245.components.1000234", false);
Found : user_pref("CT2431245.components.1042240440808890403", false);
Found : user_pref("CT2431245.components.129009402593156547", false);
Found : user_pref("CT2431245.components.129009402595187825", false);
Found : user_pref("CT2431245.components.129009402595656583", false);
Found : user_pref("CT2431245.components.129009402596594108", false);
Found : user_pref("CT2431245.components.129235916598147545", false);
Found : user_pref("CT2431245.components.129281065370906720", false);
Found : user_pref("CT2431245.components.129453393919975934", false);
Found : user_pref("CT2431245.components.129453393922944692", false);
Found : user_pref("CT2431245.components.129453393923725944", false);
Found : user_pref("CT2431245.components.129453394044193841", false);
Found : user_pref("CT2431245.components.129530497903908208", false);
Found : user_pref("CT2431245.components.129659302539581540", false);
Found : user_pref("CT2431245.components.129682601309982614", false);
Found : user_pref("CT2431245.components.129687697467407697", false);
Found : user_pref("CT2431245.components.129780209672379590", false);
Found : user_pref("CT2431245.components.129790544018252482", false);
Found : user_pref("CT2431245.components.3101995424177833784", false);
Found : user_pref("CT2431245.components.7717972408976606873", false);
Found : user_pref("CT2431245.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2431245.globalFirstTimeInfoLastCheckTime", "Mon May 28 2012 12:04:18 GMT+0200");
Found : user_pref("CT2431245.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2431245.initDone", true);
Found : user_pref("CT2431245.isAppTrackingManagerOn", true);
Found : user_pref("CT2431245.myStuffEnabled", true);
Found : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2431245.oldAppsList", "129009402577063104,129009402577844366,111,129790544018252482,129[...]
Found : user_pref("CT2431245.revertSettingsEnabled", true);
Found : user_pref("CT2431245.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2431245.searchProtectorEnableByLogin", true);
Found : user_pref("CT2431245.testingCtid", "");
Found : user_pref("CT2431245.toolbarAppMetaDataLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.toolbarContextMenuLastCheckTime", "Sat May 26 2012 09:09:56 GMT+0200");
Found : user_pref("CT2431245.usageEnabled", false);
Found : user_pref("CT2431245.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63427934310393[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT2431245.xml", "\"07ba0[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2431245");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\shortytine\\AppData\\Roaming\\Mozil[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Oct 28 2011 15:52:28 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Nov 09 2011 14:07:33 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Nov 09 2011 14:07:26 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "d8217608-fd8c-4802-a772-00db858ffd00");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Dec 15 2010 09:31:39 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "9dc865f7-0b8d-4a49-87b7-28feec4be75b");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 26 2012 09:09:5[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 01 2012 13:29:22 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 01 2012 13:29:14 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "f2b20d2b-5de1-4646-8900-a7d0247b52c7");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Nov 01 2011 14:08:18 GMT+0100");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Nov 08 2011 14:07:43 GMT+0100");
Found : user_pref("ConduitEngine.FirstServerDate", "03/09/2011 09");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Wed Mar 09 2011 07:01:02 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Nov 09 2011 14:07:31 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Apr 13 2011 20:52:03 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.UserID", "UN79667253251872383");
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Nov 09 2011 14:07:28 GMT+0100");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 1);
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "softonic-de3 Customized Web Search");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "SD");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.dfltLng", "de");
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.id", "30fbabcf00000000000000216bb399de");
Found : user_pref("extensions.Softonic.instlDay", "15476");
Found : user_pref("extensions.Softonic.instlRef", "MON00015");
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Found : user_pref("extensions.Softonic.tlbrId", "base");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Found : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Found : user_pref("extensions.Softonic_i.newTab", false);
Found : user_pref("extensions.Softonic_i.smplGrp", "none");
Found : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.015:13:15");
Found : user_pref("extensions.facemoods._xpiupdate", true);
Found : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Found : user_pref("extensions.facemoods.firstRun", "true");
Found : user_pref("extensions.facemoods.id", "_#cbf483cd0ffe4fe3957727af763c8698");
Found : user_pref("extensions.facemoods.instlDay", "_#15310");
Found : user_pref("extensions.facemoods.sid", "_#cbf483cd0ffe4fe3957727af763c8698");
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Bing");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEF[...]
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.de/");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.bing.com/search?FORM=IEFM1&q=");
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history", "stayfriends,quoka,freemail.de,meinvz,freemail,autoscout[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{AD9FC17A-6E79-499C-88B6-A5C7099205DF}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Found : user_pref("sweetim.toolbar.version", "1.3.0.1");

Profile name : default
File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\0iuoe0av.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "explicit_host": [ "hxxp://*.facemoods.com/*" ],
Found : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Found : "name": "Facemoods",
Found : "permissions": [ "tabs", "cookies", "hxxp://*.facemoods.com/" ],
Found : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",

*************************

AdwCleaner[R1].txt - [43871 octets] - [31/07/2012 20:56:31]

########## EOF - C:\AdwCleaner[R1].txt - [44000 octets] ##########

cosinus · 01.08.2012, 19:07

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

emmibemmi · 01.08.2012, 19:26

So, hier wieder der Inhalt der Textdatei

# AdwCleaner v1.703 - Logfile created 08/01/2012 at 20:20:36
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : shortytine - SHORTYTINE-PC
# Running from : C:\Users\shortytine\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Gast\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\Conduit
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitCommon
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitEngine
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\SweetIMToolbarData
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Program Files\PriceGong
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\SweetIM
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

***** [H. Navipromo] *****

File Deleted : C:\Users\shortytine\AppData\Local\qiueiam.bat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam.dat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam_nav.dat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam_navps.dat

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\SweetIM
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\prefs.js

C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\user.js ... Deleted !

Deleted : user_pref("CT2431245..clientLogIsEnabled", false);
Deleted : user_pref("CT2431245..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2431245..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2431245.AppTrackingLastCheckTime", "Sat May 26 2012 07:17:15 GMT+0200");
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129453394044193841", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129659302539581540", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129682601309982614", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129780209672379590", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129790544018252482", true);
Deleted : user_pref("CT2431245.CTID", "CT2431245");
Deleted : user_pref("CT2431245.CurrentServerDate", "31-7-2012");
Deleted : user_pref("CT2431245.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2431245.DialogsGetterLastCheckTime", "Mon Jul 30 2012 08:19:01 GMT+0200");
Deleted : user_pref("CT2431245.DownloadReferralCookieData", "");
Deleted : user_pref("CT2431245.EMailNotifierPollDate", "Wed Dec 15 2010 22:04:47 GMT+0100");
Deleted : user_pref("CT2431245.EnableClickToSearchBox", false);
Deleted : user_pref("CT2431245.EnableSearchHistory", true);
Deleted : user_pref("CT2431245.EnableSearchSuggest", false);
Deleted : user_pref("CT2431245.FeedLastCount129009402595187825", 961);
Deleted : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634014970726540", 2);
Deleted : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Deleted : user_pref("CT2431245.FirstServerDate", "12-12-2010");
Deleted : user_pref("CT2431245.FirstTime", true);
Deleted : user_pref("CT2431245.FirstTimeFF3", true);
Deleted : user_pref("CT2431245.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2431245.HasUserGlobalKeys", true);
Deleted : user_pref("CT2431245.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2431245.HomepageBeforeUnload", "hxxp://www.google.com");
Deleted : user_pref("CT2431245.Initialize", true);
Deleted : user_pref("CT2431245.InitializeCommonPrefs", true);
Deleted : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2431245.InstallationId", "integrated_CT2431245 .exe");
Deleted : user_pref("CT2431245.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2431245.InstalledDate", "Sun Dec 12 2010 09:31:41 GMT+0100");
Deleted : user_pref("CT2431245.InvalidateCache", false);
Deleted : user_pref("CT2431245.IsAlertDBUpdated", true);
Deleted : user_pref("CT2431245.IsGrouping", false);
Deleted : user_pref("CT2431245.IsMulticommunity", false);
Deleted : user_pref("CT2431245.IsOpenThankYouPage", false);
Deleted : user_pref("CT2431245.IsOpenUninstallPage", true);
Deleted : user_pref("CT2431245.LanguagePackLastCheckTime", "Mon Jul 30 2012 20:06:44 GMT+0200");
Deleted : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2431245.LastLogin_3.11.0.3", "Sun May 06 2012 17:58:09 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.12.2.3", "Mon May 21 2012 18:58:49 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.13.0.6", "Tue Jul 31 2012 16:21:47 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.2.1.3", "Thu Dec 16 2010 14:17:45 GMT+0100");
Deleted : user_pref("CT2431245.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2431245.Locale", "de-de");
Deleted : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2431245.MCDetectTooltipShow", false);
Deleted : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2431245.RadioIsPodcast", false);
Deleted : user_pref("CT2431245.RadioLastCheckTime", "Wed Dec 15 2010 09:32:10 GMT+0100");
Deleted : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Deleted : user_pref("CT2431245.RadioMediaID", "20503672");
Deleted : user_pref("CT2431245.RadioMediaType", "Media Player");
Deleted : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Deleted : user_pref("CT2431245.RadioShrinked", "shrinked");
Deleted : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Deleted : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Deleted : user_pref("CT2431245.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT2431245.SavedHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CT2431245.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2431245.SearchBoxWidth", 164);
Deleted : user_pref("CT2431245.SearchEngineBeforeUnload", "ICQ Search");
Deleted : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2431245.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2431245.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2431245.SearchProtectorEnabled", false);
Deleted : user_pref("CT2431245.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2431245.ServiceMapLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.SettingsLastCheckTime", "Tue Jul 31 2012 17:04:30 GMT+0200");
Deleted : user_pref("CT2431245.SettingsLastUpdate", "1339926569");
Deleted : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Sat May 19 2012 15:48:15 GMT+0200");
Deleted : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1331806000");
Deleted : user_pref("CT2431245.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2431245");
Deleted : user_pref("CT2431245.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2431245.UserID", "UN84968042798076232");
Deleted : user_pref("CT2431245.ValidationData_Search", 2);
Deleted : user_pref("CT2431245.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2431245.WeatherNetwork", "");
Deleted : user_pref("CT2431245.WeatherPollDate", "Wed Dec 15 2010 22:01:11 GMT+0100");
Deleted : user_pref("CT2431245.WeatherUnit", "C");
Deleted : user_pref("CT2431245.alertChannelId", "825452");
Deleted : user_pref("CT2431245.approveUntrustedApps", false);
Deleted : user_pref("CT2431245.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e06cg5el8:", "6E6D6E6D6C746C6D7174");
Deleted : user_pref("CT2431245.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737473727A7273777A242F4B4947[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Deleted : user_pref("CT2431245.backendstorage./9b-0?3g>d", "3E686A3F724042737A7775477920497E4A7A25207D21242A54[...]
Deleted : user_pref("CT2431245.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2431245.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2431245.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2431245.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Deleted : user_pref("CT2431245.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Deleted : user_pref("CT2431245.backendstorage./9b5ba==9cjag", "6C3F706E404340407A4277717A7875494B4F207B4D");
Deleted : user_pref("CT2431245.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D6C746C6D717176767B");
Deleted : user_pref("CT2431245.backendstorage./9b90e@8ff=eg", "393F352F3E");
Deleted : user_pref("CT2431245.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2431245.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2431245.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2431245.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2431245.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2431245.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2431245.backendstorage.autocompletepro_enable_auto", "31");
Deleted : user_pref("CT2431245.backendstorage.ct2431245isadsdisabled", "66616C7365");
Deleted : user_pref("CT2431245.backendstorage.printitgreenstatus", "74727565");
Deleted : user_pref("CT2431245.backendstorage.shoppingapp.gk.exipres", "546875204D617920303320323031322030383A[...]
Deleted : user_pref("CT2431245.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Deleted : user_pref("CT2431245.components.1000034", false);
Deleted : user_pref("CT2431245.components.1000082", false);
Deleted : user_pref("CT2431245.components.1000234", false);
Deleted : user_pref("CT2431245.components.1042240440808890403", false);
Deleted : user_pref("CT2431245.components.129009402593156547", false);
Deleted : user_pref("CT2431245.components.129009402595187825", false);
Deleted : user_pref("CT2431245.components.129009402595656583", false);
Deleted : user_pref("CT2431245.components.129009402596594108", false);
Deleted : user_pref("CT2431245.components.129235916598147545", false);
Deleted : user_pref("CT2431245.components.129281065370906720", false);
Deleted : user_pref("CT2431245.components.129453393919975934", false);
Deleted : user_pref("CT2431245.components.129453393922944692", false);
Deleted : user_pref("CT2431245.components.129453393923725944", false);
Deleted : user_pref("CT2431245.components.129453394044193841", false);
Deleted : user_pref("CT2431245.components.129530497903908208", false);
Deleted : user_pref("CT2431245.components.129659302539581540", false);
Deleted : user_pref("CT2431245.components.129682601309982614", false);
Deleted : user_pref("CT2431245.components.129687697467407697", false);
Deleted : user_pref("CT2431245.components.129780209672379590", false);
Deleted : user_pref("CT2431245.components.129790544018252482", false);
Deleted : user_pref("CT2431245.components.3101995424177833784", false);
Deleted : user_pref("CT2431245.components.7717972408976606873", false);
Deleted : user_pref("CT2431245.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2431245.globalFirstTimeInfoLastCheckTime", "Mon May 28 2012 12:04:18 GMT+0200");
Deleted : user_pref("CT2431245.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2431245.initDone", true);
Deleted : user_pref("CT2431245.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2431245.myStuffEnabled", true);
Deleted : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2431245.oldAppsList", "129009402577063104,129009402577844366,111,129790544018252482,129[...]
Deleted : user_pref("CT2431245.revertSettingsEnabled", true);
Deleted : user_pref("CT2431245.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2431245.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2431245.testingCtid", "");
Deleted : user_pref("CT2431245.toolbarAppMetaDataLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.toolbarContextMenuLastCheckTime", "Sat May 26 2012 09:09:56 GMT+0200");
Deleted : user_pref("CT2431245.usageEnabled", false);
Deleted : user_pref("CT2431245.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63427934310393[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT2431245.xml", "\"07ba0[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2431245");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\shortytine\\AppData\\Roaming\\Mozil[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Oct 28 2011 15:52:28 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Nov 09 2011 14:07:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Nov 09 2011 14:07:26 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "d8217608-fd8c-4802-a772-00db858ffd00");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Dec 15 2010 09:31:39 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "9dc865f7-0b8d-4a49-87b7-28feec4be75b");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 26 2012 09:09:5[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 01 2012 13:29:22 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 01 2012 13:29:14 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "f2b20d2b-5de1-4646-8900-a7d0247b52c7");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Nov 01 2011 14:08:18 GMT+0100");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Nov 08 2011 14:07:43 GMT+0100");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/09/2011 09");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Wed Mar 09 2011 07:01:02 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Nov 09 2011 14:07:31 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Apr 13 2011 20:52:03 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.UserID", "UN79667253251872383");
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Nov 09 2011 14:07:28 GMT+0100");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 1);
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "softonic-de3 Customized Web Search");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.id", "30fbabcf00000000000000216bb399de");
Deleted : user_pref("extensions.Softonic.instlDay", "15476");
Deleted : user_pref("extensions.Softonic.instlRef", "MON00015");
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Deleted : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Deleted : user_pref("extensions.Softonic_i.newTab", false);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.015:13:15");
Deleted : user_pref("extensions.facemoods._xpiupdate", true);
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.firstRun", "true");
Deleted : user_pref("extensions.facemoods.id", "_#cbf483cd0ffe4fe3957727af763c8698");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15310");
Deleted : user_pref("extensions.facemoods.sid", "_#cbf483cd0ffe4fe3957727af763c8698");
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Bing");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEF[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.de/");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.bing.com/search?FORM=IEFM1&q=");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history", "stayfriends,quoka,freemail.de,meinvz,freemail,autoscout[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{AD9FC17A-6E79-499C-88B6-A5C7099205DF}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Deleted : user_pref("sweetim.toolbar.version", "1.3.0.1");

Profile name : default
File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\0iuoe0av.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "explicit_host": [ "hxxp://*.facemoods.com/*" ],
Deleted : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Deleted : "name": "Facemoods",
Deleted : "permissions": [ "tabs", "cookies", "hxxp://*.facemoods.com/" ],
Deleted : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",

*************************

AdwCleaner[R1].txt - [44002 octets] - [31/07/2012 20:56:31]
AdwCleaner[S1].txt - [45127 octets] - [01/08/2012 20:20:36]

########## EOF - C:\AdwCleaner[S1].txt - [45256 octets] ##########

LG emmibemmi

cosinus · 02.08.2012, 14:30

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

emmibemmi · 03.08.2012, 16:22

Hi Arne, also hier und da tut sich windows noch schwer, und im startmenü habe ich 2 leere Ordner: 1. tablet pc und 2. live platinum security. was mir noch aufgefallen ist, ist das der ebay-icon von meinem desktop verschwunden ist....hoffe konnte deine fragen einigermaßen baentworten! LG emmibemmi

cosinus · 03.08.2012, 20:13

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

emmibemmi · 06.08.2012, 17:13

Code:

ATTFilter

OTL logfile created on: 06.08.2012 17:40:28 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\shortytine\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 59,23% Memory free
6,19 Gb Paging File | 5,04 Gb Available in Paging File | 81,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 16,70 Gb Free Space | 14,34% Space Free | Partition Type: NTFS
Drive E: | 114,98 Gb Total Space | 108,57 Gb Free Space | 94,43% Space Free | Partition Type: NTFS
 
Computer Name: SHORTYTINE-PC | User Name: shortytine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.06 17:38:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\shortytine\Downloads\OTL.exe
PRC - [2012.07.16 19:28:36 | 002,025,368 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.05.13 19:05:12 | 000,932,528 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.05.08 18:39:00 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 18:39:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 18:39:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:39:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008.08.25 10:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Programme\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008.08.19 22:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.08.18 23:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008.08.14 14:46:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008.07.15 16:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2008.07.10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.11.05 15:28:10 | 000,204,915 | ---- | M] (Option) -- C:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe
PRC - [2006.10.05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001.08.30 19:04:08 | 001,732,608 | ---- | M] () -- C:\Programme\ScanPanel\ScnPanel.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.13 19:05:12 | 000,932,528 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.09.02 13:29:52 | 000,098,304 | ---- | M] () -- C:\Programme\Photo!\Photo! Editor\IvBar\ivbshlext.dll
MOD - [2008.08.01 00:47:28 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2001.08.30 19:04:08 | 001,732,608 | ---- | M] () -- C:\Programme\ScanPanel\ScnPanel.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.08.03 18:49:13 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.16 19:28:36 | 002,025,368 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.17 21:24:29 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 18:39:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 18:39:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2008.08.26 15:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Programme\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008.08.25 10:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Programme\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008.08.19 22:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.08.18 23:22:02 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008.07.15 16:16:58 | 000,106,496 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008.07.10 17:58:40 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.11.05 15:28:10 | 000,204,915 | ---- | M] (Option) [Auto | Running] -- C:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe -- (GtDetectSc)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TpChoice.sys -- (TpChoice)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ManyCam.sys -- (ManyCam)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.05.08 18:39:00 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 18:39:00 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.01.19 20:31:56 | 000,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.08.19 22:01:44 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.08.07 17:01:44 | 000,097,536 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.08.06 16:26:08 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.08.01 02:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.07.15 20:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008.05.07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2008.04.28 06:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.02.07 00:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.12.14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.07.09 15:17:36 | 000,095,744 | ---- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2007.06.26 14:38:46 | 000,051,968 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007.03.30 14:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2006.11.28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2001.06.07 18:56:38 | 000,018,120 | ---- | M] (   ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArtecGT.sys -- (SampleScanner)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {1B1224D5-AEBB-4729-86EE-2919834152DD}
IE - HKLM\..\SearchScopes\{1B1224D5-AEBB-4729-86EE-2919834152DD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {1B1224D5-AEBB-4729-86EE-2919834152DD}
IE - HKU\.DEFAULT\..\SearchScopes\{1B1224D5-AEBB-4729-86EE-2919834152DD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {1B1224D5-AEBB-4729-86EE-2919834152DD}
IE - HKU\S-1-5-18\..\SearchScopes\{1B1224D5-AEBB-4729-86EE-2919834152DD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\SearchScopes,DefaultScope = {1B1224D5-AEBB-4729-86EE-2919834152DD}
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\SearchScopes\{1B1224D5-AEBB-4729-86EE-2919834152DD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-660773486-670838790-555106487-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.3
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.8.0.8
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\shortytine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.01 20:20:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.17 21:23:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.01 20:20:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.17 21:23:17 | 000,000,000 | ---D | M]
 
[2009.01.11 16:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shortytine\AppData\Roaming\mozilla\Extensions
[2012.08.01 20:20:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions
[2009.04.06 16:03:50 | 000,000,000 | ---D | M] (Media Converter) -- C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2012.03.28 22:08:38 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.25 11:11:46 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.31 08:09:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.08 19:47:07 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-1.xml
[2012.02.23 08:31:59 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-10.xml
[2012.03.22 22:31:14 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-11.xml
[2012.03.30 08:37:15 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-12.xml
[2012.05.03 14:44:18 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-13.xml
[2012.06.10 10:25:56 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-14.xml
[2012.06.23 22:13:55 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-15.xml
[2011.10.01 08:16:40 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-2.xml
[2011.11.10 08:01:52 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-3.xml
[2011.11.10 08:06:05 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-4.xml
[2011.11.17 16:36:03 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-5.xml
[2012.01.10 08:52:49 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-6.xml
[2012.02.01 19:35:13 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-7.xml
[2012.02.13 07:34:24 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-8.xml
[2012.02.16 07:39:42 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-9.xml
[2011.09.08 18:27:01 | 000,000,950 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin.xml
[2012.06.07 06:59:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.11.28 14:02:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.17 16:35:45 | 000,161,276 | ---- | M] () (No name found) -- C:\USERS\SHORTYTINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\89W409KX.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012.06.17 21:24:29 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.05 05:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.05 05:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.05 05:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.05 05:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.05 05:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.05 05:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U16 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Picasa (Enabled) = C:\Users\shortytine\Desktop\Picasa3\npPicasa3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2009.03.25 23:51:03 | 000,303,871 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 10469 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-660773486-670838790-555106487-1000\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-660773486-670838790-555106487-1000..\Run: [EPSON S22 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-660773486-670838790-555106487-1000..\Run: [Facebook Update] C:\Users\shortytine\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-660773486-670838790-555106487-1000..\Run: [Spotify] C:\Users\shortytine\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-660773486-670838790-555106487-1000..\Run: [Spotify Web Helper] C:\Users\shortytine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-660773486-670838790-555106487-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\shortytine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\shortytine\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-660773486-670838790-555106487-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{391309D1-8E72-49B9-A46D-AD924F924A9A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CCAD4DF-6DDD-4CA7-B035-9402331884D3}: DhcpNameServer = 10.74.83.22 193.254.160.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\shortytine\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\shortytine\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3381b621-db2e-11dd-935e-00216bb399de}\Shell - "" = AutoRun
O33 - MountPoints2\{3381b621-db2e-11dd-935e-00216bb399de}\Shell\AutoRun\command - "" = D:\setup.exe AUTORUN=1
O33 - MountPoints2\{c4797536-bfaf-11df-8c67-00235a01be7c}\Shell\AutoRun\command - "" = H:\PMBP_Win.exe
O33 - MountPoints2\{f92f2c28-6d30-11df-982b-00235a01be7c}\Shell - "" = AutoRun
O33 - MountPoints2\{f92f2c28-6d30-11df-982b-00235a01be7c}\Shell\AutoRun\command - "" = D:\VTP_Manager.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-660773486-670838790-555106487-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: wuauserv -  File not found
NetSvcs: BITS -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^web'n'walk Manager.lnk - C:\Programme\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe - (T-Mobile)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: FilterHost - hkey= - key= - C:\Users\shortytine\AppData\Roaming\mmserver\FilterHost.exe (Synatix GmbH)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SweetIM - hkey= - key= -  File not found
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.31 15:38:39 | 000,000,000 | ---D | C] -- C:\Users\shortytine\Desktop\Wilmes
[2012.07.31 12:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.26 16:26:07 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\Malwarebytes
[2012.07.26 16:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.26 16:25:57 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.26 16:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.26 16:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.26 16:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.07.26 08:34:46 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012.07.26 08:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF98FF4F56417C1067A12F3B707C
[2012.07.26 08:32:27 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\Ynoh
[2012.07.26 08:32:27 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\Puluom
[2012.07.26 08:32:27 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\Elagar
[2012.07.12 08:37:05 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\xmldm
[2012.07.12 08:37:05 | 000,000,000 | ---D | C] -- C:\Users\shortytine\AppData\Roaming\kock
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2012.08.06 17:00:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.06 16:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.06 16:35:01 | 000,001,158 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-660773486-670838790-555106487-1000UA.job
[2012.08.06 16:22:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 16:22:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.06 13:00:32 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.06 01:35:01 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-660773486-670838790-555106487-1000Core.job
[2012.08.02 16:53:49 | 000,062,976 | ---- | M] () -- C:\Users\shortytine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.01 20:28:29 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.01 20:28:29 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.01 20:28:29 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.01 20:28:29 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.01 20:22:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.01 20:22:14 | 3213,799,424 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.26 19:27:41 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2012.07.26 16:27:14 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.12 03:24:42 | 000,329,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\System32\
[2012.07.26 19:27:41 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2012.07.26 16:25:58 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.26 15:42:41 | 000,001,712 | ---- | C] () -- C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\00000001.@
[2012.07.26 08:33:06 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\00000001.@
[2012.01.11 09:53:39 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\@
[2012.01.11 09:53:39 | 000,002,048 | -HS- | C] () -- C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\@
[2011.10.10 17:08:20 | 000,144,476 | ---- | C] () -- C:\Users\shortytine\AppData\Roaming\mdbu.bin
[2011.08.13 15:15:13 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.07.20 15:51:45 | 000,000,000 | ---- | C] () -- C:\Windows\ka.ini
[2011.07.14 10:14:02 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.04.03 12:01:48 | 001,597,350 | ---- | C] () -- C:\Users\shortytine\o.cpr
[2011.04.03 11:38:53 | 066,771,186 | ---- | C] () -- C:\Users\shortytine\oma.cpr
[2011.01.23 15:18:08 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.12.11 21:34:19 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2010.12.11 21:27:32 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2010.12.11 21:27:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2010.12.11 21:27:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2010.12.11 21:27:24 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2010.12.11 21:27:23 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2010.11.17 16:37:58 | 000,000,987 | ---- | C] () -- C:\Users\shortytine\Bildbestellung.html
[2010.11.15 17:49:07 | 019,681,648 | ---- | C] () -- C:\Users\shortytine\zeitreise.cpr
[2010.11.11 10:27:39 | 000,200,704 | ---- | C] () -- C:\Windows\Ausba3.dll
[2010.11.11 10:27:39 | 000,011,464 | ---- | C] () -- C:\Windows\Dusb3ar.ini
[2010.11.11 10:27:39 | 000,002,654 | ---- | C] () -- C:\Windows\Ausba3.INI
[2010.11.11 10:27:39 | 000,001,242 | ---- | C] () -- C:\Windows\ScnPanel.ini
[2010.11.11 10:27:37 | 000,018,120 | ---- | C] (   ) -- C:\Windows\System32\drivers\ArtecGT.sys
[2010.11.11 10:27:31 | 000,001,630 | ---- | C] () -- C:\Windows\ArtecePlus.ini
[2010.10.21 18:54:07 | 000,011,766 | ---- | C] () -- C:\Windows\Galsmave.ini
[2009.05.25 13:35:51 | 000,000,680 | ---- | C] () -- C:\Users\shortytine\AppData\Local\d3d9caps.dat
[2009.02.24 19:03:18 | 000,000,748 | ---- | C] () -- C:\Users\shortytine\AppData\Roaming\wklnhst.dat
[2009.01.05 16:21:36 | 000,062,976 | ---- | C] () -- C:\Users\shortytine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2010.11.10 11:17:23 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\de.schlecker.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2011.10.23 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\DVDVideoSoft
[2010.12.25 11:11:46 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.29 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Elagar
[2010.12.28 09:24:43 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Gutscheinmieze
[2009.11.28 14:47:26 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ICQ
[2012.07.12 08:37:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\kock
[2010.03.26 19:13:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ManyCam
[2010.01.29 17:41:50 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\mmserver
[2009.01.06 17:10:09 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\myphotobook
[2009.12.14 10:48:24 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\OpenOffice.org
[2012.03.18 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Photo! Web Album
[2010.01.17 22:31:44 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ProtectDisc
[2012.07.26 08:32:27 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Puluom
[2011.01.27 16:17:41 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Sony
[2012.08.01 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Spotify
[2010.03.26 18:33:21 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\TeamViewer
[2009.02.24 19:04:23 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Template
[2010.05.24 18:43:14 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Toshiba
[2009.01.11 17:57:08 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\TuneUp Software
[2010.05.30 14:27:58 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Ulead Systems
[2012.07.12 08:37:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\xmldm
[2012.07.29 20:06:56 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Ynoh
[2012.08.06 01:35:01 | 000,001,136 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-660773486-670838790-555106487-1000Core.job
[2012.08.06 16:35:01 | 000,001,158 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-660773486-670838790-555106487-1000UA.job
[2012.08.01 20:21:13 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.11.10 11:13:32 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Adobe
[2011.11.05 08:50:36 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Apple Computer
[2012.02.16 19:45:57 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Avira
[2010.11.10 11:17:23 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\de.schlecker.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2009.01.19 12:30:12 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\DivX
[2012.02.24 15:33:46 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\dvdcss
[2011.10.23 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\DVDVideoSoft
[2010.12.25 11:11:46 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.29 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Elagar
[2009.01.05 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Google
[2010.12.28 09:24:43 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Gutscheinmieze
[2009.03.29 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\HP
[2009.11.28 14:47:26 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ICQ
[2009.01.05 15:35:47 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Identities
[2009.01.05 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\InstallShield
[2012.07.12 08:37:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\kock
[2009.01.05 16:01:52 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Macromedia
[2012.07.26 16:26:07 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Malwarebytes
[2010.03.26 19:13:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ManyCam
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Media Center Programs
[2012.07.26 16:09:21 | 000,000,000 | --SD | M] -- C:\Users\shortytine\AppData\Roaming\Microsoft
[2010.01.29 17:41:50 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\mmserver
[2009.01.11 16:53:28 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Mozilla
[2009.01.06 17:10:09 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\myphotobook
[2009.12.14 10:48:24 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\OpenOffice.org
[2012.03.18 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Photo! Web Album
[2010.01.17 22:31:44 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\ProtectDisc
[2012.07.26 08:32:27 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Puluom
[2011.01.27 16:17:41 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Sony
[2012.08.01 20:25:58 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Spotify
[2010.03.26 18:33:21 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\TeamViewer
[2009.02.24 19:04:23 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Template
[2010.05.24 18:43:14 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Toshiba
[2009.01.11 17:57:08 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\TuneUp Software
[2010.05.30 14:27:58 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Ulead Systems
[2009.01.12 15:05:21 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\vlc
[2009.04.18 11:57:40 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\WinRAR
[2012.07.12 08:37:05 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\xmldm
[2012.07.29 20:06:56 | 000,000,000 | ---D | M] -- C:\Users\shortytine\AppData\Roaming\Ynoh
 
< %APPDATA%\*.exe /s >
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Users\shortytine\AppData\Roaming\Gutscheinmieze\foxstart.exe
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Users\shortytine\AppData\Roaming\Gutscheinmieze\uninstall.exe
[2010.11.10 11:13:15 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\shortytine\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.12.09 16:02:49 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\shortytine\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2010.01.18 16:35:26 | 000,827,392 | ---- | M] (Synatix GmbH) -- C:\Users\shortytine\AppData\Roaming\mmserver\FilterHost.exe
[2007.01.01 18:01:24 | 000,009,728 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\myphotobook\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\myphotobook\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\shortytine\AppData\Roaming\myphotobook\xtras\shellExecute.exe
[2006.12.21 13:16:14 | 000,009,216 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\myphotobook\xtras\sleep.exe
[2012.05.13 19:05:13 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\shortytine\AppData\Roaming\Spotify\spotify.exe
[2012.05.13 19:05:12 | 000,932,528 | ---- | M] () -- C:\Users\shortytine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008.03.25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008.03.25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008.03.26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008.03.26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.06.03 05:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008.06.03 05:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008.06.03 05:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008.06.03 05:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\drivers\iaStor.sys
[2008.07.20 18:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7b6e77f6\iaStor.sys
[2008.07.20 18:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.26 08:15:08 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.26 08:15:08 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >

LG emmibemmi

30.07.2012, 10:14	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	live security platinum Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. __________________ __________________

30.07.2012, 16:08	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	live security platinum Nein, davon will ich bitte alle sehen __________________ Logfiles bitte immer in CODE-Tags posten

02.08.2012, 14:30	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	live security platinum Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden? __________________ Logfiles bitte immer in CODE-Tags posten

live security platinum

Plagegeister aller Art und deren Bekämpfung: live security platinum