claro search entfernen

LouLau · 15.11.2012, 17:26

Hallo Leute ich habe ein Problem und brauche Hilfe:
Seit ein paar Tagen kommt jedesmal beim Öffnen des Browsers (Firefox) als Startseite: "Claro-search". Ich kann das zwar temporär wieder ändern, aber beim nächsten Start ist der Mist wieder da. Ich habe schon einiges probiert,
inclusive eines kompletten Systemscann mit "Norten 360" aber eine Lösung ist mir bis jetzt noch nicht gelungen. Ich möchte aber auch noch anfügen, dass meine PC-Kenntnisse sehr bescheiden sind. Hilfe wäre also sehr lieb. Vielen Dank.

cosinus · 17.11.2012, 01:07

Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Zitat:

inclusive eines kompletten Systemscann mit "Norten 360"

Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520

LouLau · 17.11.2012, 10:21

Hallo Cosinus,
vielen Dank und schön, dass du dich meines Problems annehmen möchtest.
Sag mir bitte was zu tun ist. Aber wie ich schon zu Beginn mitgeteilt habe bitte ich um Nachsicht, wenn ich einige Dinge nicht sofort kapiere (Computerkenntnisse.....). Dennoch werde ich mich bemühen, deinen "Anweisungen" zu folgen. Mal sehen, ob's was wird ??
Eine Frage noch: Wie muß ich das mit den "BB-Codes" händeln ?

cosinus · 17.11.2012, 15:03

Zitat:

Sag mir bitte was zu tun ist.

Ganz unten in meinem ersten Posting steht schon etwas was du beachten solltest, das wurde verlinkt

Zitat:

Eine Frage noch: Wie muß ich das mit den "BB-Codes" händeln ?

Wurde in meinem ersten Posting auch verlinkt (CODE-Tags), hier nochmal ausführlicher

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

LouLau · 18.11.2012, 12:24

Guten Tag Cosinus,

starte mal vorsichtig einen ersten Versuch. Die angegebene Malwarescanner
hebe ich alle nicht auf meinem Rechner, deshalb habe ich mal ein wenig in Eurem Forum geschnüffelt und das gemacht, was einigen dort empfohlen wurde:
1. Defogger herunterladen - aufs Desktop und Ergebnis:
Logfile:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:36 on 15/11/2012 (Herbert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

2.OTL herunterladen - Ausführen - Ergebnis:
Logfile1: (Extras - Editor)
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 15.11.2012 16:40:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Herbert\Desktop\2
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 39,86% Memory free
8,19 Gb Paging File | 5,60 Gb Available in Paging File | 68,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,63 Gb Total Space | 295,13 Gb Free Space | 50,66% Space Free | Partition Type: NTFS
Drive D: | 13,54 Gb Total Space | 1,86 Gb Free Space | 13,72% Space Free | Partition Type: NTFS
 
Computer Name: HP-DESKTOP | User Name: Herbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE" /x /n
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoinsight Designer] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\Fotoinsight Designer.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE" /x /n
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoinsight Designer] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\Fotoinsight Designer.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = B1 39 AF 01 D7 3D CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0258D4AB-3ACD-4128-8904-56907217C09A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{070AB8FF-D300-4A4A-A677-21D1013C4BF1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{187EA1CE-88CD-43BE-8C7F-BB7300D0772B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4C336251-AEAE-4751-A4BC-FE5AEDAE1D1A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | 
"{53C62F0D-41F5-4F7A-B0E7-DC90B99360C8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{55D6AD7C-75B8-4E89-AB25-34CED2ECFEB1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{727E1BB6-1A20-4E6B-850A-B71D5E907ED2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8E04D028-61CD-48C7-AC39-9AF5B41BAC66}" = lport=58927 | protocol=6 | dir=in | app=c:\program files (x86)\birdiesync\birdiesync.exe | 
"{A8D60D22-16DA-40E3-859B-57EB03090C63}" = lport=139 | protocol=6 | dir=in | app=system | 
"{BAFAC6AD-3BBE-4CF9-B1DD-5485305C68BD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CDF4A670-9EAB-4CDC-B2DC-D422B60AF6EF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DD044CF5-F0A5-421A-AC21-04414B6F00D5}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BB7D0B5-B9E5-4923-819A-E08C8014451D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | 
"{142CF540-DB64-465E-A8C1-9F78FA381836}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
"{1FA9019D-0B4D-42FF-B51D-C469FA2B4ED2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3ABA224F-F532-443E-B9B8-3877BDABEFBC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{41A355C7-E033-4B27-809C-06064BE80C93}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{484E4CA7-63CE-494B-AE1D-5141D1E578A6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{5ED4B645-04D8-49C3-AE67-47FC3FCF53BE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{71923E2E-FF47-415B-84A2-B4E5C8FD62A5}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{731B12CF-7439-4682-9A9C-273AF1952A93}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{731F9014-170F-4C31-BA58-7FD1CB58D0E4}" = dir=in | app=c:\users\herbert\appdata\local\microsoft\skydrive\skydrive.exe | 
"{742B2A8E-7C74-429A-9AB7-03F6D13D3F62}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{78079336-918B-4E49-BFBB-CA0A8512BE76}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | 
"{7FFFADC5-2A0C-48A3-AE1C-9D15FAFCA85D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A46577D4-E487-4D31-9FB3-F2D9DEC361D5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A879130E-80A5-4A19-8689-8E6EA237F246}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | 
"{C5425AEB-DFDA-414D-8B64-0F30CD4341AE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{D0959FF8-1A88-4009-9083-A3654F5E8E35}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | 
"{D4F6384E-20AF-41AD-B7FE-C8B24A7EEE43}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | 
"{E6D2694D-5D92-4204-8F41-B4E9066E7CCF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F5614131-EEEE-437A-89A3-40C48B1A34BE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04C43AE1-5B72-487F-AC6C-6BC1AA19FE03}" = Microsoft IntelliPoint 6.2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1D95A4AF-B4FE-45E5-1518-2A842BA83081}" = ccc-utility64
"{223C0721-A6B0-4853-88C0-331029841734}" = HP Color LaserJet CP1510 Series 2.0
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA8213A-9080-C41F-2F85-8FF98374AB9F}" = ATI Catalyst Install Manager
"{B71CCF77-38A2-4805-9759-A6F7D2C52F3A}" = Adobe Photoshop Lightroom 4.2 64-bit
"{B85B1A3C-E404-44E5-A0E1-C4D0438A49C1}" = Adobe Photoshop Lightroom 2.5 64-bit
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F68310EC-B615-4044-B7D7-1A6349758D42}" = Microsoft SQL Server VSS Writer
"{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}" = Microsoft SQL Server Native Client
"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 )
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Testversion von Microsoft Office Home and Student 2007
"ZDFmediathek_is1" = ZDFmediathek Version 1.4.3
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0019BCD5-6D1C-6B47-8214-A151D5FCFDDC}" = Catalyst Control Center Localization Thai
"{014A0EB1-C226-1CAF-7B72-49321CB0E9B3}" = CCC Help Hungarian
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{069B290F-5398-4629-A009-85B4BCB4B1B9}" = Claro Chrome Toolbar
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0AF5BF1B-FFE1-2C85-FDDC-3A44EFD341EC}" = Catalyst Control Center Localization Italian
"{0BB291F1-BEBA-2530-990B-863B206B1F8A}" = Catalyst Control Center Localization German
"{0DBC686C-F556-473E-B6DC-AB828A938828}" = Lexware vereinsverwaltung Update
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{114C3B4C-CA35-1027-B126-F10DAB0F20B7}" = CCC Help Norwegian
"{11908571-96AB-2B21-EDBE-7852B087E925}" = Catalyst Control Center Localization Portuguese
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1C5D5D15-CABD-4C5A-A80E-B5C4CA6FE90A}" = hppTLBXFXCP1510
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{23C7264E-BAA0-73B7-0B7C-BA1CCA40F438}" = CCC Help Chinese Standard
"{23D2AA7C-FFB2-3271-7568-58D9CE58598F}" = CCC Help German
"{25468ED2-C4F8-C7EB-5CDB-20D934D6A1F9}" = CCC Help French
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{277AF855-DF15-BDCA-D570-5B94C5371201}" = CCC Help Polish
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2BEC7DA6-3455-5674-4A0E-09A6777A2C25}" = Catalyst Control Center Localization Dutch
"{2CC86F66-6C15-3D00-F05E-830846CF2393}" = CCC Help Turkish
"{2DDB9835-EE7B-FF38-084C-EBB81710A5FB}" = Catalyst Control Center Graphics Previews Vista
"{2E4609A3-F5AF-4408-B0C4-B8B84BC753DF}" = Catalyst Control Center - Branding
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}" = Quicken 2012
"{319786B7-D72F-43B3-99C1-E93724ED17D3}" = Lexware online banking 4.90
"{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}" = funScreenScraping Client Version
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35BEB65B-B67C-C104-CE7E-56D71378822D}" = Catalyst Control Center Localization Swedish
"{36D76EB0-F8A6-BD4A-A3C9-B07BE72FF6CD}" = Catalyst Control Center Graphics Full New
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39AF5C9F-9673-438F-BBF9-47690B989F7F}" = QuickSteuer 2012
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B7AD0B6-B25D-EB03-5657-E9B3ECBC3C28}" = Catalyst Control Center Graphics Light
"{3C9DDCA5-D9EF-B431-B7E8-3B2286E92FEE}" = Catalyst Control Center Core Implementation
"{3E4A0E01-8E00-4D1F-A280-81A92D638552}" = Steuer Update 15.03
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{441BA798-953E-1FF2-F9B8-7D1BED5E3278}" = CCC Help Chinese Traditional
"{450008C6-3722-4214-AB4F-9E45B57CB422}" = DDBAC
"{4601651C-0FCF-47CD-BE86-9C88BC54BD0D}" = Steuer Update 15.03
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{48FF6DE6-0619-4562-B4B1-21F161FE0DE0}" = Symantec Technical Support Advanced Chat Controls
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C074190-CE6F-1960-F8BC-B00CF700CAA4}" = Catalyst Control Center Localization Korean
"{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}" = Quicken 2010 - Servicepack 5
"{4DDF7B07-6CC5-CEE9-CA52-E95F8547EBC0}" = Catalyst Control Center Localization Greek
"{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken 2010
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56B74948-05CA-C84D-307C-A578F98DAF33}" = Catalyst Control Center Localization Japanese
"{590129B0-8CBD-0C3D-55C6-693C5C910A53}" = Catalyst Control Center Graphics Full Existing
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5E894531-91FB-4B76-AA0F-49E0E1F357D6}" = hppPQVideoCP1510
"{60706F47-9AD7-59C5-2BFF-A747086FE30B}" = Catalyst Control Center Localization Finnish
"{607576AD-A631-77DE-3D8C-3FBA257962D0}" = Skins
"{61B8FF9A-E7A4-0500-34C9-2A218825F09C}" = Catalyst Control Center InstallProxy
"{61E1C6E3-1793-2F66-B14D-E8899F8F36D7}" = Catalyst Control Center Localization Turkish
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64FD4D83-085A-49D0-905A-F06057B73DA3}" = hppCLJCP1510
"{65C043EC-BEB5-4791-8EB3-EF9EDBEDA7DB}" = QuickSteuer Wissens-Center 2009
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68E6762C-20CA-41B2-8720-1B178B2C6AED}" = DxO FilmPack 2.0
"{69742A9A-B7C4-433B-98B2-53D597598793}_is1" = Inpaint 3 Installation & Registrierung
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6EE36762-E5CE-41E6-9EDF-DF610ADD6D72}" = Steuer Update 15.03
"{6F058B03-40A6-3023-ACE4-C031CB5F51E6}" = CCC Help Portuguese
"{6F1D0A3C-3E04-3E6D-2286-1B1900777555}" = Catalyst Control Center Localization Chinese Standard
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{76F79738-4234-45E8-80AA-F56F8FCD4FBE}" = QuickSteuer 2009
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADCEEA0-AC82-4360-AD6B-CCF01B66F9DB}" = hppusgCP1510
"{7B4B0AA9-F97E-49C4-AE6F-D40580B65A22}" = onOne PerfectPresets
"{7C0B4269-EFF1-FE99-2298-B5752BBCD1CE}" = Catalyst Control Center Graphics Previews Common
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7FC74607-ED6E-49C3-87FA-56B50A2EE158}" = Quicken Import Export Server 2012
"{815E4EFD-6A9C-50F5-3C7B-DD5984BF1CBB}" = Catalyst Control Center Localization Danish
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.9.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D8637C8-BD8F-71AF-1E15-B4104FDFF6A9}" = CCC Help Japanese
"{90110407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9E3A383E-0AF0-97F3-3FFF-E466DFDD302B}" = CCC Help Greek
"{9F07D3B6-3801-4C33-B20E-39CC29E63253}" = Steganos Privacy Suite 14
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A40DD5A8-B549-126F-DEDE-2A0DD11342F0}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC42EE05-1F5D-4B92-851A-DBFE81088A0C}" = QuickSteuer 2010
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B03DF1CE-9964-0BCB-A53E-9ABE88B17F60}" = Catalyst Control Center Localization Spanish
"{B04F82E0-C4F2-58B3-C799-FAC82F6F88C1}" = CCC Help Russian
"{B0516082-BA15-2ACC-A354-0CA22CFE4CF9}" = CCC Help Spanish
"{B3891007-20E0-83BB-93F8-3062A2ED39EB}" = CCC Help Italian
"{B3DA638A-7AC7-4202-C489-898D8A5AE48B}" = CCC Help Dutch
"{B593E002-4F0A-2537-AF4D-59C371FCE60F}" = CCC Help Finnish
"{B790DA3B-5017-FA94-E330-94CFF7CF7171}" = Saal Design Software
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{B91E216D-425B-4016-BD26-57D6BBF8B768}" = LexwareVereinsverwaltung 12 Update
"{B932A416-28A7-4D08-89A6-7A0464DAD37D}" = hpzTLBXFX
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{B9CB4A55-002A-5FC0-DF39-A5D5FF2F036D}" = Catalyst Control Center Localization French
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C485E0AA-2176-835B-8555-C08002E8517B}" = Catalyst Control Center Localization Norwegian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7BD9413-E518-4178-AF1B-A8915554031D}" = RedmarkVereinsverwaltung 2011
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}" = Lexware online banking
"{C948C303-C151-B075-DDD6-F69B963B70EF}" = Catalyst Control Center Localization Russian
"{C9E04998-234A-4ACE-6C91-30F7E8EA735D}" = Catalyst Control Center Localization Polish
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB5EE8A-8DE8-E4E2-1D3D-31C9CC3519C9}" = Catalyst Control Center Localization Chinese Traditional
"{D2299355-97DE-1DBC-98EB-C5F2357F874C}" = Catalyst Control Center Localization Hungarian
"{D2C6274D-C3C0-0C1B-5E79-B94843622343}" = Catalyst Control Center Localization Czech
"{D5C8E140-6E6F-11DD-9AA9-0050560400B1}" = Haufe iDesk-Service
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D78C15E3-7648-A466-651C-FB618B3659AD}" = CCC Help Korean
"{D79B34A7-658C-4406-B4A5-6C982E07D57F}" = Steganos Password Manager 2009
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{DC2A30B7-030B-6842-C5D5-AE3D5E7B8ECC}" = ccc-core-static
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF18DFB5-A9CC-1A17-9861-2187C1265CD4}" = CCC Help Swedish
"{E13DE915-C42C-4A06-BC63-474A4E12F474}" = Steuer Update 15.09
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}" = QuickSteuer 2011
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E8C5BD56-F5D8-41D3-8A71-273468FE256A}" = T-Home Dialerschutz-Software
"{E9DA117D-B2B8-9F7D-DBD7-FF2A730FBB8A}" = CCC Help Czech
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED5BDA06-0D68-4B4C-93FE-50BE94ADA6E9}" = hppManualsCP1510
"{EE5BCA77-F9B8-4896-BB04-6CBE587BC8CE}" = QuickSteuer 2009
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F48AAE0F-52F4-11DD-B1F7-0050560400B1}" = Haufe iDesk-Browser
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F7E345A5-F79B-44EE-BC4A-738899E756C0}" = Lexware online banking 4.90
"{FDC5251B-4139-1DAE-8CCC-20AAC4E5422E}" = CCC Help Thai
"{FF063B2A-19DB-C210-C06D-8BBECD7D45B4}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4700 series Benutzerregistrierung" = Canon iP4700 series Benutzerregistrierung
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CaptureOne5_is1" = Capture One 5.2
"claro" = Claro LTD toolbar  
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"Cut Out_is1" = Cut Out 3.0
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"DPP" = Canon Utilities Digital Photo Professional 3.9
"DRI Tool 2.0_is1" = DRI Tool 2.0
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"Filter Forge Freepack 2 - Photo Effects_is1" = Filter Forge Freepack 2 - Photo Effects 1.012
"Forte Free" = Forte Free 2.0
"Fotoinsight Designer" = Fotoinsight Designer
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Updater" = Google Updater
"InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken 2010
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JAP" = JAP
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"mediAvatar iPhone Klingelton Maker" = mediAvatar iPhone Klingelton Maker
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Vollversion)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"N360" = Norton 360
"NirSoft Wireless Network Watcher" = NirSoft Wireless Network Watcher
"PC-Doctor for Windows" = Hardware Diagnose Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PowerLame" = PowerLame (remove only)
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Saal Fotobuch" = Saal Fotobuch
"SaalDesignSoftware" = Saal Design Software
"SilverFast CanonSDK-SE" = SilverFast CanonSDK-SE 6.6.2r5
"Stepok's One Click Wipe  Basic_is1" = One Click Wipe  Basic
"Webshots Desktop_is1" = Webshots Desktop
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WildTangent hp Master Uninstall" = My HP Games
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1008
Description = 
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1005
Description = 
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1018
Description = 
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1008
Description = 
 
Error - 14.11.2012 04:33:44 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 04:41:06 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 04:59:54 | Computer Name = HP-Desktop | Source = EventSystem | ID = 4621
Description = 
 
Error - 15.11.2012 05:30:32 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 06:04:24 | Computer Name = HP-Desktop | Source = EventSystem | ID = 4621
Description = 
 
Error - 15.11.2012 06:07:41 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 11:34:46 | Computer Name = HP-Desktop | Source = Application Hang | ID = 1002
Description = Programm ccSvcHst.exe, Version 11.2.3.6 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: b64  Anfangszeit: 01cdc318ee87335c  Zeitpunkt der Beendigung:
 24
 
[ System Events ]
Error - 13.11.2012 04:44:22 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 14.11.2012 04:34:26 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 14.11.2012 04:34:26 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 15.11.2012 04:42:02 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 15.11.2012 04:42:03 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 15.11.2012 05:30:14 | Computer Name = HP-Desktop | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description = 
 
Error - 15.11.2012 05:31:57 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 15.11.2012 05:31:57 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 15.11.2012 06:08:13 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 15.11.2012 06:08:14 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >

--- --- ---

Logfile2 (OTL - Editor)

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 15.11.2012 16:40:21 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Herbert\Desktop\2
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 39,86% Memory free
8,19 Gb Paging File | 5,60 Gb Available in Paging File | 68,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,63 Gb Total Space | 295,13 Gb Free Space | 50,66% Space Free | Partition Type: NTFS
Drive D: | 13,54 Gb Total Space | 1,86 Gb Free Space | 13,72% Space Free | Partition Type: NTFS
 
Computer Name: HP-DESKTOP | User Name: Herbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.15 16:38:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Herbert\Desktop\2\OTL.exe
PRC - [2012.11.15 16:23:42 | 000,050,477 | ---- | M] () -- C:\Users\Herbert\Desktop\1\Defogger.exe
PRC - [2012.10.24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.10.18 08:17:17 | 000,238,552 | ---- | M] (Microsoft Corporation) -- C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012.10.02 12:30:10 | 000,084,992 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe
PRC - [2012.10.02 12:30:04 | 000,071,680 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe
PRC - [2012.10.02 12:24:00 | 000,017,920 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe
PRC - [2012.09.06 12:12:20 | 000,162,408 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
PRC - [2011.09.16 10:48:54 | 001,623,920 | ---- | M] (Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2011.07.31 14:07:18 | 000,189,808 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008.10.23 16:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
PRC - [2008.08.15 10:39:04 | 003,343,688 | ---- | M] (Webshots.com) -- C:\PROGRA~2\Webshots\Webshots.scr
PRC - [2008.04.16 17:18:44 | 000,317,952 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\DTHtml.exe
PRC - [2008.04.16 17:16:40 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008.01.21 03:50:17 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2007.11.26 14:51:00 | 001,085,440 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Program Files (x86)\DSL-Manager\DslMgr.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.11 00:43:54 | 000,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
PRC - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.15 16:23:42 | 000,050,477 | ---- | M] () -- C:\Users\Herbert\Desktop\1\Defogger.exe
MOD - [2012.11.15 10:39:02 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.15 10:38:45 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.15 10:38:35 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.15 10:37:36 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.15 10:37:30 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.15 10:19:57 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012.11.15 10:19:48 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012.11.15 10:19:46 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012.11.15 10:19:45 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012.11.15 10:19:43 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012.11.15 10:19:35 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012.10.24 18:49:23 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012.10.11 12:17:06 | 002,069,528 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:40:03 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.03 17:31:38 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2008.04.16 17:16:42 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2008.04.16 17:16:24 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2008.02.11 16:23:14 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\drivers\vista.dll
MOD - [2007.05.08 16:44:58 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
MOD - [2007.05.08 16:44:58 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
MOD - [2007.05.08 16:44:44 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
MOD - [2007.05.08 16:44:40 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2008.05.14 23:03:34 | 000,887,808 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012.11.14 10:49:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.30 12:16:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.21 18:15:34 | 000,376,832 | ---- | M] (T-Systems International GmbH) [Auto | Running] -- C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe -- (DFSVC)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.25 10:45:40 | 000,153,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.05 14:55:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.10.23 16:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Running] -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2008.04.16 17:16:40 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.02.01 18:08:50 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008.01.21 03:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.07.06 03:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012.07.06 03:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012.06.07 05:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012.05.22 10:36:46 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.05.22 02:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2012.02.29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.16 20:38:00 | 000,445,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011.11.16 20:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2011.08.15 23:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009.10.15 18:14:38 | 000,028,192 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SipIMNDI64.sys -- (SipIMNDI)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.09.03 10:45:26 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008.05.14 23:49:44 | 004,436,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2007.09.12 16:24:00 | 000,041,024 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dsltestSp5a64.sys -- (dsltestSp5a64)
DRV:64bit: - [2007.08.21 09:43:26 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64)
DRV:64bit: - [2007.08.01 14:49:02 | 000,019,008 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dslmnlwf.sys -- (DslMNLwf)
DRV:64bit: - [2007.07.16 11:29:22 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2006.11.16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV - [2012.11.15 10:04:47 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121114.008\ex64.sys -- (NAVEX15)
DRV - [2012.11.15 10:04:47 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121114.008\eng64.sys -- (NAVENG)
DRV - [2012.10.24 00:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.10.23 12:56:32 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.09.01 01:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121114.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.09 10:30:17 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.02.17 13:21:12 | 000,108,256 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\SleeN1764.sys -- (SLEE_17_DRIVER)
DRV - [2009.10.15 18:14:38 | 000,017,952 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS -- (DFSYS)
DRV - [2006.10.05 16:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\TPkd.sys -- (TPkd)
DRV - [2001.01.26 13:43:20 | 000,002,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys -- (PciDumpr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}
IE:64bit: - HKLM\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE:64bit: - HKLM\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ${URL_STARTPAGE}
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2102572
IE - HKLM\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {6B1D1FB7-7233-4F7C-802C-21A1DDB12754}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4612_4&babsrc=SP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\..\SearchScopes\{32A68923-D242-4DB1-9D61-59ECDFE687EE}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
IE - HKCU\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
IE - HKCU\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.zdf.de/"
FF - prefs.js..extensions.enabledAddons: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.18
FF - prefs.js..extensions.enabledAddons: {8F6A6FD9-0619-459f-B9D0-81DE065D4E21}:1.10.3
FF - prefs.js..extensions.enabledAddons: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.8
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.3
FF - prefs.js..extensions.enabledAddons: {00F0643E-B367-4779-B45D-7046EBA37A88}:14.0.3.10073
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {8F6A6FD9-0619-459f-B9D0-81DE065D4E21}:1.10.1
FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "${URL_SEARCHPAGE}"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Herbert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012.05.23 08:08:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012.11.15 11:08:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2012.11.09 10:44:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.15 10:48:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.30 13:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 12:16:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.11.13 13:45:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 12:16:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.08.20 11:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Extensions
[2010.08.20 11:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.11.15 10:37:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions
[2012.11.09 11:00:44 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.05.01 16:28:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.07 17:45:29 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.01.08 16:52:36 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
[2012.01.23 12:32:07 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.01 11:52:45 | 000,000,000 | ---D | M] (Locationbar²) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\locationbar2@design-noir.de
[2011.03.14 10:02:24 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\personas@christopher.beard
[2012.08.27 16:57:01 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2011.12.09 09:17:34 | 000,025,332 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{8F6A6FD9-0619-459f-B9D0-81DE065D4E21}.xpi
[2012.07.25 08:23:04 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.13 13:45:58 | 000,002,514 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\searchplugins\browsemngr.xml
[2012.01.22 13:20:10 | 000,000,931 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\searchplugins\conduit.xml
[2012.11.15 10:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.30 13:01:49 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2012.10.30 13:01:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.30 13:01:47 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com
[2012.11.13 13:45:58 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.796.11\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009.03.31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.13 13:45:38 | 000,006,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Steganos.Pwm.BHO) - {23162633-071E-4D3C-B347-B85451A92DBA} - C:\Program Files (x86)\Steganos Password Manager 2009\PwmBho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe File not found
O4 - HKLM..\Run: [SSS14 File Redirection Starter] C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [SSS14 HotKeys] C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [T-Home Dialerschutz-Software] C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe (T-Systems International GmbH)
O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk ()
O4 - HKCU..\Run: [SkyDrive] C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SSS14 Browser Monitor] C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe (Steganos Software GmbH)
O4 - HKCU..\Run: [SSS6_SAFE] "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe" /booting File not found
O4 - HKCU..\Run: [SSS6_SPM] "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe" /booting File not found
O4 - HKCU..\Run: [SSS6_Suite] "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe" /booting File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" File not found
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Commerzbank_2012.xls - Verknüpfung.lnk = C:\Users\Herbert\Documents\Banking\Aktien\Commerzbank_2012.xls ()
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Veri-Valeur_2012.xls - Verknüpfung.lnk = C:\Users\Herbert\Documents\Banking\Aktien\Veri-Valeur_2012.xls ()
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{7B0E5486-E11D-437f-AC8B-7901C7D3FCCB} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5e8dbd1a-3e57-11df-bff5-002215191871}\Shell\AutoRun\command - "" = E:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.15 16:39:08 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Desktop\2
[2012.11.15 16:28:53 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Desktop\1
[2012.11.15 10:12:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.13 13:46:00 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012.11.13 13:45:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.11.13 13:45:57 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Claro
[2012.11.13 13:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Claro LTD
[2012.11.13 13:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.13 13:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.11.13 13:45:12 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Babylon
[2012.11.13 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\pdfforge
[2012.11.13 13:45:08 | 000,100,864 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.11.10 11:00:05 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Steganos
[2012.11.09 17:25:51 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Steganos Safe
[2012.11.09 11:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Passwort-Manager 2009
[2012.11.09 11:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steganos Password Manager 2009
[2012.11.09 10:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Privacy Suite 14
[2012.11.09 10:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steganos
[2012.11.09 10:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steganos Privacy Suite 14
[2012.11.08 10:45:08 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Karstadt
[2012.10.30 13:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.30 12:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.15 16:36:10 | 000,000,000 | ---- | M] () -- C:\Users\Herbert\defogger_reenable
[2012.11.15 16:16:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.15 16:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.15 15:06:41 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 15:06:41 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 14:53:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.11.15 11:06:50 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.15 11:06:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.15 11:04:22 | 000,000,829 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
[2012.11.15 10:30:03 | 000,389,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.15 10:28:14 | 003,052,617 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Cat.DB
[2012.11.15 10:22:54 | 001,659,072 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 10:22:54 | 000,701,018 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 10:22:54 | 000,655,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 10:22:54 | 000,157,432 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 10:22:54 | 000,127,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.09 10:44:56 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Privacy Suite Hauptmenü.lnk
[2012.11.01 18:48:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHerbert.job
[2012.10.18 08:12:50 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.15 16:36:10 | 000,000,000 | ---- | C] () -- C:\Users\Herbert\defogger_reenable
[2012.11.09 10:44:55 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Privacy Suite Hauptmenü.lnk
[2012.09.12 08:34:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\CIUtils.dll
[2012.08.14 12:48:49 | 000,000,021 | ---- | C] () -- C:\Users\Herbert\AppData\Local\mc.pixel.data
[2012.01.26 12:05:18 | 000,001,270 | ---- | C] () -- C:\Users\Herbert\AppData\Roaming\wklnhst.dat
[2011.03.31 08:31:45 | 000,000,038 | ---- | C] () -- C:\Windows\SysWow64\ZX9EQJT7_{3533659F-E481-44B1-869C-95C372DE8D54}.dat
[2011.02.20 11:57:14 | 000,132,408 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.11.04 21:31:22 | 000,020,531 | -H-- | C] () -- C:\ProgramData\R49LW
[2010.08.26 15:22:23 | 000,000,095 | ---- | C] () -- C:\Users\Herbert\AppData\Local\fusioncache.dat
[2010.08.05 16:50:47 | 000,006,944 | ---- | C] () -- C:\Users\Herbert\AppData\Local\d3d9caps.dat
[2009.03.15 16:35:01 | 000,015,428 | ---- | C] () -- C:\Users\Herbert\RefEdit.exd
[2008.11.20 10:59:11 | 000,193,377 | ---- | C] () -- C:\Users\Herbert\AppData\Roaming\mdbu.bin
[2008.11.06 13:16:03 | 000,017,920 | ---- | C] () -- C:\Users\Herbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008.11.03 17:05:08 | 000,000,000 | -HSD | M] -- C:\Users\Herbert\AppData\Roaming\.#
[2012.11.13 13:45:12 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Babylon
[2012.02.09 17:49:02 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\BirdieSync
[2010.11.04 21:10:43 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Canon
[2010.01.25 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\CD-LabelPrint
[2012.11.13 13:45:57 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Claro
[2009.05.18 18:43:15 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DataDesign
[2008.11.06 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DisplayTune
[2012.10.09 13:45:07 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\dll-files.com
[2012.01.23 12:32:47 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DVDVideoSoft
[2012.01.23 12:32:06 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.22 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Filter Forge Freepack 2 - Photo Effects
[2009.04.11 16:14:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\GHISLER
[2012.07.17 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\gnupg
[2012.07.17 10:19:17 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\gtk-2.0
[2010.09.23 19:29:06 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Imaxel
[2012.07.16 14:38:49 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\JonDo
[2012.06.03 13:53:31 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Lasersoft Imaging
[2011.03.10 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Lexware
[2012.06.14 15:37:16 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\mediAvatar
[2012.02.15 10:59:38 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\MOBackup
[2011.08.09 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\MusE
[2011.09.07 10:21:54 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\OpenCandy
[2008.11.10 22:00:11 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\OpenOffice.org
[2012.07.02 18:29:49 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\PACE Anti-Piracy
[2012.11.13 13:47:03 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\pdfforge
[2012.07.02 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\PixelPlanet
[2011.01.13 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\SaalDesignSoftware
[2010.11.04 20:56:48 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\ScanSoft
[2012.01.23 13:31:23 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Software4u
[2012.11.12 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Steganos
[2008.11.04 11:01:05 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Steganos Security Suite 6
[2009.01.02 10:06:59 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\T-Online
[2012.01.26 12:05:21 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Template
[2010.08.20 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Thunderbird
[2008.12.15 21:15:04 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Webshots
[2009.02.27 14:12:43 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\WildTangent
[2008.11.04 17:10:36 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 989 bytes -> C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr
@Alternate Data Stream - 1170 bytes -> C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ

< End of report >

--- --- ---

So, ich hoffe dass du jetzt keinen Wutanfall bekommst und ich nichts falsch gemacht habe ??
Danke für deine Geduld !!

cosinus · 18.11.2012, 21:56

Ich hab extra den Teil mit Norton zitiert, hat Norton denn nun was gefunden oder nicht?

LouLau · 19.11.2012, 12:34

Guten Tag, Cosinus,

zur Norton-Auswertung:
Ein kompletter Systemscann hat nichts gebracht. Bis auf zwei kleine Trackinig-Cookies, deren Gefährlichkeit mit "gering" eingestuft und die auch sofort beseitigt wurden, kam kein beachtenswertes Ergebnis.

Ein zweiter, sog. Bewertungsscann hat aus der Menge der überprüften Dateien nun einige herausgefischt, dessen Vertrauenswürdigkeit sehr bedenklich ist.

Diese Dateien habe ich wie folgt einmal zusammengefasst:

Code:

ATTFilter

Dateiname	Vertrauensstufe	Verbreitung
1144f77.msi	unerprobt	sehr wenige Benutzer
symlcrst.dll	unerprobt	sehr wenige Benutzer
170206.msi	unerprobt	sehr wenige Benutzer
7befa2.msi	unerprobt	sehr wenige Benutzer
9c7a61.msi	unerprobt	sehr wenige Benutzer
237e94.msi	unerprobt	sehr wenige Benutzer
379b5c.msi	unerprobt	sehr wenige Benutzer
24d762.msi	unerprobt	sehr wenige Benutzer
dbee1.msi	unerprobt	sehr wenige Benutzer
dbf57.msi	unerprobt	sehr wenige Benutzer
df17dd.msi	unerprobt	sehr wenige Benutzer
plshell.dll	schwacht	wenige Benutzer

"Die Vertauensquote laut Auswertung ist 77,7 % ""Vertrauenswürdig"""		
"und 21,9% ""Gut"""		

"Die restliche Quote der Vertrauensstufe (0,4 %) = 0,35 % ""unbekannt"" und 0,02 % ""Schwach"" "

desweiteren schicke ich dir einmal einen sog., von Norton erstellten Diagnosebericht. Vielleicht kannst du ja auch aus dem etwas entnehmen ?

Code:

ATTFilter

	Diagnosebericht 	

Beim Norton 360 Online-Diagnosebericht werden Informationen zum Computer
(z.B. Betriebssystem, Programme und Hardware) gesammelt. Dieser Bericht
hilft Ihnen beim Erkennen und Reparieren von Problemen. Der Bericht kann
gespeichert, per E-Mail versendet oder bei Bedarf für Freunde,
Familienmitglieder oder Techniker ausgedruckt werden.
Bericht erstellt am: 19.11.2012 (12:11)
------------------------------------------------------------------------
Norton 360 Online-StatusDetails anzeigen <#>

In diesem Abschnitt wird der Gesamt- und Kategoriestatus für Norton 360
Online angezeigt (inkl. letzte Scans, Updates und Backups).

Funktion	Details
Version 	6.4.0.9
Betriebsstatus	Geschützt
PC-Sicherheit 	Geschützt
Identitätsschutz	Geschützt
Backup	Deaktiviert
PC-Optimierung	Geschützt
Viren- und Spywarescan	Zuletzt ausgeführt: 15.11.2012
Schutz-Updates	Letzte Aktualisierung: 19.11.2012
Backup	Zuletzt ausgeführt: 30.10.2012

BetriebssystemDetails anzeigen <#>

In diesem Abschnitt finden Sie die wichtigsten Betriebssystemangaben
einschließlich Version, Zeitpunkt des letzten Updates und vieles mehr.

Funktion	Details
Betriebssystem	Microsoft&reg; Windows Vista&trade; Home Premium
Patch-Ebene	Service Pack 2
Installationsdatum	25.09.2008
Ländercode	49
Systemsprache des Betriebssystems	1031
ANSI-Zeichensatz	1252
System-Gebietsschema	0407
Internet Explorer-Version	9.0.8112.16421
Windows-Update	Automatisch
Neuester Windows-Hotfix - Datum	15.11.2012
Pfad	C:\Windows\system32;
C:\Windows;
C:\Windows\System32\Wbem;
C:\hp\bin\Python;
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;
C:\Program Files (x86)\Haufe\iDesk\iDeskService\;
c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;
C:\Windows\System32\WindowsPowerShell\v1.0\;
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\;
C:\Program Files (x86)\Common Files\Apple\Apple Application Support;
Benutzersprache des Betriebssystems	1031

RessourcennutzungDetails anzeigen <#>

In diesem Abschnitt wird die Verwendung der Hauptressourcen erläutert,
einschließlich RAM, Festplattenspeicher und Auslagerungsdatei.

Funktion	Details
Auslagerungsdatei - Größe	4.393 MB
Auslagerungsdatei frei	94 %
Arbeitsspeichergröße	4.093 MB
Arbeitsspeicher frei	42 %
Datenträgertyp	Festplatte
Datenträger-ID	C
Gesamter Speicherplatz	583 GB
Freier Speicherplatz	297 GB
Datenträgertyp	Festplatte
Datenträger-ID	D
Gesamter Speicherplatz	13,5 GB
Freier Speicherplatz	1,85 GB

AutostartprogrammeDetails anzeigen <#>

Problem: Norton 360 Online hat sehr viele Startobjekte erkannt.

Empfehlung: Evtl. kann die Leistung durch Änderungen an den
Startobjekten des Systems verbessert werden. Führen Sie den Startmanager
aus, um die Bootdauer des Computers zu beschleunigen.

Jetzt beheben

In diesem Abschnitt werden die Programme beschrieben, die beim Starten
des Computers automatisch gestartet werden. Das Deaktivieren oder
Verzögern von Startobjekten kann die Systemleistung verbessern.

Autostart - Programm	Speicherort	Software-Hersteller	Beschreibung
SSS6_Suite 	"C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting 		
SSS6_SAFE 	"C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting 		
SSS6_SPM 	"C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting 		
Sidebar 	%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
Microsoft Corporation 	Windows-Sidebar
WindowsWelcomeCenter 	rundll32.exe oobefldr.dll,ShowWelcomeCenter
Microsoft Corporation 	Begrüßungscenter
SSS6_Suite 	"C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting 		
SSS6_SAFE 	"C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting 		
SSS6_SPM 	"C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting 		
Sidebar 	%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
Microsoft Corporation 	Windows-Sidebar
WindowsWelcomeCenter 	rundll32.exe oobefldr.dll,ShowWelcomeCenter
Microsoft Corporation 	Begrüßungscenter
SSS6_Suite 	"C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting 		
SSS6_SAFE 	"C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting 		
SSS6_SPM 	"C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting 		
Commerzbank_2012.xls - Verknüpfung 	Commerzbank_2012.xls -
Verknüpfung.lnk 		
DSL-Manager 	DSL-Manager.lnk 		
Veri-Valeur_2012.xls - Verknüpfung 	Veri-Valeur_2012.xls -
Verknüpfung.lnk 		
Webshots 	Webshots.lnk 		
Sidebar 	C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Microsoft Corporation 	Windows-Sidebar
SSS6_Suite 	"C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting 		
SSS6_SAFE 	"C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting 		
SSS6_SPM 	"C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting 		
ehTray.exe 	C:\Windows\ehome\ehTray.exe 	Microsoft Corporation 	Media
Center Tray Applet
PCSpeedUp 	C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk 		
SkyDrive
"C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe"
/background 	Microsoft Corporation 	Microsoft SkyDrive
SSS14 Browser Monitor 	"C:\Program Files (x86)\Steganos Privacy Suite
14\SteganosBrowserMonitor.exe" 	Steganos Software GmbH 	Steganos Trace
Destructor Browser Monitor
WMPNSCFG 	C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe 		
Lexware Info Service 	C:\PROGRA~2\COMMON~1\Lexware\UPDATE~1\LXUPDA~1.EXE
/autostart 	Haufe-Lexware GmbH & Co. KG 	Lexware Info Service Assistent
Microsoft Office 	C:\PROGRA~2\MICROS~2\Office10\OSA.EXE -b -l 	Microsoft
Corporation 	Microsoft Office XP component
Quicken 2012 Zahlungserinnerung
C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4A...
	Macrovision Corporation 	InstallShield
Windows Defender 	%ProgramFiles%\Windows Defender\MSASCui.exe -hide 		
IntelliPoint 	"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
Microsoft Corporation 	IPoint.exe
Windows Mobile-based device management
%windir%\WindowsMobile\wmdSync.exe 	Microsoft Corporation 	User session
Windows Mobile device handler
hpsysdrv 	c:\hp\support\hpsysdrv.exe 	Hewlett-Packard Company 	hpsysdrv
KBD 	C:\HP\KBD\KbdStub.EXE 		
StartCCC 	"c:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun 	Advanced Micro
Devices, Inc. 	Catalyst® Control Center Launcher
HP Software Update 	C:\Program Files (x86)\HP\HP Software
Update\HPWuSchd2.exe 	Hewlett-Packard Co. 	Hewlett-Packard Product
Assistant
DT HPW 	"C:\Program Files (x86)\Common Files\Portrait
Displays\Shared\DT_startup.exe" -HPW 		
SearchSettings 	C:\Program Files (x86)\pdfforge
Toolbar\SearchSettings.exe 	 	 
SSBkgdUpdate 	"C:\Program Files (x86)\Common Files\Scansoft
Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Em..." 	Nuance Communications,
Inc. 	SSBkgdUpdate
OpwareSE4 	"C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
Nuance Communications, Inc. 	OCR Aware
T-Home Dialerschutz-Software 	"C:\Program Files
(x86)\T-Home\Dialerschutz-Software\Defender64.exe" 	T-Systems
International GmbH 	T-Home Dialerschutz-Software
Adobe Photo Downloader 	"C:\Program Files (x86)\Adobe\Photoshop Elements
6.0\apdproxy.exe" 	Adobe Systems Incorporated 	Adobe Photo Downloader
4.0 component
HPUsageTracking 	"C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe"
"C:\Program Files (x86)\HP\HP UT\" 		
HP Health Check Scheduler 	"c:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPHC_Scheduler.exe" 	Hewlett-Packard 	HP Health Check
Scheduler
Adobe ARM 	"C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe" 	Adobe Systems Incorporated 	Adobe
Reader and Acrobat Manager
APSDaemon 	"C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe" 	Apple Inc. 	Apple Push
LexwareInfoService 	C:\Program Files (x86)\Common Files\Lexware\Update
Manager\LxUpdateManager.exe /autostart 	Haufe-Lexware GmbH & Co. KG
Lexware Info Service Assistent
SunJavaUpdateSched 	"C:\Program Files (x86)\Common Files\Java\Java
Update\jusched.exe" 	Sun Microsystems, Inc. 	Java(TM) Update Scheduler
PDFPrint 	"C:\Program Files (x86)\PDF24\pdf24.exe" 	Geek Software GmbH
PDF24 Creator
iTunesHelper 	"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 	Apple
Inc. 	iTunesHelper
SSS14 HotKeys 	"C:\Program Files (x86)\Steganos Privacy Suite
14\SteganosHotKeyService.exe" 	Steganos Software GmbH 	Steganos Hot Key
Service
SSS14 File Redirection Starter 	"C:\Program Files (x86)\Steganos Privacy
Suite 14\fredirstarter.exe" 	Steganos Software GmbH 	File Redirection
Starter

Installierte ProgrammeDetails anzeigen <#>

Problem: Norton 360 Online hat 159 installierte Programme erkannt.

Empfehlung: Speicherplatz und Leistung lassen sich evtl. durch Entfernen
selten verwendeter Programme verbessern. Führen Sie die Option
"Software" aus, um die Menge an Speicherplatz und die Leistung des
Computers zu verbessern.

Jetzt beheben

In diesem Abschnitt werden die auf Ihrem Computer installierten
Programme sowie deren Version und Installationsdatum aufgeführt. Die
Leistung kann verbessert werden, indem nicht verwendete oder unnötige
Programme entfernt werden.

Name	Version	Autor	Installiert	Informationen
Adobe AIR	3.4.0.2540	Adobe Systems Incorporated	28.08.2012	
Adobe Flash Player 11 ActiveX	11.4.402.287	Adobe Systems Incorporated
09.10.2012	hxxp://www.adobe.com/go/flashplayer_support/
Adobe Flash Player 11 Plugin	11.5.502.110	Adobe Systems Incorporated
14.11.2012	hxxp://www.adobe.com/go/flashplayer_support/
Adobe Photoshop Elements 6.0	6.0	Adobe Systems, Inc.	05.11.2008
hxxp://www.adobe.de/support/main.html
ALDI Sued Foto Service	1.13.0.111	MAGIX AG	20.11.2008	
Aldi Süd Fotoservice			20.11.2008	
CANON iMAGE GATEWAY Task for ZoomBrowser EX	1.3.1.5		05.11.2008	
Canon Internet Library for ZoomBrowser EX	1.5.1.4		05.11.2008	
Canon iP4700 series Benutzerregistrierung			21.01.2010	
Canon Utilities Solution Menu			01.02.2010	
Capture One 5.2	5.2.42076.55	Phase One A/S	30.06.2011
hxxp://www.phaseone.com
Claro LTD toolbar 		Claro LTD	13.11.2012	
CrystalDiskInfo 5.0.0	5.0.0	Crystal Dew World	25.09.2012
hxxp://crystalmark.info/
Cut Out 3.0		Franzis.de	12.09.2012	hxxp://www.franzis.de/
Dll-Files.com Fixer	1.0	Dll-Files.com	09.10.2012
hxxp://www.Dll-Files.com/Fixer/
Canon Utilities Digital Photo Professional 3.9	3.9.2.0	Canon Inc.
20.10.2010	
DRI Tool 2.0	2.0	Traumflieger	29.04.2009	hxxp://www.traumflieger.de
Canon Utilities Easy-PhotoPrint EX			21.01.2010	
Canon Easy-WebPrint EX			21.01.2010	
Magic Desktop			17.01.2009	
Canon Utilities EOS Utility	2.1.0.1		05.11.2008	
iDevice Manager	1.1.4.0	Marx Softwareentwicklung	13.02.2012
hxxp://www.software4u.de/servicecenter.aspx
Filter Forge Freepack 2 - Photo Effects 1.012		Filter Forge, Inc.
22.10.2010	hxxp://www.filterforge.com
Forte Free 2.0			19.08.2010	
Fotoinsight Designer			10.06.2009	
Free YouTube to MP3 Converter version 3.10.15.1228		DVDVideoSoft Ltd.
23.01.2012	hxxp://www.dvdvideosoft.com
Google Updater	2.4.2432.1652	Google Inc.	01.10.2011	
Quicken 2010	17.00.00.0081	Lexware GmbH & Co. KG	16.05.2009
hxxp://support.lexware.de/supportHome
PowerDirector	6.5.2926	CyberLink Corp.	12.09.2008
hxxp://support.gocyberlink.com/
HP MediaSmart DVD	2.2.3309	Hewlett-Packard	31.07.2010
hxxp://support.gocyberlink.com/
JAP	00.12.005	JAP-Team	23.11.2009	hxxp://anon.inf.tu-dresden.de/
Optimierte Multimedia-Tastatur-Lösung		Hewlett-Packard	25.09.2008	
Microsoft .NET Framework 1.1 Security Update (KB2656370)			12.04.2012	
Microsoft .NET Framework 1.1 Security Update (KB2698023)			15.11.2012	
Microsoft .NET Framework 1.1 Security Update (KB979906)			28.08.2010	
CD-LabelPrint			21.01.2010	
mediAvatar iPhone Klingelton Maker	3.0.6.20120613	mediAvatar	14.06.2012
hxxp://www.mediavideoconverter.com
Microsoft .NET Framework 1.1			27.08.2010	
Microsoft SQL Server 2005		Microsoft Corporation	07.12.2009
hxxp://go.microsoft.com/fwlink/?LinkId=52152
MOBackup - Datensicherung für Outlook (Vollversion)	7.0	Heiko Schröder
09.10.2012	hxxp://www.mobackup.de
MozBackup 1.5.1		Pavel Cvrcek	17.02.2012	hxxp://mozbackup.jasnapaka.com/
Mozilla Firefox 16.0.2 (x86 de)	16.0.2	Mozilla	15.11.2012
hxxp://www.mozilla.com/de/
Mozilla Thunderbird 16.0.2 (x86 de)	16.0.2	Mozilla	31.10.2012
hxxp://www.mozilla.org/de/
Mozilla Maintenance Service	16.0.2	Mozilla	30.10.2012	
Canon MP Navigator EX 1.0			04.11.2010	
MuseScore 1.2 MuseScore score typesetter	1.2.0	Werner Schweer and
Others	09.08.2012	hxxp://www.musescore.org/
Norton 360	6.4.0.9	Symantec Corporation	23.05.2012
hxxp://www.symantec.com/de/de/support/index.jsp
NirSoft Wireless Network Watcher			23.07.2012	
Hardware Diagnose Tools	5.1.4861.15	PC-Doctor, Inc.	09.10.2012
hxxp://www.pc-doctor.com
Canon Utilities PhotoStitch	3.1.19.43		05.11.2008	
Canon Utilities Picture Style Editor	1.0.1.0		05.11.2008	
PowerLame (remove only)	4.0	Marcel Dyka	19.04.2010	hxxp://www.powerlame.de
Canon RAW Image Task for ZoomBrowser EX	2.7.0.3		05.11.2008	
Saal Fotobuch	2.0.2.1	Imaxel Lab S.L	26.08.2010	
Saal Design Software	3.1.10	SSW Software GmbH	27.08.2012	
SilverFast CanonSDK-SE 6.6.2r5		LaserSoft Imaging AG	09.12.2011
hxxp://www.silverfast.com/
One Click Wipe Basic		Stepok Image Lab.	18.12.2010	hxxp://www.stepok.com/
Webshots Desktop		AGCM	15.12.2008	hxxp://www.ag.com/
Canon Utilities WFT-E1/E2/E3 Utility	3.1.0.7		09.10.2012	
My HP Games	1.0.0.52	WildTangent	25.09.2008	hxxp://support.wildgames.com
Canon Utilities ZoomBrowser EX	5.8.0.74		05.11.2008	
Microsoft Office 2000 Premium	9.00.2816	Microsoft Corporation
04.11.2008	hxxp://www.microsoft.com/support
PDFCreator	1.5.1	Frank Heindörfer, Philip Chinery	13.11.2012
hxxp://www.pdfforge.org/support
OpenOffice.org 3.0	3.0.9358	OpenOffice.org	10.11.2008
hxxp://de.openoffice.org
Claro Chrome Toolbar	1.0.0.2	Claro	13.11.2012	
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
9.00.4035.00	Microsoft Corporation	25.06.2010
hxxp://go.microsoft.com/fwlink/?LinkId=52154
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	9.0.21022
Microsoft Corporation	31.07.2010	
Lexware vereinsverwaltung Update	11.0	Haufe-Lexware GmbH & Co KG
06.06.2011	hxxp://www.linear-software.de
HP My Display	1.33.005	Portrait Displays, Inc.	06.11.2008
hxxp://www.portrait.com
Browser Manager		Bit89 Inc	13.11.2012	hxxp://www.bit89.com/uninstall.html
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319	10.0.30319
Microsoft Corporation	09.10.2012
hxxp://go.microsoft.com/fwlink/?LinkId=146008
CyberLink DVD Suite Deluxe	.1707	CyberLink Corp.	25.09.2008	
Java(TM) 6 Update 33	6.0.330	Oracle	09.07.2012	hxxp://java.com
Java 7 Update 9	7.0.90	Oracle	01.09.2012	hxxp://java.com
Inpaint 3.0		Teorex	28.06.2012	hxxp://www.theinpaint.com
Catalyst Control Center - Branding	1.00.0000	ATI	12.09.2008	
DHTML Editing Component	6.02.0001	Microsoft Corporation	11.11.2009	
Quicken 2012	19.36.00.0165	Haufe-Lexware GmbH & Co.KG	02.11.2011
hxxp://www.lexware.de
funScreenScraping Client Version	1.0.173	fun communications GmbH
27.01.2009	hxxp://www.fun.de/funScreenScraping
Java(TM) SE Runtime Environment 6 Update 1	1.6.0.10	Sun Microsystems,
Inc.	12.09.2008	hxxp://java.com
QuickSteuer 2012	18.07.00.0006	Haufe-Lexware GmbH & Co.KG	19.05.2012
hxxp://www.lexware.de
Microsoft Works	9.7.0621	Microsoft Corporation	03.11.2008
hxxp://go.microsoft.com/fwlink/?LinkId=6831
Power2Go	5.6.4109	CyberLink Corp.	25.09.2008	
HP Advisor	3.3.12286.3436	Hewlett-Packard	27.01.2011
hxxp://www.hp.com/cgi-bin/hpsupport/index.pl
DDBAC	4.3.71	DataDesign	02.11.2011	
HPSSupply	2.2.0.0000	Ihr Firmenname	03.11.2008	hxxp://www.hp.com/go/support
Symantec Technical Support Advanced Chat Controls	3.5.3	Symantec
Corporation	05.11.2008	hxxp://www.symantec.com
Quicken 2010 - Servicepack 5	17.05.0000	Lexware GmbH & Co KG	04.12.2009	
Google Earth	6.1.0.5001	Google	24.11.2011	hxxp://earth.google.de
Apple Application Support	2.2.2	Apple Inc.	24.09.2012
hxxp://www.apple.com/de/support/
QuickSteuer Wissens-Center 2009	15.0.1.0	Haufe Mediengruppe	04.02.2009
hxxp://www.haufe.de
DxO FilmPack 2.0	2.0.0	DxO Labs	02.07.2012	
Inpaint 3 Installation & Registrierung		Teorex, dadagoo GmbH	28.06.2012
hxxp://www.inpaint.de
Windows Media Player Firefox Plugin	1.0.0.8	Microsoft Corp	13.02.2009	
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	9.0.30729
Microsoft Corporation	19.08.2010	
Python 2.5.2	2.5.2150	Python Software Foundation	12.09.2008	
QuickSteuer 2009	15.00.00.0034	Lexware	30.01.2009	
Apple Software Update	2.1.3.127	Apple Inc.	13.12.2011
hxxp://www.apple.com/de/support
onOne PerfectPresets	1.0	onOne Software	05.08.2011
hxxp://www.onOnesoftware.com/support.html
LightScribe System Software	1.18.3.2	LightScribe	03.08.2009	
Quicken Import Export Server 2012	19.30.00.0134	Haufe-Lexware GmbH &
Co.KG	10.03.2011	hxxp://www.lexware.de
PDF24 Creator 4.9.0		PDF24.org	18.09.2012	hxxp://www.pdf24.org
Microsoft Visual C++ 2005 Redistributable	8.0.59193	Microsoft
Corporation	19.05.2011	
Microsoft Office XP Professional	10.0.6626.0	Microsoft Corporation
17.07.2012	hxxp://www.microsoft.com/germany/support
Compatibility Pack für 2007 Office System	12.0.4518.1014	Microsoft
Corporation	03.11.2008	hxxp://www.microsoft.com/support
DSL-Manager			30.09.2009	
Microsoft Office PowerPoint Viewer 2007 (German)	12.0.4518.1014
Microsoft Corporation	03.11.2008	hxxp://support.microsoft.com
HP Demo	1.00.0000	Hewlett-Packard	12.09.2008	hxxp://www.hp.com
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	9.0.30729
Microsoft Corporation	02.07.2012	
Steganos Privacy Suite 14	14.0.3	Steganos Software GmbH	09.11.2012
hxxp://www.steganos.com
QuickSteuer 2010	16.14.00.0002	Haufe-Lexware GmbH & Co. KG	29.03.2012
hxxp://www.lexware.de
Adobe Reader X (10.1.4) - Deutsch	10.1.4	Adobe Systems Incorporated
16.08.2012	hxxp://www.adobe.de/support/main.html
funScreenScraping Microsoft Systemdateien	1.0.6	fun communications GmbH
27.01.2009	
pdfforge Toolbar v1.0	1.00.0000	GreenTree Applications, Inc.	28.04.2009	
LexwareVereinsverwaltung 12 Update	12.0	Haufe-Lexware GmbH & Co KG
02.07.2012	hxxp://www.linear-software.de
muvee autoProducer 6.1	6.10.050	muvee Technologies	12.09.2008
hxxp://www.muvee.com
HP Customer Experience Enhancements	5.6.0.2510	Hewlett-Packard
12.09.2008	hxxp://www.Hewlett-Packard.com
LabelPrint	2.2.2913	CyberLink Corp.	25.09.2008	
RedmarkVereinsverwaltung 2011	10.0	WRS Verlag GmbH & Co KG	25.06.2010
hxxp://www.linear-software.de
HP Update	4.000.010.008	Hewlett-Packard	12.09.2008	hxxp://www.hp.com
Lexware online banking	12.00.00.0043	Haufe-Lexware GmbH & Co.KG
10.03.2011	hxxp://www.lexware.de
Haufe iDesk-Service	8.08.20.5622	Haufe	30.01.2009	
Steganos Password Manager 2009	11.0.1	Steganos GmbH	09.11.2012
hxxp://www.steganos.com
ScanSoft OmniPage SE 4	15.2.0020	Nuance Communications, Inc.	04.11.2010
hxxp://www.nuance.de/support
QuickSteuer 2011	17.07.00.0001	Haufe-Lexware GmbH & Co.KG	29.03.2012
hxxp://www.lexware.de
T-Home Dialerschutz-Software			26.12.2010	
SPORE Creature Creator Trial Edition	1.00.0000	Electronic Arts	25.09.2008	
Realtek High Definition Audio Driver	6.0.1.6151	Realtek Semiconductor
Corp.	14.07.2010	
Lexware Info Service	2.80.00.0007	Haufe-Lexware GmbH & Co.KG	23.01.2012
hxxp://www.lexware.de
HP Easy Setup - Frontend	5.7.0.2693	Hewlett-Packard	12.09.2008
hxxp://www.hp.com
Haufe iDesk-Browser	8.07.16.5590	Haufe	30.01.2009	hxxp://www.Haufe.de
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	9.0.21022
Microsoft Corporation	12.09.2008	
Microsoft SkyDrive	17.0.2003.1112	Microsoft Corporation	16.11.2012
hxxp://go.microsoft.com/fwlink/?LinkID=215117
Unity Web Player		Unity Technologies ApS	01.10.2010	hxxp://unity3d.com/
Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 )
02/11/2010 	Leaf Imaging Ltd.	30.06.2011	
HP Imaging Device Functions 9.0	9.0	HP	03.11.2008	hxxp://www.hp.com/support
HP Photosmart Essential 3.0	3.0	HP	25.09.2008	hxxp://www.hp.com/support
HP Solution Center 9.0	9.0	HP	03.11.2008	hxxp://www.hp.com/support
HP Customer Participation Program 9.0	9.0	HP	03.11.2008
hxxp://www.hp.com/support
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU		Microsoft
Corporation	19.08.2009	hxxp://go.microsoft.com/fwlink/?LinkId=120337
Microsoft .NET Framework 3.5 SP1		Microsoft Corporation	07.07.2009
hxxp://go.microsoft.com/fwlink/?LinkId=120337
Microsoft .NET Framework 4 Client Profile	4.0.30319	Microsoft
Corporation	08.09.2010	hxxp://go.microsoft.com/fwlink/?LinkId=164164
Microsoft .NET Framework 4 Client Profile DEU Language Pack	4.0.30319
Microsoft Corporation	08.09.2010
hxxp://go.microsoft.com/fwlink/?LinkId=164164
NVIDIA Drivers			12.09.2008	
Testversion von Microsoft Office Home and Student 2007			03.11.2008	
ZDFmediathek Version 1.4.3		ZDF	21.11.2008	hxxp://www.zdf.de
Microsoft Visual C++ 2005 Redistributable (x64)	8.0.56336	Microsoft
Corporation	12.09.2008	
Canon iP4700 series Printer Driver			21.01.2010	
iTunes	10.7.0.21	Apple Inc.	24.09.2012	hxxp://www.apple.com/de/support/
HP Color LaserJet CP1510 Series 2.0	2.0	HP	03.11.2008
hxxp://www.hp.com/support
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	9.0.21022
Microsoft Corporation	12.09.2008	
Bonjour	3.0.0.10	Apple Inc.	13.12.2011	hxxp://www.apple.com/de/support
Microsoft Visual C++ 2005 Redistributable (x64)	8.0.50727.42	Microsoft
Corporation	12.09.2008	
Apple Mobile Device Support	6.0.0.59	Apple Inc.	24.09.2012
hxxp://www.apple.com/support/
Adobe Photoshop Lightroom 4.2 64-bit	4.2.1	Adobe	09.10.2012
hxxp://www.adobe.de
Adobe Photoshop Lightroom 2.5 64-bit	2.5	Adobe	06.01.2011
hxxp://www.adobe.de
Microsoft SQL Server VSS Writer	9.00.4035.00	Microsoft Corporation
25.06.2010	hxxp://go.microsoft.com/fwlink/?LinkId=52155
Microsoft SQL Server Native Client	9.00.4035.00	Microsoft Corporation
25.06.2010	hxxp://go.microsoft.com/fwlink/?LinkId=52153
Internet Explorer	9.0.8112.16421	Microsoft Corporation	
hxxp://support.microsoft.com/

HardwareprofilDetails anzeigen <#>

In diesem Abschnitt werden die wichtigsten Hardwaregeräte und
Komponenten des Systems angegeben.

Funktion	Details
PC-Hersteller	HP-Pavilion
Modell	FL321AA-ABD a6652de
Hersteller der Hauptplatine	PEGATRON CORPORATION
Produkt	NARRA3
CPU	AMD Phenom(tm) 9650 Quad-Core Processor
Version	AMD64 Family 16 Model 2 Stepping 3
Datenbreite	64 Bit
L2 Cache-Größe	512 KB
Ungefähre aktuelle Taktfrequenz	1.150 Mhz
Ungefähre maximale Taktfrequenz	2.300 Mhz
BIOS	Phoenix - AwardBIOS v6.00PG
Datum	20.06.2008
Version	HPQOEM - 42302e31
Auf Hauptplatine vorhandene Speichersteckplätze	4
Speicher-Chip	A0
RAM	2.048 MB
Geschwindigkeit	800 ns
Speicher-Chip	A1
RAM	2.048 MB
Geschwindigkeit	800 ns
System-Slot	PCI1
Status	Verfügbar
System-Slot	PCIEX16
Status	Verwendet
System-Slot	PCIEX1_1
Status	Verfügbar
System-Slot	PCIEX1_2
Status	Verfügbar
CD-Laufwerk	TSSTcorp CDDVDW TS-H653Q SCSI CdRom Device
Medientyp	DVD Writer
Version	0303
Hersteller der Grafikkarte	ATI Technologies Inc.
Grafikkarte	ATI Radeon HD 3650
RAM	512 MB
Modus	1680 x 1050 x 4294967296 Farben
Treiber
atidxx32,atidxx64.dll,atiumdag,atiumdva,atiumd64.dll,atiumd6a.dat,atitmm64.dll
Datum	15.05.2008
Version	7.01.01.788
Festplattenmodell	WDC WD64 00AAKS-65A7B SCSI Disk Device
Schnittstelle	SCSI
Festplattenmodell	Generic- Compact Flash USB Device
Schnittstelle	USB
Festplattenmodell	Generic- MS/MS-Pro USB Device
Schnittstelle	USB
Festplattenmodell	Generic- SD/MMC USB Device
Schnittstelle	USB
Festplattenmodell	Generic- SM/xD-Picture USB Device
Schnittstelle	USB
Netzwerkadapter	NVIDIA nForce 10/100 Mbps Ethernet
Softwarename	NVENETFD
Sound-Hersteller	Realtek
Modell	Realtek High Definition Audio
Sound-Hersteller	Microsoft
Modell	High Definition Audio-Gerät
Drucker	PDFCreator
Drucker	PDF24 PDF
Drucker	Microsoft XPS Document Writer
Drucker	HP Color LaserJet CP1510 Series PCL 6
Website	hxxp://go.microsoft.com/fwlink/?LinkID=37&prd=10798&sbp=Printers
Drucker	Epson Stylus COLOR 880 (M)
Website	hxxp://go.microsoft.com/fwlink/?LinkID=36&prd=10798&sbp=Printers
Drucker	Canon iP4700 series
Website	hxxp://www.canon.com/support/index.html?model=Canon iP4700 series
Anzahl aktiver logischer CPUs	4

NetzwerkverbindungstestDetails anzeigen <#>

Anhand dieses Abschnitts wird der Netzwerkverbindungsstatus des Systems
überprüft.

Statusprüfung	Ergebnis
Status der physischen Verbindung am NVIDIA nForce 10/100 Mbps Ethernet
Verbunden
Netzwerkkonfigurationsstatus	Lokales Netzwerk erkannt, LAN, RAS installiert
Netzwerkroute festgelegt	Ja
192.168.178.1 Gateway am NVIDIA nForce 10/100 Mbps Ethernet 	Erreichbar
Host-Überprüfung für Wide Area Internet	Erreichbar
DNS-Auflösungstest (Domain Name System)	Bestanden für hxxp://www.symantec.de
Norton LiveUpdate-Server	Erreichbar

SystemwiederherstellungspunkteDetails anzeigen <#>

In diesem Abschnitt finden Sie die verwendeten
Systemwiederherstellungspunkte.

Checkpoint-Typ	Datum
Gerätetreiber-Paketinstallation: Apple, Inc. USB-Controller	13.06.2012
Gerätetreiber-Paketinstallation: Apple Netzwerkadapter	13.06.2012
Windows Update	14.06.2012
Windows Update	19.06.2012
LexwareVereinsverwaltung 12 Update wurde installiert.	02.07.2012
Installed DxO FilmPack 2.0	02.07.2012
Removed DxO FilmPack 2.0	02.07.2012
Installed DxO FilmPack 2.0	02.07.2012
Installed Java(TM) 6 Update 33	09.07.2012
Windows Update	11.07.2012
Entfernt Motorola Phone Tools	15.07.2012
Entfernt Motorola Phone Tools	15.07.2012
Entfernt Motorola Phone Tools	15.07.2012
Microsoft Office XP Professional wird entfernt	17.07.2012
Microsoft Office XP Professional wird installiert	17.07.2012
Installed SmartFTP Client	25.07.2012
Removed SmartFTP Client	25.07.2012
Removed Safari	06.08.2012
Windows Update	16.08.2012
Installed Java 7 Update 7	01.09.2012
Windows Update	13.09.2012
Norton 360 Registry Clean	18.09.2012
Windows Update	22.09.2012
Gerätetreiber-Paketinstallation: Apple, Inc. USB-Controller	24.09.2012
Installed Adobe Photoshop Lightroom 4.2 64-bit.	09.10.2012
DLL-Files.com Fixer Di, Okt 09, 12 14:48	09.10.2012
Windows Update	10.10.2012
Installed Steganos Privacy Suite 14	09.11.2012
Installed Java 7 Update 9	10.11.2012
Windows Update	15.11.2012

Derzeit ausgeführte ProzesseDetails anzeigen <#>

In diesem Abschnitt werden die aktuell ausgeführten Prozesse sowie die
bisher dafür aufgebrachte Zeit aufgeführt.

Prozessname	Bisherige Verarbeitungszeit	Arbeitssatzspeicher	Ladepfad
System Idle Process	03 Stunde(n), 13 Minute(n), 47 Sekunde(n)	24 KB	N/V
System	01 Minute(n), 49 Sekunde(n)	6.668 KB	N/V
smss.exe	01 Sekunde(n)	1.084 KB	N/V
csrss.exe	12 Sekunde(n)	8.028 KB	C:\Windows\system32\
wininit.exe	01 Sekunde(n)	6.076 KB	C:\Windows\system32\
csrss.exe	05 Sekunde(n)	9.160 KB	C:\Windows\system32\
services.exe	16 Sekunde(n)	9.644 KB	C:\Windows\system32\
lsass.exe	05 Sekunde(n)	3.216 KB	C:\Windows\system32\
lsm.exe	01 Sekunde(n)	6.320 KB	C:\Windows\system32\
winlogon.exe	01 Sekunde(n)	8.196 KB	C:\Windows\system32\
svchost.exe	15 Sekunde(n)	8.984 KB	C:\Windows\system32\
svchost.exe	01 Sekunde(n)	10.968 KB	C:\Windows\system32\
Ati2evxx.exe	01 Sekunde(n)	6.600 KB	C:\Windows\system32\
svchost.exe	01 Sekunde(n)	18.340 KB	C:\Windows\System32\
svchost.exe	01 Minute(n), 47 Sekunde(n)	154.556 KB	C:\Windows\System32\
svchost.exe	14 Sekunde(n)	92.864 KB	C:\Windows\system32\
audiodg.exe	01 Sekunde(n)	19.884 KB	N/V
svchost.exe	01 Sekunde(n)	7.064 KB	C:\Windows\system32\
SLsvc.exe	02 Sekunde(n)	13.856 KB	C:\Windows\system32\
svchost.exe	01 Sekunde(n)	19.344 KB	C:\Windows\system32\
svchost.exe	01 Sekunde(n)	22.408 KB	C:\Windows\system32\
Ati2evxx.exe	01 Sekunde(n)	9.940 KB	C:\Windows\system32\
spoolsv.exe	01 Sekunde(n)	17.592 KB	C:\Windows\System32\
svchost.exe	02 Sekunde(n)	26.820 KB	C:\Windows\system32\
taskeng.exe	01 Sekunde(n)	8.340 KB	C:\Windows\system32\
PhotoshopElementsFileAgent.exe	01 Sekunde(n)	2.776 KB	C:\Program Files
(x86)\Adobe\Photoshop Elements 6.0\
armsvc.exe	01 Sekunde(n)	5.964 KB	C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\
AppleMobileDeviceService.exe	01 Sekunde(n)	11.264 KB	C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\
mDNSResponder.exe	01 Sekunde(n)	6.380 KB	C:\Program Files\Bonjour\
browsemngr.exe	01 Sekunde(n)	7.224 KB	C:\ProgramData\Browser
Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\
DFInject64.exe	01 Sekunde(n)	5.036 KB	C:\Program Files
(x86)\T-Home\Dialerschutz-Software\
DTSRVC.exe	01 Sekunde(n)	5.756 KB	C:\Program Files (x86)\Common
Files\Portrait Displays\Shared\
svchost.exe	01 Sekunde(n)	7.260 KB	C:\Windows\SysWOW64\
svchost.exe	01 Sekunde(n)	10.044 KB	C:\Windows\SysWOW64\
LSSrvc.exe	01 Sekunde(n)	6.616 KB	C:\Program Files (x86)\Common
Files\LightScribe\
sqlservr.exe	01 Sekunde(n)	3.132 KB	c:\Program Files (x86)\Microsoft SQL
Server\MSSQL.1\MSSQL\Binn\
ccsvchst.exe	05 Minute(n), 03 Sekunde(n)	27.700 KB	C:\Program Files
(x86)\Norton 360\Engine\6.4.0.9\
svchost.exe	01 Sekunde(n)	4.676 KB	C:\Windows\System32\
svchost.exe	01 Sekunde(n)	4.388 KB	C:\Windows\System32\
svchost.exe	01 Sekunde(n)	6.920 KB	C:\Windows\system32\
sqlwriter.exe	01 Sekunde(n)	9.856 KB	c:\Program Files\Microsoft SQL
Server\90\Shared\
svchost.exe	01 Sekunde(n)	10.664 KB	C:\Windows\system32\
svchost.exe	01 Sekunde(n)	4.484 KB	C:\Windows\System32\
SearchIndexer.exe	02 Minute(n), 20 Sekunde(n)	81.680 KB	C:\Windows\system32\
WUDFHost.exe	01 Sekunde(n)	7.132 KB	C:\Windows\system32\
ccsvchst.exe	13 Minute(n), 	26.244 KB	C:\Program Files (x86)\Norton
360\Engine\6.4.0.9\
dwm.exe	35 Sekunde(n)	97.396 KB	C:\Windows\system32\
taskeng.exe	01 Sekunde(n)	14.556 KB	C:\Windows\system32\
explorer.exe	13 Sekunde(n)	54.528 KB	C:\Windows\
browsemngr.exe	01 Minute(n), 21 Sekunde(n)	10.048 KB
C:\ProgramData\Browser
Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\
ipoint.exe	01 Sekunde(n)	14.760 KB	C:\Program Files\Microsoft IntelliPoint\
wmdSync.exe	01 Sekunde(n)	7.564 KB	C:\Windows\WindowsMobile\
sidebar.exe	01 Minute(n), 24 Sekunde(n)	68.884 KB	C:\Program
Files\Windows Sidebar\
ehtray.exe	01 Sekunde(n)	2.876 KB	C:\Windows\ehome\
dpupdchk.exe	01 Sekunde(n)	5.768 KB	C:\Program Files\Microsoft IntelliPoint\
SkyDrive.exe	02 Sekunde(n)	27.584 KB
C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\
SteganosBrowserMonitor.exe	01 Sekunde(n)	6.892 KB	C:\Program Files
(x86)\Steganos Privacy Suite 14\
hpsysdrv.exe	01 Sekunde(n)	6.284 KB	C:\hp\support\
hpwuSchd2.exe	01 Sekunde(n)	6.232 KB	C:\Program Files (x86)\HP\HP
Software Update\
MOM.exe	01 Sekunde(n)	7.612 KB	c:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\
OpWareSE4.exe	01 Sekunde(n)	6.448 KB	C:\Program Files
(x86)\ScanSoft\OmniPageSE4\
Defender64.exe	01 Sekunde(n)	5.396 KB	C:\Program Files
(x86)\T-Home\Dialerschutz-Software\
apdproxy.exe	03 Sekunde(n)	10.208 KB	C:\Program Files
(x86)\Adobe\Photoshop Elements 6.0\
dthtml.exe	07 Sekunde(n)	13.172 KB	C:\Program Files (x86)\Portrait
Displays\HP My Display\
hppusg.exe	01 Sekunde(n)	3.468 KB	C:\Program Files (x86)\HP\HP UT\bin\
LxUpdateManager.exe	01 Sekunde(n)	11.164 KB	C:\Program Files
(x86)\Common Files\Lexware\Update Manager\
pdf24.exe	01 Sekunde(n)	8.340 KB	C:\Program Files (x86)\PDF24\
iTunesHelper.exe	01 Sekunde(n)	13.644 KB	C:\Program Files (x86)\iTunes\
SteganosHotKeyService.exe	01 Sekunde(n)	6.892 KB	C:\Program Files
(x86)\Steganos Privacy Suite 14\
fredirstarter.exe	01 Sekunde(n)	5.716 KB	C:\Program Files (x86)\Steganos
Privacy Suite 14\
ehmsas.exe	01 Sekunde(n)	6.208 KB	C:\Windows\ehome\
wmpnscfg.exe	01 Sekunde(n)	7.564 KB	C:\Program Files\Windows Media Player\
CCC.exe	07 Sekunde(n)	11.052 KB	C:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\
sidebar.exe	01 Sekunde(n)	27.764 KB	C:\Program Files\Windows Sidebar\
conime.exe	01 Sekunde(n)	6.584 KB	C:\Windows\SysWOW64\
kbd.exe	01 Sekunde(n)	11.796 KB	C:\hp\kbd\
svchost.exe	01 Sekunde(n)	9.480 KB	C:\Windows\system32\
iPodService.exe	01 Sekunde(n)	8.484 KB	C:\Program Files\iPod\bin\
wmpnetwk.exe	01 Minute(n), 09 Sekunde(n)	35.060 KB	C:\Program
Files\Windows Media Player\
svchost.exe	01 Sekunde(n)	11.984 KB	C:\Windows\system32\
DslMgr.exe	49 Sekunde(n)	12.272 KB	C:\Program Files (x86)\DSL-Manager\
DslMgrSvc.exe	25 Sekunde(n)	9.928 KB	C:\Program Files (x86)\DSL-Manager\
SearchProtocolHost.exe	01 Minute(n), 16 Sekunde(n)	13.860 KB
C:\Windows\system32\
dllhost.exe	01 Sekunde(n)	7.628 KB	C:\Windows\SysWOW64\
Webshots.scr	03 Minute(n), 05 Sekunde(n)	13.748 KB	C:\PROGRA~2\Webshots\
HPHC_Service.exe	01 Sekunde(n)	15.616 KB	c:\Program Files
(x86)\Hewlett-Packard\HP Health Check\
thunderbird.exe	01 Minute(n), 22 Sekunde(n)	139.988 KB	C:\Program Files
(x86)\Mozilla Thunderbird\
firefox.exe	34 Sekunde(n)	213.324 KB	C:\Program Files (x86)\Mozilla Firefox\
WINWORD.EXE	01 Sekunde(n)	32.752 KB	C:\Program Files (x86)\Microsoft
Office\Office10\
splwow64.exe	01 Sekunde(n)	11.396 KB	C:\Windows\
ielowutil.exe	01 Sekunde(n)	7.236 KB	C:\Program Files (x86)\Internet
Explorer\
SearchFilterHost.exe	01 Sekunde(n)	9.260 KB	C:\Windows\system32\
WmiPrvSE.exe	01 Sekunde(n)	14.776 KB	C:\Windows\system32\wbem\

------------------------------------------------------------------------

Danke für Deine Hilfe !!

cosinus · 19.11.2012, 13:19

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

LouLau · 19.11.2012, 18:07

Hallo Cosinus,

hat ein wenig gedauert, denn ich kämpfe auch noch auf anderern "Feldern"...

Logfiles sind wohl zu dick, daher als "Zipp" angehängt !

Vielen DanK für deine Hilfe....

cosinus · 19.11.2012, 19:15

Ist unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

LouLau · 20.11.2012, 12:29

Guten Tag Cosinus !

Voila: Hier das Ergebnis....

Code:

ATTFilter

# AdwCleaner v2.008 - Datei am 20/11/2012 um 12:24:49 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Herbert - HP-DESKTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Herbert\Desktop\20_11_2012\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Browser Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\search@searchsettings.com
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\searchplugins\browsemngr.xml
Datei Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Program Files (x86)\Claro LTD
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\Users\Herbert\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\Local\OpenCandy
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\pdfforge
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\ConduitCommon
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\CT2269050
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\Claro LTD
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\Claro LTD
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\pdfforge
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gefunden : HKU\S-1-5-21-1688068568-1394201121-2249768852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1688068568-1394201121-2249768852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\prefs.js

Gefunden : user_pref("CT2102572.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2102572.CTID", "CT2102572");
Gefunden : user_pref("CT2102572.CurrentServerDate", "22-11-2010");
Gefunden : user_pref("CT2102572.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2102572.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2102572.EMailNotifierPollDate", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.ExternalComponentPollDate128980152151612826", "Mon Nov 22 2010 15:45:31 GMT+010[...]
Gefunden : user_pref("CT2102572.ExternalComponentPollDate129010430308906809", "Mon Nov 22 2010 15:45:32 GMT+010[...]
Gefunden : user_pref("CT2102572.ExternalComponentPollDate129241049870851286", "Mon Nov 22 2010 15:45:32 GMT+010[...]
Gefunden : user_pref("CT2102572.FeedLastCount128731380714969334", 422);
Gefunden : user_pref("CT2102572.FeedLastCount129318697243744006", 180);
Gefunden : user_pref("CT2102572.FeedPollDate128734848660238153", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734848780081259", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734848899768760", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849162893952", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849298831492", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849447894294", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849563988162", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849694613310", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849871644036", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850012112791", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850140238024", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850329613306", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851254769189", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851343519240", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851486175530", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851555550653", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851626019450", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851705082013", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128737465108387945", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837786", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837787", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837788", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837789", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837790", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837791", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837792", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837793", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837794", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837795", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedTTL128734849694613310", 5);
Gefunden : user_pref("CT2102572.FeedTTL128734850012112791", 30);
Gefunden : user_pref("CT2102572.FeedTTL128737465108387945", 5);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837786", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837787", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837788", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837789", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837790", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837791", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837792", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837793", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837795", 40);
Gefunden : user_pref("CT2102572.FirstServerDate", "22-11-2010");
Gefunden : user_pref("CT2102572.FirstTime", true);
Gefunden : user_pref("CT2102572.FirstTimeFF3", true);
Gefunden : user_pref("CT2102572.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2102572.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT2102572.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2102572.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2102572.Initialize", true);
Gefunden : user_pref("CT2102572.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2102572.InstallationAndCookieDataSentCount", 1);
Gefunden : user_pref("CT2102572.InstalledDate", "Mon Nov 22 2010 15:45:36 GMT+0100");
Gefunden : user_pref("CT2102572.InvalidateCache", false);
Gefunden : user_pref("CT2102572.IsGrouping", false);
Gefunden : user_pref("CT2102572.IsMulticommunity", false);
Gefunden : user_pref("CT2102572.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2102572.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2102572.LanguagePackLastCheckTime", "Mon Nov 22 2010 15:45:36 GMT+0100");
Gefunden : user_pref("CT2102572.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2102572.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2102572.LastLogin_2.7.1.3", "Mon Nov 22 2010 15:48:15 GMT+0100");
Gefunden : user_pref("CT2102572.LatestVersion", "2.7.2.0");
Gefunden : user_pref("CT2102572.Locale", "de");
Gefunden : user_pref("CT2102572.LoginCache", 4);
Gefunden : user_pref("CT2102572.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2102572.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2102572.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2102572.RadioIsPodcast", false);
Gefunden : user_pref("CT2102572.RadioLastCheckTime", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2102572.RadioLastUpdateServer", "128929877726170000");
Gefunden : user_pref("CT2102572.RadioMediaID", "9512588");
Gefunden : user_pref("CT2102572.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2102572.RadioMenuSelectedID", "EBRadioMenu_CT21025729512588");
Gefunden : user_pref("CT2102572.RadioStationName", "Antenne%20Bayern%20Top%2040%20");
Gefunden : user_pref("CT2102572.RadioStationURL", "hxxp://channels.webradio.antenne.de/top-40");
Gefunden : user_pref("CT2102572.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2102572.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2102572.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT210[...]
Gefunden : user_pref("CT2102572.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2102572.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2102572.SearchInNewTabLastCheckTime", "Mon Nov 22 2010 15:48:15 GMT+0100");
Gefunden : user_pref("CT2102572.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2102572.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2102572.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2102572.SettingsLastCheckTime", "Mon Nov 22 2010 15:45:31 GMT+0100");
Gefunden : user_pref("CT2102572.SettingsLastUpdate", "1288262151");
Gefunden : user_pref("CT2102572.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2102572.ThirdPartyComponentsLastCheck", "Mon Nov 22 2010 15:45:31 GMT+0100");
Gefunden : user_pref("CT2102572.ThirdPartyComponentsLastUpdate", "1255348257");
Gefunden : user_pref("CT2102572.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2102572.UserID", "UN92440906239067222");
Gefunden : user_pref("CT2102572.WeatherNetwork", "");
Gefunden : user_pref("CT2102572.WeatherPollDate", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.WeatherUnit", "C");
Gefunden : user_pref("CT2102572.alertChannelId", "518348");
Gefunden : user_pref("CT2102572.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Gefunden : user_pref("CT2102572.clientLogIsEnabled", true);
Gefunden : user_pref("CT2102572.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2102572.myStuffEnabled", true);
Gefunden : user_pref("CT2102572.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2102572.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2102572.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2102572.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2102572.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CT2269050..clientLogIsEnabled", true);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.AppTrackingLastCheckTime", "Wed Jun 13 2012 09:40:32 GMT+0200");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gefunden : user_pref("CT2269050.CTID", "CT2269050");
Gefunden : user_pref("CT2269050.CommunitiesChangesLastCheckTime", "0");
Gefunden : user_pref("CT2269050.CurrentServerDate", "13-11-2012");
Gefunden : user_pref("CT2269050.DSChangedManually", false);
Gefunden : user_pref("CT2269050.DSInstall", true);
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Mon Nov 12 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Mon Jan 23 2012 16:58:12 GMT+0100");
Gefunden : user_pref("CT2269050.EnableClickToSearchBox", false);
Gefunden : user_pref("CT2269050.EnableSearchHistory", false);
Gefunden : user_pref("CT2269050.EnableSearchSuggest", false);
Gefunden : user_pref("CT2269050.FirstServerDate", "23-1-2012");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT2269050.GroupingInvalidateCache", false);
Gefunden : user_pref("CT2269050.GroupingLastCheckTime", "0");
Gefunden : user_pref("CT2269050.GroupingLastServerUpdateTime", "0");
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HPInstall", true);
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://www.zdf.de/");
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Mon Jan 23 2012 12:32:38 GMT+0100");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsInitSetupIni", true);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", false);
Gefunden : user_pref("CT2269050.IsProtectorsInit", true);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_3.10.0.1", "Tue Apr 24 2012 19:28:40 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.12.0.7", "Thu Apr 26 2012 12:59:53 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 08:53:16 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 09:52:52 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.14.1.0", "Tue Aug 21 2012 17:28:44 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:13:04 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.16.0.3", "Tue Nov 13 2012 09:47:21 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.9.0.3", "Wed Feb 15 2012 10:38:02 GMT+0100");
Gefunden : user_pref("CT2269050.LatestVersion", "3.16.0.3");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipShow", false);
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.OriginalFirstVersion", "3.9.0.3");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Mon Jan 23 2012 16:59:39 GMT+0100");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2269050.SavedHomepage", "hxxp://www.zdf.de/");
Gefunden : user_pref("CT2269050.SearchBackToDefaultEngine", false);
Gefunden : user_pref("CT2269050.SearchBoxWidth", 158);
Gefunden : user_pref("CT2269050.SearchCaption", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CT2269050.SearchEngine", "eBay||hxxp://shop.ebay.com/?_from=R40&_trksid=m38&_nkw=UCM_SEAR[...]
Gefunden : user_pref("CT2269050.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Gefunden : user_pref("CT2269050.SearchProtectorEnabled", true);
Gefunden : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2269050.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Tue Nov 13 2012 10:41:17 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Tue Nov 13 2012 09:47:18 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1352142245");
Gefunden : user_pref("CT2269050.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Jun 22 2012 11:26:05 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2269050.UserID", "UN43593155779630519");
Gefunden : user_pref("CT2269050.ValidationData_Search", 2);
Gefunden : user_pref("CT2269050.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Mon Jan 23 2012 16:39:22 GMT+0100");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.approveUntrustedApps", true);
Gefunden : user_pref("CT2269050.autoDisableScopes", -1);
Gefunden : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "2423");
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6F6B70736D737277");
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757176797379787D242F4B4947[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cj7;chgjd$nn", "247E61393F236B25717277732A212C6E414F444[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g>d", "6A6E706C3F7343437A7475714820744C767C257C7D527C2A25[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Gefunden : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Gefunden : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Gefunden : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D464[...]
Gefunden : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3D696C6C403E73427A6F45734A7378487D4A7C7A4D");
Gefunden : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6B70736D737172777A78");
Gefunden : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Gefunden : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Gefunden : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Gefunden : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gefunden : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Gefunden : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gefunden : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "66616C7365");
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "536174204A616E20323820323031322031323A[...]
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Gefunden : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Gefunden : user_pref("CT2269050.componentAlertEnabled", false);
Gefunden : user_pref("CT2269050.components.1000034", false);
Gefunden : user_pref("CT2269050.components.1000082", false);
Gefunden : user_pref("CT2269050.components.1000234", false);
Gefunden : user_pref("CT2269050.components.129023235807856892", false);
Gefunden : user_pref("CT2269050.components.129121052374999726", false);
Gefunden : user_pref("CT2269050.components.129351672002618989", false);
Gefunden : user_pref("CT2269050.components.129351776130744254", false);
Gefunden : user_pref("CT2269050.components.129391330693125668", false);
Gefunden : user_pref("CT2269050.components.129466585396013141", false);
Gefunden : user_pref("CT2269050.components.129466585399606892", false);
Gefunden : user_pref("CT2269050.components.129681780741097243", false);
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Thu Jun 21 2012 12:33:36 GMT+0200");
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2269050.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2269050.isSearchProtectorNotifyChanges", false);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129466585399606892,129[...]
Gefunden : user_pref("CT2269050.revertSettingsEnabled", true);
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Mon Jun 25 2012 12:33:36 GMT+0200");
Gefunden : user_pref("CT2269050.usageEnabled", false);
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"7ed[...]
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Herbert\\AppData\\Roaming\\Mozilla\[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v3.1.0/gadget.html", [...]
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "${URL_SEARCHPAGE}");
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2102572,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2102572,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CommunityToolbar.globalUserId", "61a60e1b-2f07-4b88-ab2b-b13dafcb0843");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jun 27 2012 09:52:5[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 01 2012 12:17:27 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 01 2012 12:17:19 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "12e75efd-c167-43c9-9b28-27aa379910a0");
Gefunden : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.zdf.de/");
Gefunden : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea[...]

*************************

AdwCleaner[R1].txt - [42432 octets] - [20/11/2012 12:24:49]

########## EOF - C:\AdwCleaner[R1].txt - [42493 octets] ##########

Danke für deine Hilfe !!

cosinus · 20.11.2012, 14:26

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

LouLau · 20.11.2012, 15:43

Hallo Cosinus,

Die gewünschten Files sind als "Zipp" angehängt.

Danke für deine Mühe..

cosinus · 20.11.2012, 18:00

Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
[2012.10.30 13:01:49 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2010.11.04 21:31:22 | 000,020,531 | -H-- | C] () -- C:\ProgramData\R49LW
[2009.03.15 16:35:01 | 000,015,428 | ---- | C] () -- C:\Users\Herbert\RefEdit.exd
@Alternate Data Stream - 989 bytes -> C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr
@Alternate Data Stream - 1170 bytes -> C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ
:Files
C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

LouLau · 20.11.2012, 18:41

Bin wieder da.....,
Es kommt langsam Licht am Tunnelende, denn den "Mist" gibst bereits nicht mehr.
Bei Öffnen der Browser kommt bereits wieder die gewohnte Startseite, aber ich nehme an, es gibt immer noch was zu tun ???

Hier das "Fix"-Ergebnis:

Code:

ATTFilter

All processes killed
Error: Unable to interpret <---------> in the current context!
========== OTL ==========
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\skin folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale\EN-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} folder moved successfully.
C:\ProgramData\R49LW moved successfully.
C:\Users\Herbert\RefEdit.exd moved successfully.
ADS C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr deleted successfully.
ADS C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ deleted successfully.
========== FILES ==========
C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Herbert\Desktop\Trojaner-Board\15_11_2012_2\cmd.bat deleted successfully.
C:\Users\Herbert\Desktop\Trojaner-Board\15_11_2012_2\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Herbert
->Temp folder emptied: 124915087 bytes
->Temporary Internet Files folder emptied: 59082137 bytes
->Java cache emptied: 24833220 bytes
->FireFox cache emptied: 66702974 bytes
->Apple Safari cache emptied: 31791104 bytes
->Flash cache emptied: 96022 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4712177 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 403461991 bytes
 
Total Files Cleaned = 683,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Error: Unable to interpret <---------> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 11202012_181843

Files\Folders moved on Reboot...
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF406A.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF407B.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF409A.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF40AA.tmp not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Danke für die Ausdauer.....

18.11.2012, 21:56	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	claro search entfernen Ich hab extra den Teil mit Norton zitiert, hat Norton denn nun was gefunden oder nicht? __________________ --> claro search entfernen

claro search entfernen

Log-Analyse und Auswertung: claro search entfernen