| |
| |||||||
Log-Analyse und Auswertung: soap0_wsdl.exe nicht gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.10.2012, 17:13
| #1 |
| |  soap0_wsdl.exe nicht gefunden beim Starten kommt folgender Hinweis User\Bernie\appdata\localtemp\soap0_wsdl.exe wird nicht gefunden zudem sit der Rechner gestern abgestürzt und benötigte 30 Neustarts Antivir brachte kene Erkenntnisse über die Nacht |
|
02.10.2012, 05:48
| #2 |
| /// Helfer-Team  | soap0_wsdl.exe nicht gefunden Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung)
__________________ |
|
03.10.2012, 09:43
| #3 |
| | soap0_wsdl.exe nicht gefunden 1.) mbam scan
__________________Malwarebytes Anti-Malware (Test) 1.65.0.1400 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.10.03.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Bernie :: BERNIE_PB [Administrator] Schutz: Aktiviert 03.10.2012 09:22:14 mbam-log-2012-10-03 (09-22-14).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 235875 Laufzeit: 7 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) 2.) otl file OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.10.2012 10:29:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bernie\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 40,43% Memory free 5,98 Gb Paging File | 3,68 Gb Available in Paging File | 61,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,95 Gb Total Space | 324,85 Gb Free Space | 70,94% Space Free | Partition Type: NTFS Drive D: | 458,46 Gb Total Space | 171,85 Gb Free Space | 37,48% Space Free | Partition Type: NTFS Drive F: | 1396,92 Gb Total Space | 897,16 Gb Free Space | 64,22% Space Free | Partition Type: FAT32 Computer Name: BERNIE_PB | User Name: Bernie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Bernie\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\StarMoney Business 5.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) PRC - C:\Program Files (x86)\StarMoney Business 4.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe () PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files (x86)\Canon\EOS Utility\WFTPairing\WFTPairing.exe (CANON INC.) PRC - C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Canon\EOS Utility\WFTPairing\EOSUPNPSV.exe (CANON INC.) PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer) PRC - C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe () PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Programme\Lexmark\ErrorApp\LMab1err.EXE () PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll () MOD - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll () MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe () MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll () MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - C:\Program Files (x86)\Packard Bell\Software Suite SE\sqlite3.dll () MOD - C:\Programme\Lexmark\ErrorApp\LMab1err.EXE () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (StarMoney Business 5.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney Business 5.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (StarMoney Business 4.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney Business 4.0 Deutsche Bank Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated) SRV - (ClipInc001) -- C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe () SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (AdobeActiveFileMonitor7.0) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (lmab_device) -- C:\Windows\SysWOW64\LMabcoms.exe ( ) SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () ========== Driver Services (SafeList) ========== DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=10 IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=aeb7104b00000000000000016c6c2ae8 IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE353DE353 IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{7BE55C4A-C3AE-4735-A7F9-6E4E83B859B8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=3ca97582-4982-4f0c-bb22-a336c9ee6c8b&apn_sauid=C15BF6CB-89E7-4953-B59F-CA66B5356EB9 IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{82CA96CF-A824-471B-83F3-2DE4C68D80C0}: "URL" = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{9EDB191A-BCC5-4E3D-88A2-0A01A6559B94}: "URL" = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{BEA6EEAD-925A-4491-9C5C-E2519989EE15}: "URL" = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{EC2EBFE9-6BFD-47C1-9347-973E4D1ED885}: "URL" = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{F098E61B-F7F6-49DA-BB12-F2BA240C5D94}: "URL" = hxxp://go.gmx.net/suchbox/amazon/?keywords={searchTerms} IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..CT2481020.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Search the web" FF - prefs.js..browser.search.defaultthis.engineName: "NCH DE Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web" FF - prefs.js..browser.search.selectedEngine: "Search the web" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.bild.de" FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - prefs.js..network.proxy.type: 0 FF - user.js..browser.search.selectedEngine: "Search the web" FF - user.js..browser.search.order.1: "Search the web" FF - user.js..browser.search.defaultenginename: "Search the web" FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\RAWThumbnailViewer@arcsoft.com.cn: C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\FireFox Extension [2010.11.14 10:53:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.31 13:11:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.15 20:24:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Users\Bernie\AppData\Local\Mozilla Firefox\components [2011.09.28 20:07:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Users\Bernie\AppData\Local\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.28 21:28:52 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Users\Bernie\AppData\Local\Mozilla Firefox\components [2011.09.28 20:07:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Users\Bernie\AppData\Local\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Users\Bernie\AppData\Local\Mozilla Firefox\components [2011.09.28 20:07:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Users\Bernie\AppData\Local\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Users\Bernie\AppData\Local\Mozilla Firefox\components [2011.09.28 20:07:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Users\Bernie\AppData\Local\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Users\Bernie\AppData\Local\Mozilla Firefox\components [2011.09.28 20:07:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Users\Bernie\AppData\Local\Mozilla Firefox\plugins [2011.09.18 16:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernie\AppData\Roaming\mozilla\Extensions [2012.10.01 21:03:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernie\AppData\Roaming\mozilla\Firefox\Profiles\0kodygem.default\extensions [2012.08.20 11:41:43 | 000,002,413 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\askcom.xml [2012.10.01 21:02:17 | 000,000,915 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\conduit.xml [2012.09.27 18:57:35 | 000,002,399 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\Web Search.xml [2012.07.31 13:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.07.31 13:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2012.07.31 13:11:49 | 000,000,000 | ---D | M] (GMX MailCheck) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@gmx.net [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.12 18:15:29 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.02 17:55:49 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - Extension: No name found = C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\ CHR - Extension: No name found = C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\ CHR - Extension: No name found = C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (ToolbarBHO Class) - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (ArcSoft Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found. O3 - HKLM\..\Toolbar: (RAW Thumbnail Viewer) - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll (ArcSoft Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [SMB50StarMoneyRunEntry] C:\Program Files (x86)\StarMoney Business 5.0 Deutsche Bank Edition\app\oflagent.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) O4 - HKLM..\Run: [StarMoneyRunEntry] C:\Program Files (x86)\StarMoney Business 4.0 Deutsche Bank Edition\app\oflagent.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1001..\Run: [] File not found O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1001..\Run: [1&1_1&1 Upload-Manager] C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1001..\Run: [LMab1err] C:\Programme\Lexmark\ErrorApp\LMab1err.EXE () O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1001..\Run: [Software Suite SE] C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated) O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1005..\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe () O4 - Startup: C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WFTPairing.lnk = C:\Program Files (x86)\Canon\EOS Utility\WFTPairing\WFTPairing.exe (CANON INC.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-951911369-2377803447-926339454-1005\Software\Policies\Microsoft\Internet Explorer\Recovery present O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: EXIF lesen - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D743F3B-3715-4304-868F-D4BFC26AD930}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.03 10:28:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bernie\Desktop\OTL.exe [2012.10.03 09:21:16 | 000,000,000 | ---D | C] -- C:\Users\Bernie\AppData\Roaming\Malwarebytes [2012.10.03 09:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.03 09:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.03 09:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.01 20:50:58 | 000,000,000 | ---D | C] -- C:\Users\Bernie\AppData\Local\CRE [2012.10.01 20:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo_DE [2012.10.01 20:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2012.10.01 20:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo [2012.09.25 18:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb [2012.09.21 20:35:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.21 20:35:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.21 20:35:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.21 20:35:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.21 20:35:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.21 20:35:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.18 18:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport [2012.09.18 18:54:59 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Flash10d.ocx [2012.09.18 18:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StreamTransport [2012.09.14 15:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.09.14 15:12:11 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.09.14 15:12:11 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.09.14 15:12:07 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.09.14 15:12:07 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.09.14 15:12:07 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.09.14 15:12:07 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2009.09.03 16:13:01 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2012.10.03 10:28:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bernie\Desktop\OTL.exe [2012.10.03 10:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.03 10:14:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.03 09:21:13 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 09:11:51 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.03 09:11:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.01 20:51:06 | 000,000,009 | ---- | M] () -- C:\END [2012.10.01 20:49:52 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 2012.lnk [2012.10.01 20:15:24 | 000,000,766 | ---- | M] () -- C:\Windows\ULead32.ini [2012.10.01 19:09:32 | 000,050,477 | ---- | M] () -- C:\Users\Bernie\Desktop\Defogger.exe [2012.10.01 18:09:20 | 000,000,000 | ---- | M] () -- C:\Users\Bernie\defogger_reenable [2012.09.21 20:06:28 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.21 20:06:27 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.18 18:55:00 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\ StreamTransport.lnk [2012.09.18 18:52:59 | 127,253,894 | ---- | M] () -- C:\Users\Bernie\Documents\ARD Mediathek Reportage Dokumentation - Abgezockt statt abgesichert - Das schmutzige Geschft mit Schrottimmobilien - Montag, 17.09.2012 Das Erste_0.flv [2012.09.18 18:23:51 | 000,000,013 | ---- | M] () -- C:\Users\Bernie\Documents\ARD Mediathek Reportage Dokumentation - Abgezockt statt abgesichert - Das schmutzige Geschft mit Schrottimmobilien - Montag, 17.09.2012 Das Erste.flv [2012.09.08 20:11:21 | 000,001,807 | ---- | M] () -- C:\Users\Bernie\Desktop\ZoomBrowser - Verknüpfung.lnk [2012.09.08 20:05:28 | 000,001,304 | ---- | M] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk ========== Files Created - No Company Name ========== [2012.10.03 09:21:13 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.01 20:51:06 | 000,000,009 | ---- | C] () -- C:\END [2012.10.01 20:49:52 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 2012.lnk [2012.10.01 19:09:32 | 000,050,477 | ---- | C] () -- C:\Users\Bernie\Desktop\Defogger.exe [2012.10.01 18:09:20 | 000,000,000 | ---- | C] () -- C:\Users\Bernie\defogger_reenable [2012.09.18 18:55:00 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\ StreamTransport.lnk [2012.09.18 18:23:51 | 127,253,894 | ---- | C] () -- C:\Users\Bernie\Documents\ARD Mediathek Reportage Dokumentation - Abgezockt statt abgesichert - Das schmutzige Geschft mit Schrottimmobilien - Montag, 17.09.2012 Das Erste_0.flv [2012.09.18 18:23:51 | 000,000,013 | ---- | C] () -- C:\Users\Bernie\Documents\ARD Mediathek Reportage Dokumentation - Abgezockt statt abgesichert - Das schmutzige Geschft mit Schrottimmobilien - Montag, 17.09.2012 Das Erste.flv [2012.09.08 20:11:21 | 000,001,807 | ---- | C] () -- C:\Users\Bernie\Desktop\ZoomBrowser - Verknüpfung.lnk [2012.09.08 20:05:28 | 000,001,304 | ---- | C] () -- C:\Users\Public\Desktop\ZoomBrowser EX.lnk [2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.08.15 20:01:03 | 001,526,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.08.09 20:42:32 | 004,503,728 | ---- | C] () -- C:\ProgramData\ldsw_0paos.pad [2012.01.16 20:24:39 | 000,004,608 | ---- | C] () -- C:\Users\Bernie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.28 19:00:06 | 000,000,511 | ---- | C] () -- C:\Windows\wiso.ini [2011.12.02 18:01:29 | 001,072,097 | ---- | C] () -- C:\Users\Bernie\Freitags Hallelujah SWR3.mp3 [2011.11.01 12:55:05 | 000,000,017 | ---- | C] () -- C:\Windows\Missing.ini [2011.10.15 20:41:29 | 000,004,096 | -H-- | C] () -- C:\Users\Bernie\AppData\Local\keyfile3.drm [2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.08.19 09:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.08.19 09:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011.08.19 09:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.07.29 18:50:02 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2011.07.02 12:53:59 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.09.22 18:44:42 | 000,002,017 | ---- | C] () -- C:\Users\Bernie\Logitech Vid HD.lnk [2009.12.27 19:42:10 | 000,000,000 | ---- | C] () -- C:\Users\Bernie\AppData\Roaming\FileOut.cns [2009.12.27 19:42:10 | 000,000,000 | ---- | C] () -- C:\Users\Bernie\AppData\Roaming\FileIn.cns [2009.12.13 19:33:43 | 000,014,268 | ---- | C] () -- C:\Users\Bernie\AppData\Roaming\wklnhst.dat [2009.11.15 18:30:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2004.01.26 17:15:29 | 000,233,472 | R--- | C] () -- C:\Users\Bernie\AppData\Roaming\MafiaSetup.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
03.10.2012, 14:41
| #4 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen. Diese Nacheinander abarbeiten und die 4 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen. Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern mede dies bitte. 1. Schritt Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10
IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms}
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=aeb7104b00000000000000016c6c2ae8
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE353DE353
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{7BE55C4A-C3AE-4735-A7F9-6E4E83B859B8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=3ca97582-4982-4f0c-bb22-a336c9ee6c8b&apn_sauid=C15BF6CB-89E7-4953-B59F-CA66B5356EB9
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{82CA96CF-A824-471B-83F3-2DE4C68D80C0}: "URL" = http://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{9EDB191A-BCC5-4E3D-88A2-0A01A6559B94}: "URL" = http://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{BEA6EEAD-925A-4491-9C5C-E2519989EE15}: "URL" = http://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{EC2EBFE9-6BFD-47C1-9347-973E4D1ED885}: "URL" = http://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\SearchScopes\{F098E61B-F7F6-49DA-BB12-F2BA240C5D94}: "URL" = http://go.gmx.net/suchbox/amazon/?keywords={searchTerms}
IE - HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..CT2481020.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.bild.de"
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-951911369-2377803447-926339454-1001\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1001..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-951911369-2377803447-926339454-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
[2012.08.09 20:42:32 | 004,503,728 | ---- | C] () -- C:\ProgramData\ldsw_0paos.pad
[2012.08.20 11:41:43 | 000,002,413 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\askcom.xml
[2012.10.01 21:02:17 | 000,000,915 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\conduit.xml
[2012.09.27 18:57:35 | 000,002,399 | ---- | M] () -- C:\Users\Bernie\AppData\Roaming\mozilla\firefox\profiles\0kodygem.default\searchplugins\Web Search.xml
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
[2012.02.12 18:15:29 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.12.02 17:55:49 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
:Files
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Bernie\*.tmp
C:\Users\Bernie\AppData\Local\{*}
C:\Users\Bernie\AppData\Local\Temp\*.exe
C:\Users\Bernie\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! 2. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 3. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
4. Schritt
|
|
03.10.2012, 18:37
| #5 |
| | soap0_wsdl.exe nicht gefunden Ergebnis des 3. Schrittes Malwarebytes Anti-Malware (Test) 1.65.0.1400 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.10.03.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Bernie :: BERNIE_PB [Administrator] Schutz: Aktiviert 03.10.2012 17:24:32 mbam-log-2012-10-03 (17-24-32).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 848791 Laufzeit: 2 Stunde(n), 9 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Pardon die Zeilen darüber waren der zweite Schritt hier nun der 3. Schritt # AdwCleaner v2.003 - Datei am 10/03/2012 um 19:48:17 erstellt # Aktualisiert am 23/09/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Bernie - BERNIE_PB # Bootmodus : Normal # Ausgeführt unter : C:\Users\Bernie\Desktop\adwcleaner.exe # Option [Suche] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml Datei Gefunden : C:\user.js Datei Gefunden : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Askcom.xml Datei Gefunden : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Conduit.xml Datei Gefunden : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Web Search.xml Ordner Gefunden : C:\Program Files (x86)\Ashampoo_DE Ordner Gefunden : C:\Program Files (x86)\Ask.com Ordner Gefunden : C:\Program Files (x86)\BabylonToolbar Ordner Gefunden : C:\Program Files (x86)\Conduit Ordner Gefunden : C:\ProgramData\Babylon Ordner Gefunden : C:\ProgramData\Partner Ordner Gefunden : C:\Users\Bernie\AppData\Local\APN Ordner Gefunden : C:\Users\Bernie\AppData\Local\AskToolbar Ordner Gefunden : C:\Users\Bernie\AppData\Local\Babylon Ordner Gefunden : C:\Users\Bernie\AppData\Local\Conduit Ordner Gefunden : C:\Users\Bernie\AppData\Local\OpenCandy Ordner Gefunden : C:\Users\Bernie\AppData\Local\Smartbar Ordner Gefunden : C:\Users\Bernie\AppData\Local\Temp\Smartbar Ordner Gefunden : C:\Users\Bernie\AppData\LocalLow\Ashampoo_DE Ordner Gefunden : C:\Users\Bernie\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Bernie\AppData\LocalLow\Conduit Ordner Gefunden : C:\Users\Bernie\AppData\Roaming\Babylon Ordner Gefunden : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\Smartbar Ordner Gefunden : C:\Users\Bernie\AppData\Roaming\OpenCandy Ordner Gefunden : C:\Users\Bernie\AppData\Roaming\toolplugin Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registrierungsdatenbank] ***** Schlüssel Gefunden : HKCU\Software\APN Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Ashampoo_DE Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar Schlüssel Gefunden : HKCU\Software\Ask.com Schlüssel Gefunden : HKCU\Software\Ask.com.tmp Schlüssel Gefunden : HKCU\Software\AskToolbar Schlüssel Gefunden : HKCU\Software\BabylonToolbar Schlüssel Gefunden : HKCU\Software\Conduit Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5786D022-540E-4699-B350-B4BE0AE94B79} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gefunden : HKCU\Software\SmartBar Schlüssel Gefunden : HKCU\Software\SmartbarBackup Schlüssel Gefunden : HKCU\Software\Softonic Schlüssel Gefunden : HKCU\Software\SweetIm Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\Software\APN Schlüssel Gefunden : HKLM\Software\Ashampoo_DE Schlüssel Gefunden : HKLM\Software\AskToolbar Schlüssel Gefunden : HKLM\Software\Babylon Schlüssel Gefunden : HKLM\Software\BabylonToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2431245 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2481020 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2801937 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gefunden : HKLM\Software\Conduit Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6477D09-A529-4EEC-993D-BAAEB71AE111} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F6477D09-A529-4EEC-993D-BAAEB71AE111} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AAD4DF5-AC6F-4249-9ACD-1A528FD4DB36} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEB2B4A1-80DC-4D2F-B6A9-6FFD9D33403B} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5786D022-540E-4699-B350-B4BE0AE94B79} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_DE Toolbar Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gefunden : HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gefunden : HKU\S-1-5-21-951911369-2377803447-926339454-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5786D022-540E-4699-B350-B4BE0AE94B79}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{5786D022-540E-4699-B350-B4BE0AE94B79}] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481020 [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} -\\ Mozilla Firefox v14.0.1 (de) Profilname : default Datei : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\prefs.js Gefunden : user_pref("CT2481020.1000082.isPlayDisplay", "true"); Gefunden : user_pref("CT2481020.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Gefunden : user_pref("CT2481020.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gefunden : user_pref("CT2481020.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Gefunden : user_pref("CT2481020.FirstTime", "true"); Gefunden : user_pref("CT2481020.FirstTimeFF3", "true"); Gefunden : user_pref("CT2481020.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...] Gefunden : user_pref("CT2481020.UserID", "UN04025477591745208"); Gefunden : user_pref("CT2481020.addressBarTakeOverEnabledInHidden", "true"); Gefunden : user_pref("CT2481020.autoDisableScopes", -1); Gefunden : user_pref("CT2481020.browser.search.defaultthis.engineName", true); Gefunden : user_pref("CT2481020.defaultSearch", "true"); Gefunden : user_pref("CT2481020.embeddedsData", "[{\"appId\":\"129058856464656507\",\"apiPermissions\":{\"cross[...] Gefunden : user_pref("CT2481020.enableAlerts", "false"); Gefunden : user_pref("CT2481020.enableSearchFromAddressBar", "true"); Gefunden : user_pref("CT2481020.firstTimeDialogOpened", "true"); Gefunden : user_pref("CT2481020.fixPageNotFoundError", "true"); Gefunden : user_pref("CT2481020.fixPageNotFoundErrorInHidden", "true"); Gefunden : user_pref("CT2481020.fixUrls", true); Gefunden : user_pref("CT2481020.installId", "ConduitNSISIntegration"); Gefunden : user_pref("CT2481020.installType", "ConduitNSISIntegration"); Gefunden : user_pref("CT2481020.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gefunden : user_pref("CT2481020.isNewTabEnabled", true); Gefunden : user_pref("CT2481020.isPerformedSmartBarTransition", "true"); Gefunden : user_pref("CT2481020.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Gefunden : user_pref("CT2481020.keyword", true); Gefunden : user_pref("CT2481020.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...] Gefunden : user_pref("CT2481020.openThankYouPage", "false"); Gefunden : user_pref("CT2481020.openUninstallPage", "false"); Gefunden : user_pref("CT2481020.search.searchAppId", "129058856464656507"); Gefunden : user_pref("CT2481020.search.searchCount", "0"); Gefunden : user_pref("CT2481020.searchInNewTabEnabledInHidden", "true"); Gefunden : user_pref("CT2481020.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gefunden : user_pref("CT2481020.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Gefunden : user_pref("CT2481020.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...] Gefunden : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Gefunden : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Gefunden : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Gefunden : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Gefunden : user_pref("CT2481020.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Gefunden : user_pref("CT2481020.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1349117471500"); Gefunden : user_pref("CT2481020.serviceLayer_services_appsMetadata_lastUpdate", "1349117462245"); Gefunden : user_pref("CT2481020.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1349117463512"); Gefunden : user_pref("CT2481020.serviceLayer_services_login_10.10.27.6_lastUpdate", "1349117466448"); Gefunden : user_pref("CT2481020.serviceLayer_services_optimizer_lastUpdate", "1349117462415"); Gefunden : user_pref("CT2481020.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1349117463329"); Gefunden : user_pref("CT2481020.serviceLayer_services_searchAPI_lastUpdate", "1349117461072"); Gefunden : user_pref("CT2481020.serviceLayer_services_serviceMap_lastUpdate", "1349117459144"); Gefunden : user_pref("CT2481020.serviceLayer_services_toolbarContextMenu_lastUpdate", "1349117463432"); Gefunden : user_pref("CT2481020.serviceLayer_services_toolbarSettings_lastUpdate", "1349117461289"); Gefunden : user_pref("CT2481020.serviceLayer_services_translation_lastUpdate", "1349117462367"); Gefunden : user_pref("CT2481020.settingsINI", true); Gefunden : user_pref("CT2481020.shouldFirstTimeDialog", "false"); Gefunden : user_pref("CT2481020.smartbar.CTID", "CT2481020"); Gefunden : user_pref("CT2481020.smartbar.Uninstall", "0"); Gefunden : user_pref("CT2481020.smartbar.homepage", true); Gefunden : user_pref("CT2481020.smartbar.toolbarName", "Ashampoo DE "); Gefunden : user_pref("CT2481020.toolbarBornServerTime", "1-10-2012"); Gefunden : user_pref("CT2481020.toolbarCurrentServerTime", "1-10-2012"); Gefunden : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=1[...] Gefunden : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo DE Customized Web Search"); Gefunden : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020[...] Gefunden : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481020"); Gefunden : user_pref("browser.search.defaultengine", "Ask.com"); Gefunden : user_pref("browser.search.defaultenginename", "Search the web"); Gefunden : user_pref("browser.search.defaultthis.engineName", "NCH DE Customized Web Search"); Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&Sea[...] Gefunden : user_pref("browser.search.order.1", "Search the web"); Gefunden : user_pref("browser.search.selectedEngine", "Search the web"); Gefunden : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", ""); Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); Gefunden : user_pref("extensions.BabylonToolbar_i.hardId", "aeb7104b00000000000000016c6c2ae8"); Gefunden : user_pref("extensions.BabylonToolbar_i.id", "aeb7104b00000000000000016c6c2ae8"); Gefunden : user_pref("extensions.BabylonToolbar_i.instlDay", "15382"); Gefunden : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Gefunden : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Gefunden : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Gefunden : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Gefunden : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:15:33"); Gefunden : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_14.0.1"); Gefunden : user_pref("extensions.asktb.cbid", "^ABT"); Gefunden : user_pref("extensions.asktb.config-updated", false); Gefunden : user_pref("extensions.asktb.cr-o", "APN10395"); Gefunden : user_pref("extensions.asktb.crumb", "2012.08.08+10.50.21-toolbar016iad-DE-Um90dHdlaWwsR2VybWFueQ%3D%[...] Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...] Gefunden : user_pref("extensions.asktb.domain", "avira-int.ask.com"); Gefunden : user_pref("extensions.asktb.domainName", "avira-int.ask.com"); Gefunden : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE"); Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...] Gefunden : user_pref("extensions.asktb.fresh-install", false); Gefunden : user_pref("extensions.asktb.guid", "3ca97582-4982-4f0c-bb22-a336c9ee6c8b"); Gefunden : user_pref("extensions.asktb.hpr", "YES"); Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...] Gefunden : user_pref("extensions.asktb.if", "first"); Gefunden : user_pref("extensions.asktb.l", "dis"); Gefunden : user_pref("extensions.asktb.last-config-req", "1348301212675"); Gefunden : user_pref("extensions.asktb.locale", "de_DE"); Gefunden : user_pref("extensions.asktb.localePref", true); Gefunden : user_pref("extensions.asktb.location", "Rottweil,Germany"); Gefunden : user_pref("extensions.asktb.notification-shown", true); Gefunden : user_pref("extensions.asktb.nthp", "YES"); Gefunden : user_pref("extensions.asktb.nthp_prev", "1"); Gefunden : user_pref("extensions.asktb.o", "APN10395"); Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Gefunden : user_pref("extensions.asktb.qsrc", "2871"); Gefunden : user_pref("extensions.asktb.r", "2"); Gefunden : user_pref("extensions.asktb.sa", "YES"); Gefunden : user_pref("extensions.asktb.sa-enabled", "false"); Gefunden : user_pref("extensions.asktb.saguid", "C15BF6CB-89E7-4953-B59F-CA66B5356EB9"); Gefunden : user_pref("extensions.asktb.save-searches", false); Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true); Gefunden : user_pref("extensions.asktb.show-labels", false); Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Gefunden : user_pref("extensions.asktb.socialmini-native-on", true); Gefunden : user_pref("extensions.asktb.themeid", ""); Gefunden : user_pref("extensions.asktb.timeinstalled", "08.08.2012 19:55:11"); Gefunden : user_pref("extensions.asktb.to", ""); Gefunden : user_pref("extensions.asktb.v", "3.15.4.100015"); Gefunden : user_pref("extensions.asktb.version", "5.15.4.23930"); -\\ Google Chrome v19.0.1084.52 Datei : C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Preferences Gefunden [l.1] : icon_url ={"browser":{"window_placement":{"bottom":860,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":870,"work_area_left":0,"work_area_ri ght":1440,"work_area_top":0}},"countryid_at_install":17477,"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"","", "id":"6","instant_url":"","keyword":"search.sweetim.com","name":"SweetIM Search","prepopulate_id":"0","search_url":"hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}","suggest_url":""},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"impor t_history":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":true,"system_level":true,"verbos e_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://a.ligatus.com/",["hxxp://ads-de.ret01.ligatus.com/",1.752984684675707,"hxxp://d.ligatus.com/",2.007688150137572,"hxxp://i.ligatus.com/",3.0265208893958504,"hxxp://x.ligatus.com/",2.007688150137572]],["hxxp://ad-emea.doubleclick.net/",["hxxp://s0.2mdn.net/",1.129256153838169]],["hxxp://ad.yieldmanager.com/",["hxxp://track.adform.net/",0.8745508006352223]],["hxxp://ads.contentabc.com/",["hxxp://cdn1.ads.brazzers.com/",1.804350119511485,"hxxp://cdn1.ads.contentabc.com/",2.0665290396572784]],["hxxp://ads.trafficjunky.net/",["hxxp://ads.contentabc.com/",2.590868002538046,"hxxp://ads2.contentabc.com/",2.590868002538046]],["hxxp://cdn.flashtalking.com/",["hxxp://cdn.flashtalking.com/",1.752984684675707,"hxxp://stat.flashtalking.com/",3.7906407244868543]],["hxxp://cdn1.ads.contentabc.com/",["hxxp://cdn1.ads.contentabc.com/",2.328698521097662]],["hxxp://feed.snap.do/",["hxxp://search.snap.do/",3.4144081114998395]],["hxxp://glamour.mobi.xpor.mobi/",["hxxp://glamour.mobi.xpor.mobi/",7.047777503140802,"hxxp://www.google-analytics.com/",2.590868002538046]],["hxxp://home.sweetim.com/",["hxxp://ad.xtendmedia.com/",0.4902510782961645,"hxxp://ad.yieldmanager.com/",0.299886548254748,"hxxp://cdn.search.sweetim.com/",2.229601553008571,"hxxp://content.yieldmanager.edgesuite.net/",0.2332879867593849,"hxxp://cookex.amp.yahoo.com/",0.0956282438512835,"hxxp://pagead2.googlesyndication.com/",1.687668843245427,"hxxp://partner.googleadservices.com/",1.687668843245427,"hxxp://www.google-analytics.com/",1.460941700615838,"hxxp://www.googletagservices.com/",1.687668843245427]],["hxxp://img-cdn.mediaplex.com/",["hxxp://altfarm.mediaplex.com/",2.007688150137572,"hxxp://edpn.ebay.com/",2.5171045197667112,"hxxp://img-cdn.mediaplex.com/",1.752984684675707,"hxxp://mp.apmebf.com/",1.752984684675707]],["hxxp://lesershop24.bild.de/",["hxxp://code.etracker.com/",1.752984684675707,"hxxp://lesershop24.bild.de/",10.158312309382161,"hxxp://www.etracker.de/",2.007688150137572,"hxxps://ad.zanox.com/",2.5171045197667112]],["hxxp://midsommar.ikea.de/",["hxxp://ikea.122.2o7.net/",1.860576487632898,"hxxp://midsommar.ikea.de/",2.349709079338096]],["hxxp://platform.twitter.com/",["hxxp://cdn.api.twitter.com/",0.8903681831596245,"hxxp://p.twitter.com/",0.8903681831596245,"hxxp://r.twimg.com/",0.8420382359833809]],["hxxp://pornhubhd.com/",["hxxp://counter.yadro.ru/",2.0665290396572784,"hxxp://pornhubhd.com/",47.42213249000598,"hxxp://s7.addthis.com/",3.115206965418814,"hxxp://www.google-analytics.com/",1.804350119511485]],["hxxp://s7.addthis.com/",["hxxp://cf.addthis.com/",1.804350119511485,"hxxp://m.addthisedge.com/",2.0665290396572784]],["hxxp://search.snap.do/",["hxxp://ajax.googleapis.com/",1.140620208091026,"hxxp://cdn1.predictad.com/",1.9230465295469579,"hxxp://chrome.dealply.com/",0.47997980809102614,"hxxp://geo.widdit.com/",0.4190868473630602,"hxxp://linkurystoragenorthus.blob.core.windows.net/",3.487899172458821,"hxxp://optstatic.dealply.com/",0.4190868473630602,"hxxp://search.snap.do/",1.140620208091026,"hxxp://static.app.widdit.com/",1.140620208091026,"hxxp://www.google-analytics.com/",1.9230465295469579]],["hxxp://search.sweetim.com/",["hxxp://cdn.search.sweetim.com/",3.957620861877473,"hxxp://www.google-analytics.com/",2.3180611001017186]],["hxxp://sportdaten.bild.de/",["hxxp://ajax.googleapis.com/",0.7635997624229681,"hxxp://sportdaten.bild.de/",0.8745508006352223,"hxxp://www.bild.de/",1.540255142167665]],["hxxp://t.freizeit.bild.de/",["hxxp://t.freizeit.bild.de/",3.0265208893958504,"hxxp://www.bild.de/",1.752984684675707]],["hxxp://tools.google.com/",["hxxp://fonts.googleapis.com/",1.675407964919136,"hxxp://themes.googleusercontent.com/",1.950536788886077,"hxxp://tools.google.com/",2.665235562455557,"hxxp://www.google-analytics.com/",1.950536788886077,"hxxp://www.google.com/",2.3200904217646543]],["hxxp://track.adform.net/",["hxxp://track.adform.net/",2.5171045197667112]],["hxxp://wetter.bild.de/",["hxxp://wetter.bild.de/",2.304374977258669]],["hxxp://ww251.smartadserver.com/",["hxxp://ced.sascdn.com/",1.752984684675707,"hxxp://ww251.smartadserver.com/",1.752984684675707]],["hxxp://www.bild.de/",["hxxp://images.intellitxt.com/",2.7718174239339852,"hxxp://itx4.smartadserver.com/",2.007688150137572,"hxxp://level3.cedexis.com/",2.262401054304846,"hxxp://phoenixnap.cedexis.com/",2.007688150137572,"hxxp://platform.twitter.com/",2.7718174239339852,"hxxp://report.init.cedexis-radar.net/",5.318880394668862,"hxxp://wpc.0003.edgecastcdn.net/",2.262401054304846,"hxxp://www.facebook.com/",2.5171045197667112,"hxxps://plusone.google.com/",2.5171045197667112,"hxxps://s-static.ak.facebook.com/",2.5171045197667112]],["hxxp://www.facebook.com/",["hxxp://static.ak.fbcdn.net/",0.5673105569963223]],["hxxp://www.ikea.com/",["hxxp://metrics.ikea.com/",2.262401054304846,"hxxp://midsommar.ikea.de/",2.5171045197667112,"hxxp://survey.122.2o7.net/",2.007688150137572,"hxxp://www.ikea.com/",9.64890537845843]],["hxxp://www.irfanview.net/",["hxxp://www.irfanview.net/",1.6074870407959718]],["hxxp://www.kalterersee.com/",["hxxp://css.kalterersee.com/",2.084689108864194,"hxxp://images2.kalterersee.com/",7.536938410962226,"hxxp://js.kalterersee.com/",2.084689108864194,"hxxp://player.peer.tv/",2.9933910334102602,"hxxp://stats.peer.biz/",2.387586604144413,"hxxp://www.kalterersee.com/",9.65730582627244]],["hxxp://www.keezmovies.com/",["hxxp://cdn1.image.keezmovies.phncdn.com/",8.096464867607745,"hxxp://cdn1.image.spankwire.phncdn.com/",1.804350119511485,"hxxp://cdn1.image.tube8.phncdn.com/",1.804350119511485,"hxxp://cdn1.image.youporn.phncdn.com/",2.0665290396572784,"hxxp://cdn1.images.videobash.com/",3.377376446859198,"hxxp://cdn1.static.keezmovies.phncdn.com/",4.9504027742069105,"hxxp://cdn1.static.pornhub.phncdn.com/",1.804350119511485,"hxxp://cdn2.image.keezmovies.phncdn.com/",7.834285947461953,"hxxp://cdn3.image.pornhub.phncdn.com/",2.328698521097662,"hxxp://www.google-analytics.com/",1.804350119511485]],["hxxp://www.planet49.com/",["hxxp://www.planet49.com/",10.22268428027154]],["hxxp://www.skype.com/",["hxxp://connect.facebook.net/",1.654586180786882,"hxxp://metrics.skype.com/",1.8949994462595212,"hxxp://static.ak.facebook.com/",2.375825977204799,"hxxp://survey.122.2o7.net/",2.13541271173216,"hxxp://www.facebook.com/",5.7415645002947,"hxxp://www.google-analytics.com/",1.8949994462595212,"hxxp://www.skype.com/",1.8949994462595212,"hxxp://www.skypeassets.com/",11.030637463281941,"hxxps://s-static.ak.facebook.com/",1.8949994462595212]],["hxxps://accounts.google.com/",["hxxps://accounts.google.com/",2.351408046311716,"hxxps://www.google.com/",1.124027111041583]],["hxxps://plusone.google.com/",["hxxps://apis.google.com/",0.5180131425156562,"hxxps://plusone.google.com/",0.9542908716715359,"hxxps://ssl.gstatic.com/",0.4070621043034021,"hxxps://www.google.com/",0.14489073512193631]]],"startup_list":[1,"hxxp://ajax.googleapis.com/","hxxp://cdn1.predictad.com/","hxxp://cloud-search.linkury.com/","hxxp://feed.snap.do/","hxxp://linkurystoragenorthus.blob.core.windows.net/","hxxp://search.snap.do/","hxxp://sp.ask.com/","hxxp://static.app.widdit.com/","hxxp://websearch.ask.com/","hxxp://www.google-analytics.com/"]},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"12991729093873000","next_check":"12993 417525173749"},"blacklistupdate":{"lastpingday":"12991647703628000","version":"0.0.0.122"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"],"newtab":["chrome-extension://aaaangaohdajkgeopjhpbnlpkehbhmbj/config/skin/new-tab.html","chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"]},"settings":{"aaaangaohdajkgeopjhpbnlpkehbhmbj":{"active_permissions":{"api":["bookmarks","contextMenus","cookies","geolocation","history","idle","management","notifications","plugin","tabs","unlimitedStorage"],"explicit_host":["chrome://favicon/*","hxxp://*/*","hxxps://*/*"],"scriptable_host":["*://*.ask.com/","*://*.bagsbuy.com/*","*://*.childrenschorus.org/*","*://*.csaa.com/*","*://*.facebook.com/*","*://*.google.com/*","*://*.google.com/imgres*","*://*.mercurynews.com/*","*://*.usnews.com/*","*://*.wikipedia.org/*","*://*/*","*://codesearch.google.com/*","*://images.google.com/*"]},"events":["experimental.extension.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12991729103869000","location":3,"manifest":{"background_page":"background/background.html","browser_action":{"default_icon":"config/skin/images/ask_logo_19x.png","default_popup":"config/skin/options.html","default_title":"Avira Toolbar"},"chrome_url_overrides":{"newtab":"config/skin/new-tab.html"},"content_scripts":[{"js":["lib/jquery.js","lib/constant.js","lib/default-config.js","config/tb-config.js","lib/tb-message.js","content_script/toolbar.js","content_script/widget.js","content_script/injector.js"],"matches":["*://*/*"],"run_at":"document_start"},{"css":["content_script/hack/facebook.css"],"matches":["*://*.facebook.com/*"]},{"css":["content_script/hack/relative.css"],"matches":["*://*.google.com/*","*://*.ask.com/","*://*.bagsbuy.com/*","*://*.csaa.com/*","*://*.childrenschorus.org/*","*://*.wikipedia.org/*","*://*.mercurynews.com/*","*://*.usnews.com/*"],"run_at":"document_start"},{"css":["content_script/hack/static.css"],"matches":["*://*.google.com/imgres*","*://images.google.com/*","*://codesearch.google.com/*"],"run_at":"document_start"}],"description":"Convenient tools and links to make your browsing more enjoyable","icons":{"128":"config/skin/images/ask_logo_128x.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCx+zTj9AqzrVtkCAW6gmhvRMY++4+9SXS64frvxCR/GaqZwzTaKIQVQnde4gq5S5eu2ZpT00OZ3MIdGr2Gq3DgWF0XY+ZeVbrnMSdoE5HXo8hvbFb+GbwOHt+yJWqhcteNbosCgSQriLBk7oy6WOph0FusdubqkPiLEnDhL526EQIDAQAB","name":"Avir a Toolbar","permissions":["bookmarks","contextMenus","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","hxxp://*/*","hxxps://*/*","chrome://favicon/*","chrome-internal://newtab/"],"plugins":[{"path":"background/registryAccess.dll","public":false}],"update_url":"hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manifest.php","version":"7.15.4.24169"},"path":"aaaangaohdajkgeopjhpbnlpkehbhmbj\\7.15.4.24169_0","state":1,"update_url_data":""},"aandpgohbohmlknpjbb lpmoladhoochg":{"blacklist":true},"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"abfclfmhaemoockhhinpplncjehfpdbd":{"blacklist":true},"acmpfca mncegnhjdeiodgilikjafcamg":{"blacklist":true},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":tr ue},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"b lacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist" :true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk": {"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"apdmgffkfhjfeejmbjiden nfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"benclngoad bppljglhphhnfknoppmjoa":{"blacklist":true},"bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true},"bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true} ,"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blac klist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"blpcfgokakmgnkcojhhkbfbldkac nbeo":{"ack_external":true,"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"t","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631039725627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"de","default_locale":"en","description":"Die beliebteste Online-Video-Community der Welt","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","per missions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklis t":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe ":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true},"cbbjhegipokkofhhicbc kicchjpcpeni":{"blacklist":true},"cdogaeccgljmkecjmoedambgiekkllij":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cepfogmg fkddnllaopgknbdfkceejmhk":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":tru e},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"bl acklist":true},"ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabi mpknna":{"blacklist":true},"cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"coobgpohoikkii piblmjeljniedjpjpf":{"ack_external":true,"app_launcher_ordinal":"x","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631042271627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"de","default_locale":"en","description":"Die schnellste Suche im Web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55X B9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name ":"Google-Suche","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1},"cpiiakoibaohkfoaijaigdnocfolnmll":{"bl acklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineeg ngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"dfafokiagoioci dlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dg cfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklis t":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf ":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdpajbbniphgkg ceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehi cimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":tru e},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efbeabpbbkahnnjalakldjfhljboclkf":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"bl acklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgp ghnabc":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"ejijgghlncnaph klndknkbkclebfboca":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true},"eo fejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true},"epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklis t":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj ":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true},"fiapkdjniadkodmdibdn choifkpfoiid":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fjjeecfj mgfnleghoellhldedkaocjfc":{"blacklist":true},"fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":tru e},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"bl acklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjem jadeli":{"blacklist":true},"fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true},"fommcgokigkhmnhlhlkckfjhefnmfohd":{"blacklist":true},"fpbippbofbmgmb ojjmgfcifpmdaelcmd":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true},"ga icmfjflflabagobdiodejfpjikheeo":{"blacklist":true},"gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklis t":true},"gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true},"gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio ":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflb igpammebiolo":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true},"gmghjgfd ialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":tru e},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"gplgjmecjpbfcdikpbicknafcnfcidek":{"bl acklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodl lmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdijkiondgomjp ehfhopomicjbiodmcm":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true},"he fmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hfjpjodbolkmheaehcnmfhjakjileoof":{"blacklist":true},"hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklis t":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm ":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmi emghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true},"hjkhligc npfjhjlapmejaiaiigibofif":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":tru e},"hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true},"hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"bl acklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmlj ldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true},"hpcdoodjfcmpcp keendjnjkeinimhkih":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"ic cblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklis t":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm ":{"blacklist":true},"igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true},"igghanohiioehififjoalfkdoicafjof":{"blacklist":true},"ihnembcpodnfgkafmioj ebccomjekopm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgi dnapbndonoinbkhekgjonojg":{"blacklist":true},"ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":tru e},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"bl acklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbmbiepnidbnhbbfdbgioomdkg nbcacj":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jfalnphfjdoalc dhlnhdpekbmmopkgkj":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jg mpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklis t":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh ":{"blacklist":true},"jljfnkmkkdkppfndippkedacgfkafped":{"blacklist":true},"jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true},"jmeanodbelbflfmnkfdj gpikmldgjjko":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpehgolpfgnknboibogccapmdcadjkbd":{"blacklist":true},"jpeijjbl lejgmokmahkeommcodahoobm":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":tru e},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kcfnnanmpghdnoompcfclakpacapnfbn":{"bl acklist":true},"kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true},"kdchmeaiapjkejkcbeclgjklemecieeg":{"blacklist":true},"kdfahjokahcbmecgaandpobmgi iknagf":{"blacklist":true},"kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true},"kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true},"kffhenjbibjnbn jhlkcdlmpeccpaohio":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kgdhnhadbnpeibkghaebmhmngobdafag":{"blacklist":true},"kg dkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true},"kgdmldjagfciieddcnlhampgkajkpanc":{"blacklist":true},"kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklis t":true},"kiipngoehgkgkackngaidmhmnchfbmio":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf ":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true},"kolbbghckjilleabphhg eggcgpfidofi":{"blacklist":true},"lambangeielkjcnmioccboaphdfcffib":{"blacklist":true},"lbaddolhebpnhdcdkicpcflhnfamcemn":{"blacklist":true},"lbficnmf ealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":tru e},"ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true},"lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true},"lgcnahanhlfpceencjmlehpfklokhojk":{"bl acklist":true},"lifbcibllhkdhoafpjfnlhfpfgnpldfl":{"ack_external":true,"active_permissions":{"api":["plugin","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["file:///*","hxxp://*/*","hxxps://*/*"]},"events":["experimental.extension.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12981658377606866","lastpingday":"12991647701638000","location":3,"manifest":{"background _page":"background.html","browser_action":{"default_icon":"skype.png","default_title":"Options"},"content_scripts":[{"all_frames":true,"js":["contentscript.js"],"matches":["hxxp://*/*","file://*/*","hxxps://*/*"],"run_at":"document_end"}],"description":"Skype Click to Call","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZ JxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB","name":"Skype Click to Call","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"plugins":[{"path":"npSkypeChromePlugin.dll","public":true}],"version":"5.10.0.9560"},"path":"lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.10.0.9560_0","state":1},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"l iomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blackli st":true},"ljmjoloiepllcndinchenhomcdcgbgef":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lkfdchejjogilmloogbbjlnlpbhgjfa b":{"blacklist":true},"lkhcbijhgfchgdmklonlobkfbcadbokg":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjpp didhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"lndempe hphjoeimfchjflohpmhamiamf":{"blacklist":true},"lnjgjionmhobdfdegbciceafphgemjnc":{"blacklist":true},"lnlaeblencbjjjeaanegaldcjfekeled":{"blacklist":tr ue},"lojppnndedobolgfepahepphhloediji":{"blacklist":true},"loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true},"lookpbabilcplifjdeifacodednpacmk":{"b lacklist":true},"lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true},"lplmcpcnhpbffpcfiaddbeaplhhbengd":{"blacklist":true},"mamfageekafifnickhgkibkof cclfefe":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mcknnlhkkdbcppajgefagceglahcafjd":{"blacklist":true},"mdiehnlecbjlp pbpaaipmlnhhjgepfcg":{"blacklist":true},"mdngbiejioalifclonjepjjfppmbgned":{"blacklist":true},"megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true},"m fffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mfncimdpmknolnnnccdmkpnpkaofonkc":{"blackli st":true},"mgdgiplcofghdmpekdeeceolepakodcb":{"blacklist":true},"mjalegijammcloleihdmooifidcjggjp":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljg g":{"blacklist":true},"mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true},"mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true},"mkobblpffgbncfhijab akfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedb hndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mndoohjdoechinpkfbkolflbonciahfo":{"blacklist":tr ue},"mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mnllienogacopjnkmhgnniopjpgjpopp":{"b lacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true},"naopgnjebjeeedbbhcadkhkme efmloho":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true},"ncpdanjmicnih dlijomcggnnekloephc":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"n egkalblfongjbphdcbbhddlickhlamd":{"blacklist":true},"nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true},"nfecfkjnlkbphobjbcnphimihniieehc":{"blackli st":true},"nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true},"nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnko d":{"blacklist":true},"nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nifbebeekindefklojh chehidpikbjfc":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nmmnodo cfckpoddcgihiihcdinaonckb":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":tr ue},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true},"npadaghbcdejfngcjpbnoikajdnongca":{"b lacklist":true},"npolaghondefgiomhkbiiompikfjneep":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"oanjogmonneelfpnfmdlalfdd keckdej":{"blacklist":true},"ocmhjnhildbnglmlfimkjnnfgddelacb":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"odnamglmogfld ajnhkfodmloofeokcmm":{"blacklist":true},"oghphhcagopecifjblgdcfihjnlcbcfc":{"blacklist":true},"ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true},"o idjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true},"ojglppmhgfohhfeinlhklglifnbfebak":{"blacklist":true},"omceiakkomngangmllpgbjcoeloglald":{"blackli st":true},"onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"oocfbmollajebjjpkahmlnclfhkjije a":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true},"pajgiddgjidlcajihkj oacjbplimkgfe":{"blacklist":true},"pbdgmppmccanplobanhfkjndjkmmabgk":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijb amgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":tr ue},"pfhlnanelpgjbhndafjamnpfhkjadoip":{"blacklist":true},"pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"b lacklist":true},"pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true},"pgjpnfpidejcmjibaaohcmehfohacckf":{"blacklist":true},"pgldfhecfiofkhnbgcncepnkj keoahlk":{"blacklist":true},"phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true},"pihcfdffalbcnmbghijdfcaanagapelf":{"blacklist":true},"pjdhkkcnlbfeb iokpeghfffajaabahfo":{"blacklist":true},"pjgbfgdpkbfimabdalhjmmeeelbmkcac":{"blacklist":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true, "active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"w","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631040771627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"de","default_locale":"en","description":"Schneller E-Mail-Dienst mit Suchfunktion und wenig Spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Google Mail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","state":1},"pjloefkigphblpjminnlpbhjchjafcfc":{"blacklist":true} ,"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blac klist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimg afpp":{"blacklist":true},"pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"pobponmhkpmphbnf hpjdagklbkmjhked":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true},"fkjoiggkbepedjmjjbhhecjiimlckcga":{"ack_external":true}}," toolbar":["lifbcibllhkdhoafpjfnlhfpfgnpldfl","aaaangaohdajkgeopjhpbnlpkehbhmbj"],"toolbarsize":-1},"homepage":"hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48","homepage_is_newtabpage":false,"net":{"hxxp_server_properties":{"accounts.google.com:443":{"supports_spdy":true},"api s.google.com:443":{"supports_spdy":true},"clients1.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients2.g oogleusercontent.com:443":{"supports_spdy":true},"plusone.google.com:443":{"supports_spdy":true},"ssl.gstatic.com:443":{"supports_spdy":true},"www.goo gle.com:443":{"supports_spdy":true}}},"ntp":{"app_page_names":["Apps"],"promo_build":4,"promo_closed":false,"promo_end":1338933540.0,"promo_feature_mask":0,"promo_group":75,"promo_group_max":99,"promo_group_timeslice":0, "promo_is_logged_in_to_plus":false,"promo_line":"Ihr Chromebook ist jetzt noch besser! \u003Ca href=\"hxxps://support.google.com/chromeos/?p=ntp19\"\u003EWeitere Informationen \u00FCber die neuesten Funktionen\u003C/a\u003E","promo_platform":8,"promo_resource_cache_update":"1348942872.45575","promo_start":1338321600.0,"promo_views":0,"promo_views_max":20},"plugins ":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.10 84.52","plugins_list":[{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":t rue,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\pdf.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\gcswf32.dll","version":"11,2,202,235"},{"enabled":true,"n ame":"Shockwave Flash","path":"C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_2_202_235.dll","version":"11,2,202,235"},{"enabled":true,"name":"Flash"},{"enabled": true,"name":"Skype Click to Call","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.10.0.9560_0\\npSkypeChromePlugin.dll","version":"5.10.0.9560"},{"enabled":true,"name":" Skype Click to Call"},{"enabled":true,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll","version":"10.1.3.23"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Java Deployment Toolkit 7.0.40.255","path":"C:\\Windows\\SysWOW64\\npDeployJava1.dll","version":"10.4.1.255"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"Windows Genuine Advantage","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npLegitCheckPlugin.dll","version":"1.9.0042.0"},{"enabled":true,"name":"Windows Genuine Advantage"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL","version":"14.0.4730.1010"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"NPCIG.dll","path":"C:\\Program Files (x86)\\Canon\\ZoomBrowser EX\\Program\\NPCIG.dll","version":"1, 0, 0, 5"},{"enabled":true,"name":"NPCIG.dll"},{"enabled":true,"name":"Google Earth Plugin","path":"C:\\Program Files (x86)\\Google\\Google Earth\\plugin\\npgeplugin.dll","version":"6.1.0.5001"},{"enabled":true,"name":"Google Earth Plugin"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll","version":"1.3.21.111"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Silverlight Plug-In","path":"C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.10411.0\\npctrl.dll","version":"5.1.10411.0"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"NVIDIA 3D Vision","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dv.dll","version":"7.17.12.9573"},{"enabled":true,"name":"NVIDIA 3D VISION","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dvstreaming.dll","version":"7.17.12.9573"},{"enabled":true,"name":"NVIDIA 3D"},{"enabled":true,"name":"VLC Web Plugin","path":"C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll","version":"2.0.0"},{"enabled":true,"name":"VLC Web Plugin"},{"enabled":true,"name":"Windows Live\u00AE Photo Gallery","path":"C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll","version":"14.0.8064.0206_ship.wlx.w3m3 (ship)"},{"enabled":true,"name":"Windows Live\u00AE Photo Gallery"},{"enabled":true,"name":"iTunes Application Detector","path":"C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll","version":"1.0.1.1"},{"enabled":true,"name":"iTunes Application Detector"},{"enabled":true,"name":"Shockwave for Director","path":"C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll","version":"11.6.1r629"},{"enabled":true,"name":"Shockwave"}]},"profile":{"avatar_index":0,"content_settings":{"pref_version":1},"exited_cleanly":true,"name":"Erster Nutzer"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":["hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48"]},"sync":{"suppress_start":false},"sync_promo":{"startup_count":3,"user_skipped":true,"view_count":3}} ************************* AdwCleaner[R1].txt - [67623 octets] - [03/10/2012 19:48:17] ########## EOF - C:\AdwCleaner[R1].txt - [67684 octets] ########## |
|
03.10.2012, 18:55
| #6 |
| | soap0_wsdl.exe nicht gefunden Hier nun das Ergebnis des 4. Schrittes # AdwCleaner v2.003 - Datei am 10/03/2012 um 19:51:46 erstellt # Aktualisiert am 23/09/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Bernie - BERNIE_PB # Bootmodus : Normal # Ausgeführt unter : C:\Users\Bernie\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml Datei Gelöscht : C:\user.js Datei Gelöscht : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Askcom.xml Datei Gelöscht : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Conduit.xml Datei Gelöscht : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\searchplugins\Web Search.xml Ordner Gelöscht : C:\Program Files (x86)\Ashampoo_DE Ordner Gelöscht : C:\Program Files (x86)\Ask.com Ordner Gelöscht : C:\Program Files (x86)\BabylonToolbar Ordner Gelöscht : C:\Program Files (x86)\Conduit Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\Users\Bernie\AppData\Local\APN Ordner Gelöscht : C:\Users\Bernie\AppData\Local\AskToolbar Ordner Gelöscht : C:\Users\Bernie\AppData\Local\Babylon Ordner Gelöscht : C:\Users\Bernie\AppData\Local\Conduit Ordner Gelöscht : C:\Users\Bernie\AppData\Local\OpenCandy Ordner Gelöscht : C:\Users\Bernie\AppData\Local\Smartbar Ordner Gelöscht : C:\Users\Bernie\AppData\Local\Temp\Smartbar Ordner Gelöscht : C:\Users\Bernie\AppData\LocalLow\Ashampoo_DE Ordner Gelöscht : C:\Users\Bernie\AppData\LocalLow\AskToolbar Ordner Gelöscht : C:\Users\Bernie\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Bernie\AppData\Roaming\Babylon Ordner Gelöscht : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\Smartbar Ordner Gelöscht : C:\Users\Bernie\AppData\Roaming\OpenCandy Ordner Gelöscht : C:\Users\Bernie\AppData\Roaming\toolplugin Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\APN Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Ashampoo_DE Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar Schlüssel Gelöscht : HKCU\Software\Ask.com Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp Schlüssel Gelöscht : HKCU\Software\AskToolbar Schlüssel Gelöscht : HKCU\Software\BabylonToolbar Schlüssel Gelöscht : HKCU\Software\Conduit Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5786D022-540E-4699-B350-B4BE0AE94B79} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gelöscht : HKCU\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\SmartbarBackup Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKCU\Software\SweetIm Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gelöscht : HKLM\Software\APN Schlüssel Gelöscht : HKLM\Software\Ashampoo_DE Schlüssel Gelöscht : HKLM\Software\AskToolbar Schlüssel Gelöscht : HKLM\Software\Babylon Schlüssel Gelöscht : HKLM\Software\BabylonToolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2481020 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2801937 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\Software\Conduit Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6477D09-A529-4EEC-993D-BAAEB71AE111} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F6477D09-A529-4EEC-993D-BAAEB71AE111} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AAD4DF5-AC6F-4249-9ACD-1A528FD4DB36} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEB2B4A1-80DC-4D2F-B6A9-6FFD9D33403B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5786D022-540E-4699-B350-B4BE0AE94B79} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_DE Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5786D022-540E-4699-B350-B4BE0AE94B79}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{5786D022-540E-4699-B350-B4BE0AE94B79}] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16421 Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-21-951911369-2377803447-926339454-1005\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481020 --> hxxp://www.google.com Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=dd3b4beb-6dd0-48df-aadd-53c4ac2bf58b&searchtype=ds&q={searchTerms} --> hxxp://www.google.com -\\ Mozilla Firefox v14.0.1 (de) Profilname : default Datei : C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\prefs.js C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\0kodygem.default\user.js ... Gelöscht ! Gelöscht : user_pref("CT2481020.1000082.isPlayDisplay", "true"); Gelöscht : user_pref("CT2481020.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Gelöscht : user_pref("CT2481020.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT2481020.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Gelöscht : user_pref("CT2481020.FirstTime", "true"); Gelöscht : user_pref("CT2481020.FirstTimeFF3", "true"); Gelöscht : user_pref("CT2481020.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...] Gelöscht : user_pref("CT2481020.UserID", "UN04025477591745208"); Gelöscht : user_pref("CT2481020.addressBarTakeOverEnabledInHidden", "true"); Gelöscht : user_pref("CT2481020.autoDisableScopes", -1); Gelöscht : user_pref("CT2481020.browser.search.defaultthis.engineName", true); Gelöscht : user_pref("CT2481020.defaultSearch", "true"); Gelöscht : user_pref("CT2481020.embeddedsData", "[{\"appId\":\"129058856464656507\",\"apiPermissions\":{\"cross[...] Gelöscht : user_pref("CT2481020.enableAlerts", "false"); Gelöscht : user_pref("CT2481020.enableSearchFromAddressBar", "true"); Gelöscht : user_pref("CT2481020.firstTimeDialogOpened", "true"); Gelöscht : user_pref("CT2481020.fixPageNotFoundError", "true"); Gelöscht : user_pref("CT2481020.fixPageNotFoundErrorInHidden", "true"); Gelöscht : user_pref("CT2481020.fixUrls", true); Gelöscht : user_pref("CT2481020.installId", "ConduitNSISIntegration"); Gelöscht : user_pref("CT2481020.installType", "ConduitNSISIntegration"); Gelöscht : user_pref("CT2481020.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT2481020.isNewTabEnabled", true); Gelöscht : user_pref("CT2481020.isPerformedSmartBarTransition", "true"); Gelöscht : user_pref("CT2481020.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Gelöscht : user_pref("CT2481020.keyword", true); Gelöscht : user_pref("CT2481020.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FR[...] Gelöscht : user_pref("CT2481020.openThankYouPage", "false"); Gelöscht : user_pref("CT2481020.openUninstallPage", "false"); Gelöscht : user_pref("CT2481020.search.searchAppId", "129058856464656507"); Gelöscht : user_pref("CT2481020.search.searchCount", "0"); Gelöscht : user_pref("CT2481020.searchInNewTabEnabledInHidden", "true"); Gelöscht : user_pref("CT2481020.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT2481020.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Gelöscht : user_pref("CT2481020.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Gelöscht : user_pref("CT2481020.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1349117471500"); Gelöscht : user_pref("CT2481020.serviceLayer_services_appsMetadata_lastUpdate", "1349117462245"); Gelöscht : user_pref("CT2481020.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1349117463512"); Gelöscht : user_pref("CT2481020.serviceLayer_services_login_10.10.27.6_lastUpdate", "1349117466448"); Gelöscht : user_pref("CT2481020.serviceLayer_services_optimizer_lastUpdate", "1349117462415"); Gelöscht : user_pref("CT2481020.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1349117463329"); Gelöscht : user_pref("CT2481020.serviceLayer_services_searchAPI_lastUpdate", "1349117461072"); Gelöscht : user_pref("CT2481020.serviceLayer_services_serviceMap_lastUpdate", "1349117459144"); Gelöscht : user_pref("CT2481020.serviceLayer_services_toolbarContextMenu_lastUpdate", "1349117463432"); Gelöscht : user_pref("CT2481020.serviceLayer_services_toolbarSettings_lastUpdate", "1349117461289"); Gelöscht : user_pref("CT2481020.serviceLayer_services_translation_lastUpdate", "1349117462367"); Gelöscht : user_pref("CT2481020.settingsINI", true); Gelöscht : user_pref("CT2481020.shouldFirstTimeDialog", "false"); Gelöscht : user_pref("CT2481020.smartbar.CTID", "CT2481020"); Gelöscht : user_pref("CT2481020.smartbar.Uninstall", "0"); Gelöscht : user_pref("CT2481020.smartbar.homepage", true); Gelöscht : user_pref("CT2481020.smartbar.toolbarName", "Ashampoo DE "); Gelöscht : user_pref("CT2481020.toolbarBornServerTime", "1-10-2012"); Gelöscht : user_pref("CT2481020.toolbarCurrentServerTime", "1-10-2012"); Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=1[...] Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo DE Customized Web Search"); Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020[...] Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481020"); Gelöscht : user_pref("browser.search.defaultengine", "Ask.com"); Gelöscht : user_pref("browser.search.defaultenginename", "Search the web"); Gelöscht : user_pref("browser.search.defaultthis.engineName", "NCH DE Customized Web Search"); Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&Sea[...] Gelöscht : user_pref("browser.search.order.1", "Search the web"); Gelöscht : user_pref("browser.search.selectedEngine", "Search the web"); Gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", ""); Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "aeb7104b00000000000000016c6c2ae8"); Gelöscht : user_pref("extensions.BabylonToolbar_i.id", "aeb7104b00000000000000016c6c2ae8"); Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15382"); Gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:15:33"); Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); Gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_14.0.1"); Gelöscht : user_pref("extensions.asktb.cbid", "^ABT"); Gelöscht : user_pref("extensions.asktb.config-updated", false); Gelöscht : user_pref("extensions.asktb.cr-o", "APN10395"); Gelöscht : user_pref("extensions.asktb.crumb", "2012.08.08+10.50.21-toolbar016iad-DE-Um90dHdlaWwsR2VybWFueQ%3D%[...] Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...] Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com"); Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com"); Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE"); Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...] Gelöscht : user_pref("extensions.asktb.fresh-install", false); Gelöscht : user_pref("extensions.asktb.guid", "3ca97582-4982-4f0c-bb22-a336c9ee6c8b"); Gelöscht : user_pref("extensions.asktb.hpr", "YES"); Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...] Gelöscht : user_pref("extensions.asktb.if", "first"); Gelöscht : user_pref("extensions.asktb.l", "dis"); Gelöscht : user_pref("extensions.asktb.last-config-req", "1348301212675"); Gelöscht : user_pref("extensions.asktb.locale", "de_DE"); Gelöscht : user_pref("extensions.asktb.localePref", true); Gelöscht : user_pref("extensions.asktb.location", "Rottweil,Germany"); Gelöscht : user_pref("extensions.asktb.notification-shown", true); Gelöscht : user_pref("extensions.asktb.nthp", "YES"); Gelöscht : user_pref("extensions.asktb.nthp_prev", "1"); Gelöscht : user_pref("extensions.asktb.o", "APN10395"); Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Gelöscht : user_pref("extensions.asktb.qsrc", "2871"); Gelöscht : user_pref("extensions.asktb.r", "2"); Gelöscht : user_pref("extensions.asktb.sa", "YES"); Gelöscht : user_pref("extensions.asktb.sa-enabled", "false"); Gelöscht : user_pref("extensions.asktb.saguid", "C15BF6CB-89E7-4953-B59F-CA66B5356EB9"); Gelöscht : user_pref("extensions.asktb.save-searches", false); Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true); Gelöscht : user_pref("extensions.asktb.show-labels", false); Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true); Gelöscht : user_pref("extensions.asktb.themeid", ""); Gelöscht : user_pref("extensions.asktb.timeinstalled", "08.08.2012 19:55:11"); Gelöscht : user_pref("extensions.asktb.to", ""); Gelöscht : user_pref("extensions.asktb.v", "3.15.4.100015"); Gelöscht : user_pref("extensions.asktb.version", "5.15.4.23930"); -\\ Google Chrome v19.0.1084.52 Datei : C:\Users\Bernie\AppData\Local\Google\Chrome\User Data\Default\Preferences Gelöscht [l.1] : icon_url ={"browser":{"window_placement":{"bottom":860,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":870,"work_area_left":0,"work_area_ri ght":1440,"work_area_top":0}},"countryid_at_install":17477,"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"","", "id":"6","instant_url":"","keyword":"search.sweetim.com","name":"SweetIM Search","prepopulate_id":"0","search_url":"hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}","suggest_url":""},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"impor t_history":false,"import_search_engine":false,"make_chrome_default":true,"show_welcome_page":true,"skip_first_run_ui":true,"system_level":true,"verbos e_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://a.ligatus.com/",["hxxp://ads-de.ret01.ligatus.com/",1.752984684675707,"hxxp://d.ligatus.com/",2.007688150137572,"hxxp://i.ligatus.com/",3.0265208893958504,"hxxp://x.ligatus.com/",2.007688150137572]],["hxxp://ad-emea.doubleclick.net/",["hxxp://s0.2mdn.net/",1.129256153838169]],["hxxp://ad.yieldmanager.com/",["hxxp://track.adform.net/",0.8745508006352223]],["hxxp://ads.contentabc.com/",["hxxp://cdn1.ads.brazzers.com/",1.804350119511485,"hxxp://cdn1.ads.contentabc.com/",2.0665290396572784]],["hxxp://ads.trafficjunky.net/",["hxxp://ads.contentabc.com/",2.590868002538046,"hxxp://ads2.contentabc.com/",2.590868002538046]],["hxxp://cdn.flashtalking.com/",["hxxp://cdn.flashtalking.com/",1.752984684675707,"hxxp://stat.flashtalking.com/",3.7906407244868543]],["hxxp://cdn1.ads.contentabc.com/",["hxxp://cdn1.ads.contentabc.com/",2.328698521097662]],["hxxp://feed.snap.do/",["hxxp://search.snap.do/",3.4144081114998395]],["hxxp://glamour.mobi.xpor.mobi/",["hxxp://glamour.mobi.xpor.mobi/",7.047777503140802,"hxxp://www.google-analytics.com/",2.590868002538046]],["hxxp://home.sweetim.com/",["hxxp://ad.xtendmedia.com/",0.4902510782961645,"hxxp://ad.yieldmanager.com/",0.299886548254748,"hxxp://cdn.search.sweetim.com/",2.229601553008571,"hxxp://content.yieldmanager.edgesuite.net/",0.2332879867593849,"hxxp://cookex.amp.yahoo.com/",0.0956282438512835,"hxxp://pagead2.googlesyndication.com/",1.687668843245427,"hxxp://partner.googleadservices.com/",1.687668843245427,"hxxp://www.google-analytics.com/",1.460941700615838,"hxxp://www.googletagservices.com/",1.687668843245427]],["hxxp://img-cdn.mediaplex.com/",["hxxp://altfarm.mediaplex.com/",2.007688150137572,"hxxp://edpn.ebay.com/",2.5171045197667112,"hxxp://img-cdn.mediaplex.com/",1.752984684675707,"hxxp://mp.apmebf.com/",1.752984684675707]],["hxxp://lesershop24.bild.de/",["hxxp://code.etracker.com/",1.752984684675707,"hxxp://lesershop24.bild.de/",10.158312309382161,"hxxp://www.etracker.de/",2.007688150137572,"hxxps://ad.zanox.com/",2.5171045197667112]],["hxxp://midsommar.ikea.de/",["hxxp://ikea.122.2o7.net/",1.860576487632898,"hxxp://midsommar.ikea.de/",2.349709079338096]],["hxxp://platform.twitter.com/",["hxxp://cdn.api.twitter.com/",0.8903681831596245,"hxxp://p.twitter.com/",0.8903681831596245,"hxxp://r.twimg.com/",0.8420382359833809]],["hxxp://pornhubhd.com/",["hxxp://counter.yadro.ru/",2.0665290396572784,"hxxp://pornhubhd.com/",47.42213249000598,"hxxp://s7.addthis.com/",3.115206965418814,"hxxp://www.google-analytics.com/",1.804350119511485]],["hxxp://s7.addthis.com/",["hxxp://cf.addthis.com/",1.804350119511485,"hxxp://m.addthisedge.com/",2.0665290396572784]],["hxxp://search.snap.do/",["hxxp://ajax.googleapis.com/",1.140620208091026,"hxxp://cdn1.predictad.com/",1.9230465295469579,"hxxp://chrome.dealply.com/",0.47997980809102614,"hxxp://geo.widdit.com/",0.4190868473630602,"hxxp://linkurystoragenorthus.blob.core.windows.net/",3.487899172458821,"hxxp://optstatic.dealply.com/",0.4190868473630602,"hxxp://search.snap.do/",1.140620208091026,"hxxp://static.app.widdit.com/",1.140620208091026,"hxxp://www.google-analytics.com/",1.9230465295469579]],["hxxp://search.sweetim.com/",["hxxp://cdn.search.sweetim.com/",3.957620861877473,"hxxp://www.google-analytics.com/",2.3180611001017186]],["hxxp://sportdaten.bild.de/",["hxxp://ajax.googleapis.com/",0.7635997624229681,"hxxp://sportdaten.bild.de/",0.8745508006352223,"hxxp://www.bild.de/",1.540255142167665]],["hxxp://t.freizeit.bild.de/",["hxxp://t.freizeit.bild.de/",3.0265208893958504,"hxxp://www.bild.de/",1.752984684675707]],["hxxp://tools.google.com/",["hxxp://fonts.googleapis.com/",1.675407964919136,"hxxp://themes.googleusercontent.com/",1.950536788886077,"hxxp://tools.google.com/",2.665235562455557,"hxxp://www.google-analytics.com/",1.950536788886077,"hxxp://www.google.com/",2.3200904217646543]],["hxxp://track.adform.net/",["hxxp://track.adform.net/",2.5171045197667112]],["hxxp://wetter.bild.de/",["hxxp://wetter.bild.de/",2.304374977258669]],["hxxp://ww251.smartadserver.com/",["hxxp://ced.sascdn.com/",1.752984684675707,"hxxp://ww251.smartadserver.com/",1.752984684675707]],["hxxp://www.bild.de/",["hxxp://images.intellitxt.com/",2.7718174239339852,"hxxp://itx4.smartadserver.com/",2.007688150137572,"hxxp://level3.cedexis.com/",2.262401054304846,"hxxp://phoenixnap.cedexis.com/",2.007688150137572,"hxxp://platform.twitter.com/",2.7718174239339852,"hxxp://report.init.cedexis-radar.net/",5.318880394668862,"hxxp://wpc.0003.edgecastcdn.net/",2.262401054304846,"hxxp://www.facebook.com/",2.5171045197667112,"hxxps://plusone.google.com/",2.5171045197667112,"hxxps://s-static.ak.facebook.com/",2.5171045197667112]],["hxxp://www.facebook.com/",["hxxp://static.ak.fbcdn.net/",0.5673105569963223]],["hxxp://www.ikea.com/",["hxxp://metrics.ikea.com/",2.262401054304846,"hxxp://midsommar.ikea.de/",2.5171045197667112,"hxxp://survey.122.2o7.net/",2.007688150137572,"hxxp://www.ikea.com/",9.64890537845843]],["hxxp://www.irfanview.net/",["hxxp://www.irfanview.net/",1.6074870407959718]],["hxxp://www.kalterersee.com/",["hxxp://css.kalterersee.com/",2.084689108864194,"hxxp://images2.kalterersee.com/",7.536938410962226,"hxxp://js.kalterersee.com/",2.084689108864194,"hxxp://player.peer.tv/",2.9933910334102602,"hxxp://stats.peer.biz/",2.387586604144413,"hxxp://www.kalterersee.com/",9.65730582627244]],["hxxp://www.keezmovies.com/",["hxxp://cdn1.image.keezmovies.phncdn.com/",8.096464867607745,"hxxp://cdn1.image.spankwire.phncdn.com/",1.804350119511485,"hxxp://cdn1.image.tube8.phncdn.com/",1.804350119511485,"hxxp://cdn1.image.youporn.phncdn.com/",2.0665290396572784,"hxxp://cdn1.images.videobash.com/",3.377376446859198,"hxxp://cdn1.static.keezmovies.phncdn.com/",4.9504027742069105,"hxxp://cdn1.static.pornhub.phncdn.com/",1.804350119511485,"hxxp://cdn2.image.keezmovies.phncdn.com/",7.834285947461953,"hxxp://cdn3.image.pornhub.phncdn.com/",2.328698521097662,"hxxp://www.google-analytics.com/",1.804350119511485]],["hxxp://www.planet49.com/",["hxxp://www.planet49.com/",10.22268428027154]],["hxxp://www.skype.com/",["hxxp://connect.facebook.net/",1.654586180786882,"hxxp://metrics.skype.com/",1.8949994462595212,"hxxp://static.ak.facebook.com/",2.375825977204799,"hxxp://survey.122.2o7.net/",2.13541271173216,"hxxp://www.facebook.com/",5.7415645002947,"hxxp://www.google-analytics.com/",1.8949994462595212,"hxxp://www.skype.com/",1.8949994462595212,"hxxp://www.skypeassets.com/",11.030637463281941,"hxxps://s-static.ak.facebook.com/",1.8949994462595212]],["hxxps://accounts.google.com/",["hxxps://accounts.google.com/",2.351408046311716,"hxxps://www.google.com/",1.124027111041583]],["hxxps://plusone.google.com/",["hxxps://apis.google.com/",0.5180131425156562,"hxxps://plusone.google.com/",0.9542908716715359,"hxxps://ssl.gstatic.com/",0.4070621043034021,"hxxps://www.google.com/",0.14489073512193631]]],"startup_list":[1,"hxxp://ajax.googleapis.com/","hxxp://cdn1.predictad.com/","hxxp://cloud-search.linkury.com/","hxxp://feed.snap.do/","hxxp://linkurystoragenorthus.blob.core.windows.net/","hxxp://search.snap.do/","hxxp://sp.ask.com/","hxxp://static.app.widdit.com/","hxxp://websearch.ask.com/","hxxp://www.google-analytics.com/"]},"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"12991729093873000","next_check":"12993 417525173749"},"blacklistupdate":{"lastpingday":"12991647703628000","version":"0.0.0.122"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"],"newtab":["chrome-extension://aaaangaohdajkgeopjhpbnlpkehbhmbj/config/skin/new-tab.html","chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"]},"settings":{"aaaangaohdajkgeopjhpbnlpkehbhmbj":{"active_permissions":{"api":["bookmarks","contextMenus","cookies","geolocation","history","idle","management","notifications","plugin","tabs","unlimitedStorage"],"explicit_host":["chrome://favicon/*","hxxp://*/*","hxxps://*/*"],"scriptable_host":["*://*.ask.com/","*://*.bagsbuy.com/*","*://*.childrenschorus.org/*","*://*.csaa.com/*","*://*.facebook.com/*","*://*.google.com/*","*://*.google.com/imgres*","*://*.mercurynews.com/*","*://*.usnews.com/*","*://*.wikipedia.org/*","*://*/*","*://codesearch.google.com/*","*://images.google.com/*"]},"events":["experimental.extension.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12991729103869000","location":3,"manifest":{"background_page":"background/background.html","browser_action":{"default_icon":"config/skin/images/ask_logo_19x.png","default_popup":"config/skin/options.html","default_title":"Avira Toolbar"},"chrome_url_overrides":{"newtab":"config/skin/new-tab.html"},"content_scripts":[{"js":["lib/jquery.js","lib/constant.js","lib/default-config.js","config/tb-config.js","lib/tb-message.js","content_script/toolbar.js","content_script/widget.js","content_script/injector.js"],"matches":["*://*/*"],"run_at":"document_start"},{"css":["content_script/hack/facebook.css"],"matches":["*://*.facebook.com/*"]},{"css":["content_script/hack/relative.css"],"matches":["*://*.google.com/*","*://*.ask.com/","*://*.bagsbuy.com/*","*://*.csaa.com/*","*://*.childrenschorus.org/*","*://*.wikipedia.org/*","*://*.mercurynews.com/*","*://*.usnews.com/*"],"run_at":"document_start"},{"css":["content_script/hack/static.css"],"matches":["*://*.google.com/imgres*","*://images.google.com/*","*://codesearch.google.com/*"],"run_at":"document_start"}],"description":"Convenient tools and links to make your browsing more enjoyable","icons":{"128":"config/skin/images/ask_logo_128x.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCx+zTj9AqzrVtkCAW6gmhvRMY++4+9SXS64frvxCR/GaqZwzTaKIQVQnde4gq5S5eu2ZpT00OZ3MIdGr2Gq3DgWF0XY+ZeVbrnMSdoE5HXo8hvbFb+GbwOHt+yJWqhcteNbosCgSQriLBk7oy6WOph0FusdubqkPiLEnDhL526EQIDAQAB","name":"Avir a Toolbar","permissions":["bookmarks","contextMenus","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","hxxp://*/*","hxxps://*/*","chrome://favicon/*","chrome-internal://newtab/"],"plugins":[{"path":"background/registryAccess.dll","public":false}],"update_url":"hxxp://apnmedia.ask.com/media/toolbar/supertoolbar/chrome/manifest.php","version":"7.15.4.24169"},"path":"aaaangaohdajkgeopjhpbnlpkehbhmbj\\7.15.4.24169_0","state":1,"update_url_data":""},"aandpgohbohmlknpjbb lpmoladhoochg":{"blacklist":true},"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"abfclfmhaemoockhhinpplncjehfpdbd":{"blacklist":true},"acmpfca mncegnhjdeiodgilikjafcamg":{"blacklist":true},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":tr ue},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"b lacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist" :true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk": {"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"apdmgffkfhjfeejmbjiden nfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"benclngoad bppljglhphhnfknoppmjoa":{"blacklist":true},"bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true},"bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true} ,"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blac klist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"blpcfgokakmgnkcojhhkbfbldkac nbeo":{"ack_external":true,"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"t","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631039725627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"de","default_locale":"en","description":"Die beliebteste Online-Video-Community der Welt","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","per missions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklis t":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe ":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true},"cbbjhegipokkofhhicbc kicchjpcpeni":{"blacklist":true},"cdogaeccgljmkecjmoedambgiekkllij":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cepfogmg fkddnllaopgknbdfkceejmhk":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":tru e},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"bl acklist":true},"ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabi mpknna":{"blacklist":true},"cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"coobgpohoikkii piblmjeljniedjpjpf":{"ack_external":true,"app_launcher_ordinal":"x","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631042271627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"de","default_locale":"en","description":"Die schnellste Suche im Web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55X B9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name ":"Google-Suche","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1},"cpiiakoibaohkfoaijaigdnocfolnmll":{"bl acklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineeg ngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"dfafokiagoioci dlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dg cfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklis t":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf ":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdpajbbniphgkg ceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehi cimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":tru e},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efbeabpbbkahnnjalakldjfhljboclkf":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"bl acklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgp ghnabc":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"ejijgghlncnaph klndknkbkclebfboca":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true},"eo fejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true},"epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklis t":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj ":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true},"fiapkdjniadkodmdibdn choifkpfoiid":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fjjeecfj mgfnleghoellhldedkaocjfc":{"blacklist":true},"fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":tru e},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"bl acklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjem jadeli":{"blacklist":true},"fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true},"fommcgokigkhmnhlhlkckfjhefnmfohd":{"blacklist":true},"fpbippbofbmgmb ojjmgfcifpmdaelcmd":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true},"ga icmfjflflabagobdiodejfpjikheeo":{"blacklist":true},"gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklis t":true},"gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true},"gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio ":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflb igpammebiolo":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true},"gmghjgfd ialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":tru e},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"gplgjmecjpbfcdikpbicknafcnfcidek":{"bl acklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodl lmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdijkiondgomjp ehfhopomicjbiodmcm":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true},"he fmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hfjpjodbolkmheaehcnmfhjakjileoof":{"blacklist":true},"hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklis t":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm ":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmi emghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true},"hjkhligc npfjhjlapmejaiaiigibofif":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":tru e},"hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true},"hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"bl acklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmlj ldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true},"hpcdoodjfcmpcp keendjnjkeinimhkih":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"ic cblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklis t":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm ":{"blacklist":true},"igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true},"igghanohiioehififjoalfkdoicafjof":{"blacklist":true},"ihnembcpodnfgkafmioj ebccomjekopm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgi dnapbndonoinbkhekgjonojg":{"blacklist":true},"ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":tru e},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"bl acklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbmbiepnidbnhbbfdbgioomdkg nbcacj":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jfalnphfjdoalc dhlnhdpekbmmopkgkj":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jg mpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklis t":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh ":{"blacklist":true},"jljfnkmkkdkppfndippkedacgfkafped":{"blacklist":true},"jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true},"jmeanodbelbflfmnkfdj gpikmldgjjko":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpehgolpfgnknboibogccapmdcadjkbd":{"blacklist":true},"jpeijjbl lejgmokmahkeommcodahoobm":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":tru e},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kcfnnanmpghdnoompcfclakpacapnfbn":{"bl acklist":true},"kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true},"kdchmeaiapjkejkcbeclgjklemecieeg":{"blacklist":true},"kdfahjokahcbmecgaandpobmgi iknagf":{"blacklist":true},"kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true},"kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true},"kffhenjbibjnbn jhlkcdlmpeccpaohio":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kgdhnhadbnpeibkghaebmhmngobdafag":{"blacklist":true},"kg dkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true},"kgdmldjagfciieddcnlhampgkajkpanc":{"blacklist":true},"kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklis t":true},"kiipngoehgkgkackngaidmhmnchfbmio":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf ":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true},"kolbbghckjilleabphhg eggcgpfidofi":{"blacklist":true},"lambangeielkjcnmioccboaphdfcffib":{"blacklist":true},"lbaddolhebpnhdcdkicpcflhnfamcemn":{"blacklist":true},"lbficnmf ealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":tru e},"ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true},"lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true},"lgcnahanhlfpceencjmlehpfklokhojk":{"bl acklist":true},"lifbcibllhkdhoafpjfnlhfpfgnpldfl":{"ack_external":true,"active_permissions":{"api":["plugin","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["file:///*","hxxp://*/*","hxxps://*/*"]},"events":["experimental.extension.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12981658377606866","lastpingday":"12991647701638000","location":3,"manifest":{"background _page":"background.html","browser_action":{"default_icon":"skype.png","default_title":"Options"},"content_scripts":[{"all_frames":true,"js":["contentscript.js"],"matches":["hxxp://*/*","file://*/*","hxxps://*/*"],"run_at":"document_end"}],"description":"Skype Click to Call","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZ JxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB","name":"Skype Click to Call","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"plugins":[{"path":"npSkypeChromePlugin.dll","public":true}],"version":"5.10.0.9560"},"path":"lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.10.0.9560_0","state":1},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"l iomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blackli st":true},"ljmjoloiepllcndinchenhomcdcgbgef":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lkfdchejjogilmloogbbjlnlpbhgjfa b":{"blacklist":true},"lkhcbijhgfchgdmklonlobkfbcadbokg":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjpp didhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"lndempe hphjoeimfchjflohpmhamiamf":{"blacklist":true},"lnjgjionmhobdfdegbciceafphgemjnc":{"blacklist":true},"lnlaeblencbjjjeaanegaldcjfekeled":{"blacklist":tr ue},"lojppnndedobolgfepahepphhloediji":{"blacklist":true},"loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true},"lookpbabilcplifjdeifacodednpacmk":{"b lacklist":true},"lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true},"lplmcpcnhpbffpcfiaddbeaplhhbengd":{"blacklist":true},"mamfageekafifnickhgkibkof cclfefe":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mcknnlhkkdbcppajgefagceglahcafjd":{"blacklist":true},"mdiehnlecbjlp pbpaaipmlnhhjgepfcg":{"blacklist":true},"mdngbiejioalifclonjepjjfppmbgned":{"blacklist":true},"megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true},"m fffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mfncimdpmknolnnnccdmkpnpkaofonkc":{"blackli st":true},"mgdgiplcofghdmpekdeeceolepakodcb":{"blacklist":true},"mjalegijammcloleihdmooifidcjggjp":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljg g":{"blacklist":true},"mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true},"mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true},"mkobblpffgbncfhijab akfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedb hndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mndoohjdoechinpkfbkolflbonciahfo":{"blacklist":tr ue},"mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mnllienogacopjnkmhgnniopjpgjpopp":{"b lacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true},"naopgnjebjeeedbbhcadkhkme efmloho":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true},"ncpdanjmicnih dlijomcggnnekloephc":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"n egkalblfongjbphdcbbhddlickhlamd":{"blacklist":true},"nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true},"nfecfkjnlkbphobjbcnphimihniieehc":{"blackli st":true},"nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true},"nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnko d":{"blacklist":true},"nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nifbebeekindefklojh chehidpikbjfc":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nmmnodo cfckpoddcgihiihcdinaonckb":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":tr ue},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true},"npadaghbcdejfngcjpbnoikajdnongca":{"b lacklist":true},"npolaghondefgiomhkbiiompikfjneep":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"oanjogmonneelfpnfmdlalfdd keckdej":{"blacklist":true},"ocmhjnhildbnglmlfimkjnnfgddelacb":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"odnamglmogfld ajnhkfodmloofeokcmm":{"blacklist":true},"oghphhcagopecifjblgdcfihjnlcbcfc":{"blacklist":true},"ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true},"o idjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true},"ojglppmhgfohhfeinlhklglifnbfebak":{"blacklist":true},"omceiakkomngangmllpgbjcoeloglald":{"blackli st":true},"onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"oocfbmollajebjjpkahmlnclfhkjije a":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true},"pajgiddgjidlcajihkj oacjbplimkgfe":{"blacklist":true},"pbdgmppmccanplobanhfkjndjkmmabgk":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijb amgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":tr ue},"pfhlnanelpgjbhndafjamnpfhkjadoip":{"blacklist":true},"pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"b lacklist":true},"pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true},"pgjpnfpidejcmjibaaohcmehfohacckf":{"blacklist":true},"pgldfhecfiofkhnbgcncepnkj keoahlk":{"blacklist":true},"phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true},"pihcfdffalbcnmbghijdfcaanagapelf":{"blacklist":true},"pjdhkkcnlbfeb iokpeghfffajaabahfo":{"blacklist":true},"pjgbfgdpkbfimabdalhjmmeeelbmkcac":{"blacklist":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true, "active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"w","events":["experimental.extension.onInstalled"],"from_bookmark":true,"from_webstore":true,"install_time":"12985631040771627","lastpingday":"12991647701638000","location":2,"manifest":{"app":{"launc h":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"de","default_locale":"en","description":"Schneller E-Mail-Dienst mit Suchfunktion und wenig Spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Google Mail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","state":1},"pjloefkigphblpjminnlpbhjchjafcfc":{"blacklist":true} ,"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blac klist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimg afpp":{"blacklist":true},"pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"pobponmhkpmphbnf hpjdagklbkmjhked":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true},"fkjoiggkbepedjmjjbhhecjiimlckcga":{"ack_external":true}}," toolbar":["lifbcibllhkdhoafpjfnlhfpfgnpldfl","aaaangaohdajkgeopjhpbnlpkehbhmbj"],"toolbarsize":-1},"homepage":"hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48","homepage_is_newtabpage":false,"net":{"hxxp_server_properties":{"accounts.google.com:443":{"supports_spdy":true},"api s.google.com:443":{"supports_spdy":true},"clients1.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients2.g oogleusercontent.com:443":{"supports_spdy":true},"plusone.google.com:443":{"supports_spdy":true},"ssl.gstatic.com:443":{"supports_spdy":true},"www.goo gle.com:443":{"supports_spdy":true}}},"ntp":{"app_page_names":["Apps"],"promo_build":4,"promo_closed":false,"promo_end":1338933540.0,"promo_feature_mask":0,"promo_group":75,"promo_group_max":99,"promo_group_timeslice":0, "promo_is_logged_in_to_plus":false,"promo_line":"Ihr Chromebook ist jetzt noch besser! \u003Ca href=\"hxxps://support.google.com/chromeos/?p=ntp19\"\u003EWeitere Informationen \u00FCber die neuesten Funktionen\u003C/a\u003E","promo_platform":8,"promo_resource_cache_update":"1348942872.45575","promo_start":1338321600.0,"promo_views":0,"promo_views_max":20},"plugins ":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.10 84.52","plugins_list":[{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":t rue,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\pdf.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\gcswf32.dll","version":"11,2,202,235"},{"enabled":true,"n ame":"Shockwave Flash","path":"C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_2_202_235.dll","version":"11,2,202,235"},{"enabled":true,"name":"Flash"},{"enabled": true,"name":"Skype Click to Call","path":"C:\\Users\\Bernie\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\5.10.0.9560_0\\npSkypeChromePlugin.dll","version":"5.10.0.9560"},{"enabled":true,"name":" Skype Click to Call"},{"enabled":true,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll","version":"10.1.3.23"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Java Deployment Toolkit 7.0.40.255","path":"C:\\Windows\\SysWOW64\\npDeployJava1.dll","version":"10.4.1.255"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"Windows Genuine Advantage","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npLegitCheckPlugin.dll","version":"1.9.0042.0"},{"enabled":true,"name":"Windows Genuine Advantage"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL","version":"14.0.4730.1010"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"NPCIG.dll","path":"C:\\Program Files (x86)\\Canon\\ZoomBrowser EX\\Program\\NPCIG.dll","version":"1, 0, 0, 5"},{"enabled":true,"name":"NPCIG.dll"},{"enabled":true,"name":"Google Earth Plugin","path":"C:\\Program Files (x86)\\Google\\Google Earth\\plugin\\npgeplugin.dll","version":"6.1.0.5001"},{"enabled":true,"name":"Google Earth Plugin"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll","version":"1.3.21.111"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Silverlight Plug-In","path":"C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.10411.0\\npctrl.dll","version":"5.1.10411.0"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"NVIDIA 3D Vision","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dv.dll","version":"7.17.12.9573"},{"enabled":true,"name":"NVIDIA 3D VISION","path":"C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\npnv3dvstreaming.dll","version":"7.17.12.9573"},{"enabled":true,"name":"NVIDIA 3D"},{"enabled":true,"name":"VLC Web Plugin","path":"C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll","version":"2.0.0"},{"enabled":true,"name":"VLC Web Plugin"},{"enabled":true,"name":"Windows Live\u00AE Photo Gallery","path":"C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll","version":"14.0.8064.0206_ship.wlx.w3m3 (ship)"},{"enabled":true,"name":"Windows Live\u00AE Photo Gallery"},{"enabled":true,"name":"iTunes Application Detector","path":"C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll","version":"1.0.1.1"},{"enabled":true,"name":"iTunes Application Detector"},{"enabled":true,"name":"Shockwave for Director","path":"C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll","version":"11.6.1r629"},{"enabled":true,"name":"Shockwave"}]},"profile":{"avatar_index":0,"content_settings":{"pref_version":1},"exited_cleanly":true,"name":"Erster Nutzer"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":["hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48"]},"sync":{"suppress_start":false},"sync_promo":{"startup_count":3,"user_skipped":true,"view_count":3}} ************************* AdwCleaner[R1].txt - [67700 octets] - [03/10/2012 19:48:17] AdwCleaner[S1].txt - [68326 octets] - [03/10/2012 19:51:46] ########## EOF - C:\AdwCleaner[S1].txt - [68387 octets] ########## |
|
04.10.2012, 16:03
| #7 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Sehr gut!  Wie laeuft der Rechner? Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
04.10.2012, 17:40
| #8 |
| | soap0_wsdl.exe nicht gefunden Hallo, vielen Dank für Daumen hoch. Der Rechner läuft stabil, ABER mein avira antivir läßt keine updates mehr zu Hinweis Bei dem Verscuh das Intermnet Update zu starten ist foglender Fehler ausgetreten: Der Zugriff wurde verweigert Diser Hinweis kommt so schnell,dass es wohl an Berechtigungen liegt. Die Firewall ist aber für antivir offen. und nu ? mercie |
|
05.10.2012, 00:59
| #9 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Schaue bitte in der Anleitung (http://www.trojaner-board.de/103809-...i-malware.html) nach, wo du die Logfiles finden kannst. Poste das Logfile bitte. |
|
05.10.2012, 11:38
| #10 |
| | soap0_wsdl.exe nicht gefunden Hallo, habe nun mit Hilde von Emissoft ANTI-MALWARE zweimal gescannt und eine Daei mi großen Risiko nun in der Quarantäne Trojan.generic.3804584 einen Bericht kann ich dazu aber nicht erstellen Antivir update nun immer noch nicht Soll die Datei in der Quarantäne gelöscht werden ? Vielen Dank fürs weitere Vorgehen |
|
05.10.2012, 21:59
| #11 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Suche das Logfile! Hier steht wo du es findest: http://www.trojaner-board.de/103809-...i-malware.html |
|
05.10.2012, 23:03
| #12 |
| | soap0_wsdl.exe nicht gefunden 1. Scan Emsisoft Anti-Malware - Version 7.0 Letztes Update: 04.10.2012 18:59:54 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\, F:\ Riskware-Erkennung: Aus Archiv Scan: An ADS Scan: An Dateitypen-Filter: Aus Erweitertes Caching: An Direkter Festplattenzugriff: Aus Scan Beginn: 04.10.2012 19:00:33 C:\Program Files (x86)\Microsoft Games\Train Simulator\TRAINS\TRAINSET\GR BR 56-58 DR\w08.exe gefunden: Trojan.Generic.3804584 (B) Gescannt 930849 Gefunden 1 Scan Ende: 05.10.2012 00:53:18 Scan Zeit: 5:52:45 2. Scan msisoft Anti-Malware - Version 7.0 Letztes Update: 05.10.2012 06:03:38 Scan Einstellungen: Scan Methode: Smart Scan Objekte: Rootkits, Speicher, Traces, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\ Riskware-Erkennung: Aus Archiv Scan: Aus ADS Scan: An Dateitypen-Filter: Aus Erweitertes Caching: An Direkter Festplattenzugriff: Aus Scan Beginn: 05.10.2012 06:11:59 C:\Program Files (x86)\Microsoft Games\Train Simulator\TRAINS\TRAINSET\GR BR 56-58 DR\w08.exe gefunden: Trojan.Generic.3804584 (B) Gescannt 634898 Gefunden 1 Scan Ende: 05.10.2012 07:46:40 Scan Zeit: 1:34:41 C:\Program Files (x86)\Microsoft Games\Train Simulator\TRAINS\TRAINSET\GR BR 56-58 DR\w08.exe Quarantäne Trojan.Generic.3804584 (B) Quarantäne 1 |
|
05.10.2012, 23:47
| #13 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Sehr gut! Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
06.10.2012, 11:07
| #14 |
| | soap0_wsdl.exe nicht gefunden so hier nun wieder der weiter Stunden scan die Schritte der Deinstallatin und Löschung folgen nun bis wann funktioniert antivir wieder normal ??? SETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=69935b3ad09bb54d9c902f19bb97a8fc # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-10-06 10:03:04 # local_time=2012-10-06 12:03:04 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 30797947 30797947 0 0 # compatibility_mode=4096 16777215 100 0 0 0 0 0 # compatibility_mode=5893 16776573 100 94 25335 101130057 0 0 # compatibility_mode=8192 67108863 100 0 190 190 0 0 # scanned=646952 # found=7 # cleaned=7 # scan_time=17577 C:\OEM\Preload\Autorun\APP\Nero Move IT Essentials Software\Nero Move it Essentials\unit_app_75\Toolbar.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarApp.dll probably a variant of Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Bernie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRP4MVSM\bi_downloader[1].exe a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Bernie\AppData\Local\Temp\nsaD1E.tmp a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Bernie\AppData\Local\Temp\BCECAD83-BAB0-7891-910A-1935BD927588\Latest\MyBabylonTB.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Bernie\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Bernie\Downloads\SoftonicDownloader40958.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C |
|
06.10.2012, 14:49
| #15 |
| /// Helfer-Team | soap0_wsdl.exe nicht gefunden Java aktualisieren Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck Java deaktivieren Aufgrund derezeitigen Sicherheitsluecke: http://www.trojaner-board.de/122961-...ktivieren.html Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck |
|
| Themen zu soap0_wsdl.exe nicht gefunden |
| abges, abgestürzt, appdata, arten, beim starten, benötigte, erkenn, erkennt, folge, folgender, gefunde, gestern, local, nacht, rechner, starte, starten |
Linear-Darstellung
