Optimizer Pro auf Laptop

klein_lola · 12.01.2013, 15:02

Hallo zusammen,
auf dem Laptop meiner Schwägerin befindet sich der obengenannte Optimizer Pro und wie ich schon im Netz dazu gelesen habe, handelt es sich ja um einen Virus. Könnte mir bitte jemand helfen das Ganze zu entfernen und den Laptop wieder zu bereinigen!
Ich wollte dazu noch sagen dass ich über TeamViewer auf ihren Laptop zugreife!
Und die EXTRA.txt wurde nicht erstellt.
Vorab Danke!

Code:

ATTFilter

OTL logfile created on: 12.01.2013 11:49:37 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Admin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 52,84% Memory free
6,19 Gb Paging File | 4,85 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 20,08 Gb Free Space | 17,24% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 106,63 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: XXXXX-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.12 11:45:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2012.10.30 11:56:40 | 000,197,152 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProSmartScan.exe
PRC - [2012.10.30 11:55:30 | 000,218,144 | ---- | M] (PC Utilities Pro) -- C:\Program Files\Optimizer Pro\OptProReminder.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012.09.12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.31 15:02:02 | 007,553,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.08.31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.08.31 15:02:02 | 002,282,920 | ---- | M] (TeamViewer GmbH) -- c:\program files\teamviewer\version7\TeamViewer_Desktop.exe
PRC - [2012.08.31 14:55:18 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 09:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\PSIA.exe
PRC - [2012.07.25 09:46:42 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012.05.29 12:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 12:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.03.18 05:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.01.21 03:24:21 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 00:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.04.19 19:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2007.04.17 21:39:42 | 000,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.02.06 02:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.01.18 03:26:36 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2006.12.19 01:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2008.03.09 15:01:07 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.02.04 21:29:02 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.12 18:22:25 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.09.08 18:27:56 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.25 09:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.07.25 09:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 12:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 12:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.03.18 05:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.02.06 02:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.01.12 11:42:42 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F49D914A-650E-46DF-9AE6-5A31DB6C5F94}\MpKslc30c3e0d.sys -- (MpKslc30c3e0d)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.07.02 11:23:05 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2011.09.22 18:10:46 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.09.01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.08.26 12:18:24 | 000,087,536 | ---- | M] (CyberLink Corp.) [2011/01/22 12:07:32] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2009.01.20 13:38:58 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\STEC3.sys -- (STEC3)
DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.22 00:40:59 | 001,772,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008.04.06 02:56:08 | 000,908,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.03.21 05:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.03.09 15:58:41 | 003,533,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.20 04:12:17 | 000,047,616 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [1999.09.10 13:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ASPI32.sys -- (Aspi32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109958&tt=0113_4&babsrc=HP_ss&mntrId=fc7e111200000000000000ffda41a6cd
IE - HKCU\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=0113_4&babsrc=SP_ss&mntrId=fc7e111200000000000000ffda41a6cd
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..CT2625848.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\xxx\AppData\Roaming\5018 [2011.06.14 14:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{665BCAD9-A056-4267-A3CA-FB4D288ABE49}: C:\Users\xxx\AppData\Local\{665BCAD9-A056-4267-A3CA-FB4D288ABE49} [2011.08.23 17:21:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.08 18:27:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.12 19:02:52 | 000,000,000 | ---D | M]
 
[2012.02.12 18:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.01.08 17:34:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\2esxun62.default\extensions
[2013.01.08 17:34:34 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\2esxun62.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.01.04 16:10:37 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\2esxun62.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.04 16:09:53 | 000,002,432 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\2esxun62.default\searchplugins\babylon1.xml
[2012.11.22 17:46:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.11.22 17:47:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.12 11:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\updated\extensions
[2013.01.12 11:44:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.12 11:45:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.09.08 18:27:57 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.04 16:09:21 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.08.31 13:10:19 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.09.07 18:09:13 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68C77064-0C27-4561-80FD-C7D46EEBBF88}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F255A252-3E2B-411A-9C7B-87E9C58BD95B}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.12 11:45:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.01.08 17:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.01.08 17:34:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\QuickScan
[2013.01.08 17:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.08 17:22:29 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.08 17:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.04 16:12:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Audacity
[2013.01.04 16:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2013.01.04 16:10:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Optimizer Pro
[2013.01.04 16:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2013.01.04 16:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2013.01.04 16:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.01.04 16:09:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Babylon
[2013.01.04 16:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.12 11:49:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.12 11:45:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.01.12 11:42:31 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.12 11:42:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.12 11:42:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.12 11:41:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.12 11:41:56 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.12 11:40:26 | 000,000,176 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2013.01.12 11:32:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000UA.job
[2013.01.11 21:16:43 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.01.11 21:04:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.11 20:32:00 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000Core.job
[2013.01.10 17:50:44 | 000,416,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.10 17:32:00 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.10 17:32:00 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.10 17:32:00 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.10 17:32:00 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.08 17:22:40 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.04 16:12:24 | 000,000,811 | ---- | M] () -- C:\Users\Admin\Desktop\Audacity.lnk
 
========== Files Created - No Company Name ==========
 
[2013.01.12 11:40:10 | 000,000,176 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2013.01.08 17:22:40 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.04 16:12:24 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.01.04 16:12:24 | 000,000,811 | ---- | C] () -- C:\Users\Admin\Desktop\Audacity.lnk
[2012.08.18 14:51:02 | 000,009,728 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.04 17:33:22 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.01.04 17:29:31 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.01.20 13:37:23 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.01.04 16:12:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2013.01.04 16:09:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Babylon
[2013.01.08 17:20:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.09.23 12:53:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2012.09.22 10:59:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.01.04 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Optimizer Pro
[2012.12.30 12:56:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Origin
[2013.01.08 17:34:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\QuickScan
[2012.02.12 18:53:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >

cosinus · 12.01.2013, 17:19

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.

Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].

Setze den Curser zwischen die CODE-Tags und drücke STRG+V.

Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

klein_lola · 12.01.2013, 17:43

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=9e140882a9797448abeaf4e8e81585b6
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-08 07:12:49
# local_time=2013-01-08 08:12:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 29986537 195205097 0 0
# scanned=210093
# found=1
# cleaned=1
# scan_time=9114
C:\Program Files\Optimizer Pro\OptimizerPro.exe	a variant of Win32/SpeedingUpMyPC application (deleted - quarantined)	3F929E8FBF617661A0950D6C9AE5C30EBB0A4F8B	C
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=9e140882a9797448abeaf4e8e81585b6
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-12 10:37:54
# local_time=2013-01-12 11:37:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 30301242 195519802 0 0
# scanned=142
# found=0
# cleaned=0
# scan_time=309

Code:

ATTFilter

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2013.01.08.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19393
Admin :: ELENALORENZ-PC [Administrator]

12.01.2013 15:58:11
mbam-log-2013-01-12 (15-58-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 431430
Laufzeit: 1 Stunde(n), 47 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 13.01.2013, 19:15

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Entpacke das Archiv auf deinem Desktop.
Im neu erstellten Ordner starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

klein_lola · 13.01.2013, 19:43

Also nach dem CleanUp hat sich das System nicht neugestartet, aber es kam die Meldung das alles klar ging.

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.13.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19393
Admin :: XXX-PC [administrator]

13.01.2013 19:37:50
mbar-log-2013-01-13 (19-37-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 26684
Time elapsed: 11 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
c:\$RECYCLE.BIN\S-1-5-18\$bbd0e7eb1e9d39209cec4d3545726a87\U (Trojan.Siredef.C) -> Delete on reboot.
c:\$RECYCLE.BIN\S-1-5-21-2435554401-882913050-925788319-1001\$bbd0e7eb1e9d39209cec4d3545726a87\U (Trojan.Siredef.C) -> Delete on reboot.
c:\$RECYCLE.BIN\S-1-5-18\$bbd0e7eb1e9d39209cec4d3545726a87\L (Trojan.Siredef.C) -> Delete on reboot.
c:\$RECYCLE.BIN\S-1-5-21-2435554401-882913050-925788319-1001\$bbd0e7eb1e9d39209cec4d3545726a87\L (Trojan.Siredef.C) -> Delete on reboot.
c:\$RECYCLE.BIN\S-1-5-18\$bbd0e7eb1e9d39209cec4d3545726a87 (Trojan.Siredef.C) -> Delete on reboot.
c:\$RECYCLE.BIN\S-1-5-21-2435554401-882913050-925788319-1001\$bbd0e7eb1e9d39209cec4d3545726a87 (Trojan.Siredef.C) -> Delete on reboot.

Files Detected: 1
c:\$RECYCLE.BIN\S-1-5-21-2435554401-882913050-925788319-1001\$bbd0e7eb1e9d39209cec4d3545726a87\@ (Trojan.Siredef.C) -> Delete on reboot.

(end)

cosinus · 13.01.2013, 20:40

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

klein_lola · 13.01.2013, 21:17

Code:

ATTFilter

ComboFix 13-01-13.01 - Admin 13.01.2013  20:55:10.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3071.1352 [GMT 1:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Local\{665BCAD9-A056-4267-A3CA-FB4D288ABE49}
c:\users\xxx\AppData\Local\{665BCAD9-A056-4267-A3CA-FB4D288ABE49}\chrome.manifest
c:\users\xxx\AppData\Local\{665BCAD9-A056-4267-A3CA-FB4D288ABE49}\chrome\content\overlay.xul
c:\users\xxx\AppData\Local\{665BCAD9-A056-4267-A3CA-FB4D288ABE49}\install.rdf
c:\users\xxx\AppData\Roaming\AcroIEHelpe.txt
c:\users\xxx\AppData\Roaming\srvblck2.tmp
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_STEC3
-------\Service_STEC3
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-13 bis 2013-01-13  ))))))))))))))))))))))))))))))
.
.
2013-01-13 20:02 . 2013-01-13 20:04	--------	d-----w-	c:\users\Admin\AppData\Local\temp
2013-01-13 20:02 . 2013-01-13 20:02	--------	d-----w-	c:\users\xxx\AppData\Local\temp
2013-01-13 20:02 . 2013-01-13 20:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-12 16:54 . 2012-11-08 18:00	6812136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E5159D02-5E59-4752-AE50-4BFFF5DFCCC1}\mpengine.dll
2013-01-12 16:53 . 2012-11-08 18:00	6812136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-12 16:47 . 2013-01-12 16:47	--------	d-----w-	c:\users\Admin\AppData\Local\Seven Zip
2013-01-09 16:29 . 2012-11-23 01:35	2048000	----a-w-	c:\windows\system32\win32k.sys
2013-01-09 16:27 . 2012-11-20 04:22	204288	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-09 16:27 . 2012-11-02 10:19	1400832	----a-w-	c:\windows\system32\msxml6.dll
2013-01-08 16:38 . 2013-01-08 16:38	--------	d-----w-	c:\program files\ESET
2013-01-08 16:34 . 2013-01-08 16:34	--------	d-----w-	c:\users\Admin\AppData\Roaming\QuickScan
2013-01-08 16:22 . 2012-09-07 16:04	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-01-08 16:22 . 2013-01-08 16:22	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2013-01-04 15:14 . 2013-01-09 19:57	--------	d-----w-	c:\users\xxx\AppData\Roaming\Audacity
2013-01-04 15:12 . 2013-01-04 15:12	--------	d-----w-	c:\users\Admin\AppData\Roaming\Audacity
2013-01-04 15:12 . 2013-01-04 15:12	--------	d-----w-	c:\program files\Audacity
2013-01-04 15:10 . 2013-01-04 15:10	--------	d-----w-	c:\users\Admin\AppData\Roaming\Optimizer Pro
2013-01-04 15:09 . 2013-01-08 19:12	--------	d-----w-	c:\program files\Optimizer Pro
2013-01-04 15:09 . 2013-01-08 16:17	--------	d-----w-	c:\programdata\Tarma Installer
2013-01-04 15:09 . 2013-01-04 15:09	--------	d-----w-	c:\users\Admin\AppData\Roaming\Babylon
2013-01-04 15:09 . 2013-01-04 15:09	--------	d-----w-	c:\programdata\Babylon
2012-12-22 19:48 . 2012-12-16 13:12	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-22 19:48 . 2012-12-16 10:50	293376	----a-w-	c:\windows\system32\atmfd.dll
2012-12-20 19:12 . 2012-12-20 19:12	--------	d-----w-	c:\users\xxx\AppData\Roaming\.minecraft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-02 12:52 . 2012-12-02 12:53	740840	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DE8B4647-1ED1-4D44-B14A-A03489045151}\gapaengine.dll
2012-11-13 01:29 . 2012-12-11 18:07	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 10:42 . 2012-12-11 18:11	916992	----a-w-	c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-11 18:11	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-11 18:11	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-11 18:11	71680	----a-w-	c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-11 18:11	109056	----a-w-	c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-11 18:11	385024	----a-w-	c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-11 18:11	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-09 07:11 . 2012-12-11 18:11	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-02 10:18 . 2012-12-11 18:11	376320	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-11 18:11	23040	----a-w-	c:\windows\system32\dpnsvr.exe
2013-01-12 10:45 . 2013-01-12 10:44	261600	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Optimizer Pro"="c:\program files\Optimizer Pro\OptProLauncher.exe" [2012-10-30 81952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
backup=c:\windows\pss\Secunia PSI Tray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2008-10-26 16:57	47672	----a-w-	c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2008-10-26 16:57	33136	----a-w-	c:\windows\ASScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE]
2007-10-12 04:44	106496	----a-w-	c:\windows\System32\ASUSTPE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-08-26 11:18	75048	------w-	c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54	3672384	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04	1164584	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2012-12-30 11:55	3492504	----a-w-	c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36	30040	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-09-07 16:04	766536	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
2008-06-14 01:11	210216	----a-w-	c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 23:08	87336	------w-	c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-07 08:25	4853760	----a-w-	c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 12:33	17418928	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 19:17	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04	252848	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 10:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2435554401-882913050-925788319-1000]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2435554401-882913050-925788319-1001]
"EnableNotificationsRef"=dword:00000002
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-12 17:22]
.
2013-01-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000Core.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-05 19:27]
.
2013-01-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000UA.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-05 19:27]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 18:03]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-06 18:03]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?affID=109958&tt=0113_4&babsrc=HP_ss&mntrId=fc7e111200000000000000ffda41a6cd
mStart Page = 
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\
FF - ExtSQL: 2012-11-18 13:27; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-11-22 17:47; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=fc7e111200000000000000ffda41a6cd&q=
FF - user.js: extensions.BabylonToolbar.id - fc7e111200000000000000ffda41a6cd
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15709
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.7.2
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.7.2
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.7.216:09
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109958&tt=0113_4
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-ichsehewas - c:\windows\IsUn0407.exe
AddRemove-LingoMaxx - c:\progra~1\LINGOM~1\UNWISE32
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-01-13 21:06
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\WLANExt.exe
c:\windows\System32\lpksetup.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Secunia\PSI\PSIA.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATKOSD2\ATKOSD2.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\TeamViewer\Version7\TeamViewer_Service.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
c:\windows\System32\WUDFHost.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Secunia\PSI\sua.exe
c:\program files\Optimizer Pro\OptProSmartScan.exe
c:\program files\Optimizer Pro\OptProReminder.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-13  21:10:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-13 20:10
.
Vor Suchlauf: 10 Verzeichnis(se), 23.266.070.528 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 23.423.021.056 Bytes frei
.
- - End Of File - - A51CFDE5BE105EDF9CA1EFB77C36548D

cosinus · 13.01.2013, 21:22

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

klein_lola · 14.01.2013, 09:40

Code:

ATTFilter

09:29:50.0189 2076  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:29:50.0361 2076  ============================================================
09:29:50.0361 2076  Current date / time: 2013/01/14 09:29:50.0361
09:29:50.0361 2076  SystemInfo:
09:29:50.0361 2076  
09:29:50.0361 2076  OS Version: 6.0.6002 ServicePack: 2.0
09:29:50.0361 2076  Product type: Workstation
09:29:50.0361 2076  ComputerName: XXX-PC
09:29:50.0361 2076  UserName: Admin
09:29:50.0361 2076  Windows directory: C:\Windows
09:29:50.0361 2076  System windows directory: C:\Windows
09:29:50.0361 2076  Processor architecture: Intel x86
09:29:50.0361 2076  Number of processors: 2
09:29:50.0361 2076  Page size: 0x1000
09:29:50.0361 2076  Boot type: Normal boot
09:29:50.0361 2076  ============================================================
09:29:51.0299 2076  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:29:51.0314 2076  ============================================================
09:29:51.0314 2076  \Device\Harddisk0\DR0:
09:29:51.0314 2076  MBR partitions:
09:29:51.0314 2076  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388B3B, BlocksNum 0xE8E0360
09:29:51.0330 2076  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFC68EDA, BlocksNum 0xD55B6A7
09:29:51.0330 2076  ============================================================
09:29:51.0377 2076  C: <-> \Device\Harddisk0\DR0\Partition1
09:29:51.0408 2076  D: <-> \Device\Harddisk0\DR0\Partition2
09:29:51.0408 2076  ============================================================
09:29:51.0408 2076  Initialize success
09:29:51.0408 2076  ============================================================
09:31:43.0767 0276  ============================================================
09:31:43.0767 0276  Scan started
09:31:43.0767 0276  Mode: Manual; SigCheck; TDLFS; 
09:31:43.0767 0276  ============================================================
09:31:44.0471 0276  ================ Scan system memory ========================
09:31:44.0471 0276  System memory - ok
09:31:44.0471 0276  ================ Scan services =============================
09:31:44.0627 0276  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:31:44.0721 0276  ACPI - ok
09:31:44.0799 0276  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:31:44.0814 0276  AdobeARMservice - ok
09:31:44.0908 0276  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:31:44.0924 0276  AdobeFlashPlayerUpdateSvc - ok
09:31:44.0986 0276  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:31:45.0017 0276  adp94xx - ok
09:31:45.0049 0276  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:31:45.0064 0276  adpahci - ok
09:31:45.0096 0276  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:31:45.0111 0276  adpu160m - ok
09:31:45.0127 0276  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:31:45.0142 0276  adpu320 - ok
09:31:45.0205 0276  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:31:45.0267 0276  AeLookupSvc - ok
09:31:45.0314 0276  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
09:31:45.0361 0276  AFD - ok
09:31:45.0392 0276  [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
09:31:45.0424 0276  AgereModemAudio - ok
09:31:45.0486 0276  [ 1CFEBA39FC613E45B49D3EDDFBCDA289 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
09:31:45.0533 0276  AgereSoftModem - ok
09:31:45.0611 0276  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:31:45.0627 0276  agp440 - ok
09:31:45.0658 0276  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:31:45.0674 0276  aic78xx - ok
09:31:45.0689 0276  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
09:31:45.0799 0276  ALG - ok
09:31:45.0846 0276  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:31:45.0861 0276  aliide - ok
09:31:45.0892 0276  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:31:45.0908 0276  amdagp - ok
09:31:45.0924 0276  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
09:31:45.0939 0276  amdide - ok
09:31:45.0955 0276  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
09:31:46.0002 0276  AmdK7 - ok
09:31:46.0017 0276  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:31:46.0049 0276  AmdK8 - ok
09:31:46.0111 0276  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
09:31:46.0158 0276  Appinfo - ok
09:31:46.0189 0276  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
09:31:46.0205 0276  arc - ok
09:31:46.0252 0276  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:31:46.0252 0276  arcsas - ok
09:31:46.0330 0276  [ 66597AD6098352D11239C0C42100B176 ] ASLDRService    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
09:31:46.0346 0276  ASLDRService ( UnsignedFile.Multi.Generic ) - warning
09:31:46.0346 0276  ASLDRService - detected UnsignedFile.Multi.Generic (1)
09:31:46.0377 0276  [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP          C:\Program Files\ATKGFNEX\ASMMAP.sys
09:31:46.0392 0276  ASMMAP - ok
09:31:46.0439 0276  [ B979979AB8027F7F53FB16EC4229B7DB ] Aspi32          C:\Windows\system32\drivers\Aspi32.sys
09:31:46.0455 0276  Aspi32 ( UnsignedFile.Multi.Generic ) - warning
09:31:46.0455 0276  Aspi32 - detected UnsignedFile.Multi.Generic (1)
09:31:46.0486 0276  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:31:46.0517 0276  AsyncMac - ok
09:31:46.0549 0276  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:31:46.0564 0276  atapi - ok
09:31:46.0627 0276  [ 4DF523F49694B2884F8E5D870BF3E253 ] athr            C:\Windows\system32\DRIVERS\athr.sys
09:31:46.0674 0276  athr - ok
09:31:46.0752 0276  [ B886D349AFAD502DE4F6EA0C64B1CC4D ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
09:31:46.0814 0276  Ati External Event Utility - ok
09:31:46.0955 0276  [ 8AE1745BFC7D383DAA3F82FE8D7BE7C0 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:31:47.0064 0276  atikmdag - ok
09:31:47.0096 0276  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
09:31:47.0111 0276  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
09:31:47.0111 0276  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
09:31:47.0158 0276  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:31:47.0205 0276  AudioEndpointBuilder - ok
09:31:47.0205 0276  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:31:47.0236 0276  Audiosrv - ok
09:31:47.0283 0276  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:31:47.0314 0276  Beep - ok
09:31:47.0346 0276  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
09:31:47.0377 0276  BFE - ok
09:31:47.0455 0276  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
09:31:47.0517 0276  BITS - ok
09:31:47.0549 0276  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:31:47.0580 0276  blbdrive - ok
09:31:47.0611 0276  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:31:47.0642 0276  bowser - ok
09:31:47.0674 0276  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:31:47.0705 0276  BrFiltLo - ok
09:31:47.0721 0276  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:31:47.0736 0276  BrFiltUp - ok
09:31:47.0767 0276  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
09:31:47.0799 0276  Browser - ok
09:31:47.0830 0276  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:31:48.0033 0276  Brserid - ok
09:31:48.0080 0276  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:31:48.0142 0276  BrSerWdm - ok
09:31:48.0158 0276  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:31:48.0205 0276  BrUsbMdm - ok
09:31:48.0221 0276  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
09:31:48.0299 0276  BrUsbSer - ok
09:31:48.0346 0276  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:31:48.0392 0276  BTHMODEM - ok
09:31:48.0424 0276  catchme - ok
09:31:48.0455 0276  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:31:48.0471 0276  cdfs - ok
09:31:48.0517 0276  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:31:48.0533 0276  cdrom - ok
09:31:48.0580 0276  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:31:48.0627 0276  CertPropSvc - ok
09:31:48.0658 0276  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
09:31:48.0705 0276  circlass - ok
09:31:48.0721 0276  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
09:31:48.0736 0276  CLFS - ok
09:31:48.0799 0276  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:31:48.0814 0276  clr_optimization_v2.0.50727_32 - ok
09:31:48.0877 0276  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:31:48.0892 0276  clr_optimization_v4.0.30319_32 - ok
09:31:48.0924 0276  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:31:48.0955 0276  CmBatt - ok
09:31:48.0971 0276  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:31:48.0986 0276  cmdide - ok
09:31:49.0002 0276  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:31:49.0017 0276  Compbatt - ok
09:31:49.0033 0276  COMSysApp - ok
09:31:49.0064 0276  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:31:49.0080 0276  crcdisk - ok
09:31:49.0096 0276  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:31:49.0142 0276  Crusoe - ok
09:31:49.0189 0276  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:31:49.0205 0276  CryptSvc - ok
09:31:49.0283 0276  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:31:49.0314 0276  DcomLaunch - ok
09:31:49.0346 0276  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:31:49.0377 0276  DfsC - ok
09:31:49.0471 0276  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
09:31:49.0580 0276  DFSR - ok
09:31:49.0627 0276  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:31:49.0658 0276  Dhcp - ok
09:31:49.0705 0276  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
09:31:49.0721 0276  disk - ok
09:31:49.0752 0276  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:31:49.0799 0276  Dnscache - ok
09:31:49.0830 0276  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:31:49.0861 0276  dot3svc - ok
09:31:49.0892 0276  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
09:31:49.0939 0276  DPS - ok
09:31:49.0986 0276  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:31:50.0002 0276  drmkaud - ok
09:31:50.0049 0276  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:31:50.0080 0276  DXGKrnl - ok
09:31:50.0127 0276  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:31:50.0158 0276  E1G60 - ok
09:31:50.0205 0276  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
09:31:50.0236 0276  EapHost - ok
09:31:50.0299 0276  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:31:50.0314 0276  Ecache - ok
09:31:50.0361 0276  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:31:50.0392 0276  ehRecvr - ok
09:31:50.0408 0276  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
09:31:50.0455 0276  ehSched - ok
09:31:50.0471 0276  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
09:31:50.0486 0276  ehstart - ok
09:31:50.0533 0276  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:31:50.0564 0276  elxstor - ok
09:31:50.0627 0276  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:31:50.0674 0276  EMDMgmt - ok
09:31:50.0705 0276  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:31:50.0736 0276  ErrDev - ok
09:31:50.0814 0276  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
09:31:50.0830 0276  EventSystem - ok
09:31:50.0877 0276  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
09:31:50.0908 0276  exfat - ok
09:31:50.0955 0276  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:31:50.0986 0276  fastfat - ok
09:31:51.0049 0276  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:31:51.0080 0276  fdc - ok
09:31:51.0111 0276  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:31:51.0142 0276  fdPHost - ok
09:31:51.0158 0276  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:31:51.0221 0276  FDResPub - ok
09:31:51.0252 0276  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:31:51.0283 0276  FileInfo - ok
09:31:51.0299 0276  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:31:51.0330 0276  Filetrace - ok
09:31:51.0361 0276  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:31:51.0408 0276  flpydisk - ok
09:31:51.0439 0276  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:31:51.0455 0276  FltMgr - ok
09:31:51.0549 0276  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
09:31:51.0580 0276  FontCache - ok
09:31:51.0658 0276  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:31:51.0689 0276  FontCache3.0.0.0 - ok
09:31:51.0705 0276  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:31:51.0752 0276  Fs_Rec - ok
09:31:51.0783 0276  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:31:51.0783 0276  gagp30kx - ok
09:31:51.0861 0276  [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio           C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
09:31:51.0877 0276  ghaio - ok
09:31:51.0908 0276  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:31:51.0955 0276  gpsvc - ok
09:31:52.0017 0276  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:31:52.0033 0276  gupdate - ok
09:31:52.0049 0276  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:31:52.0064 0276  gupdatem - ok
09:31:52.0127 0276  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:31:52.0189 0276  HdAudAddService - ok
09:31:52.0236 0276  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:31:52.0267 0276  HDAudBus - ok
09:31:52.0299 0276  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:31:52.0392 0276  HidBth - ok
09:31:52.0439 0276  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:31:52.0486 0276  HidIr - ok
09:31:52.0517 0276  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
09:31:52.0549 0276  hidserv - ok
09:31:52.0580 0276  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:31:52.0611 0276  HidUsb - ok
09:31:52.0642 0276  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:31:52.0674 0276  hkmsvc - ok
09:31:52.0705 0276  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:31:52.0721 0276  HpCISSs - ok
09:31:52.0767 0276  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:31:52.0814 0276  HTTP - ok
09:31:52.0846 0276  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:31:52.0861 0276  i2omp - ok
09:31:52.0908 0276  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:31:52.0924 0276  i8042prt - ok
09:31:52.0955 0276  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:31:52.0971 0276  iaStorV - ok
09:31:53.0033 0276  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:31:53.0049 0276  IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:31:53.0049 0276  IDriverT - detected UnsignedFile.Multi.Generic (1)
09:31:53.0111 0276  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:31:53.0158 0276  idsvc - ok
09:31:53.0205 0276  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:31:53.0221 0276  iirsp - ok
09:31:53.0267 0276  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:31:53.0299 0276  IKEEXT - ok
09:31:53.0424 0276  [ B795745F7E51AA20D46753EC5A811ACA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:31:53.0502 0276  IntcAzAudAddService - ok
09:31:53.0549 0276  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:31:53.0564 0276  intelide - ok
09:31:53.0596 0276  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:31:53.0642 0276  intelppm - ok
09:31:53.0674 0276  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:31:53.0721 0276  IPBusEnum - ok
09:31:53.0736 0276  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:31:53.0783 0276  IpFilterDriver - ok
09:31:53.0814 0276  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:31:53.0861 0276  iphlpsvc - ok
09:31:53.0861 0276  IpInIp - ok
09:31:53.0908 0276  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:31:53.0939 0276  IPMIDRV - ok
09:31:53.0955 0276  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:31:53.0986 0276  IPNAT - ok
09:31:54.0017 0276  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:31:54.0064 0276  IRENUM - ok
09:31:54.0080 0276  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:31:54.0096 0276  isapnp - ok
09:31:54.0127 0276  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:31:54.0158 0276  iScsiPrt - ok
09:31:54.0189 0276  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:31:54.0189 0276  iteatapi - ok
09:31:54.0221 0276  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:31:54.0236 0276  iteraid - ok
09:31:54.0267 0276  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:31:54.0267 0276  kbdclass - ok
09:31:54.0299 0276  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:31:54.0330 0276  kbdhid - ok
09:31:54.0361 0276  [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
09:31:54.0377 0276  kbfiltr - ok
09:31:54.0408 0276  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
09:31:54.0439 0276  KeyIso - ok
09:31:54.0471 0276  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:31:54.0502 0276  KSecDD - ok
09:31:54.0564 0276  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:31:54.0627 0276  KtmRm - ok
09:31:54.0658 0276  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:31:54.0689 0276  LanmanServer - ok
09:31:54.0721 0276  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:31:54.0767 0276  LanmanWorkstation - ok
09:31:54.0799 0276  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:31:54.0830 0276  lltdio - ok
09:31:54.0861 0276  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:31:54.0908 0276  lltdsvc - ok
09:31:54.0924 0276  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:31:54.0971 0276  lmhosts - ok
09:31:54.0986 0276  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:31:55.0002 0276  LSI_FC - ok
09:31:55.0017 0276  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:31:55.0033 0276  LSI_SAS - ok
09:31:55.0080 0276  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:31:55.0096 0276  LSI_SCSI - ok
09:31:55.0111 0276  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
09:31:55.0142 0276  luafv - ok
09:31:55.0189 0276  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:31:55.0189 0276  MBAMProtector - ok
09:31:55.0252 0276  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:31:55.0283 0276  MBAMScheduler - ok
09:31:55.0314 0276  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:31:55.0346 0276  MBAMService - ok
09:31:55.0392 0276  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:31:55.0424 0276  Mcx2Svc - ok
09:31:55.0471 0276  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:31:55.0486 0276  megasas - ok
09:31:55.0533 0276  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
09:31:55.0564 0276  MegaSR - ok
09:31:55.0627 0276  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:31:55.0642 0276  Microsoft Office Groove Audit Service - ok
09:31:55.0674 0276  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
09:31:55.0705 0276  MMCSS - ok
09:31:55.0736 0276  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
09:31:55.0767 0276  Modem - ok
09:31:55.0799 0276  [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA        C:\Windows\system32\drivers\MODEMCSA.sys
09:31:55.0830 0276  MODEMCSA - ok
09:31:55.0846 0276  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:31:55.0877 0276  monitor - ok
09:31:55.0892 0276  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:31:55.0892 0276  mouclass - ok
09:31:55.0924 0276  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:31:55.0971 0276  mouhid - ok
09:31:56.0002 0276  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:31:56.0002 0276  MountMgr - ok
09:31:56.0064 0276  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:31:56.0080 0276  MozillaMaintenance - ok
09:31:56.0158 0276  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:31:56.0174 0276  MpFilter - ok
09:31:56.0205 0276  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:31:56.0221 0276  mpio - ok
09:31:56.0283 0276  MpKsle4a77429 - ok
09:31:56.0314 0276  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:31:56.0346 0276  mpsdrv - ok
09:31:56.0392 0276  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:31:56.0424 0276  MpsSvc - ok
09:31:56.0439 0276  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:31:56.0455 0276  Mraid35x - ok
09:31:56.0502 0276  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:31:56.0517 0276  MRxDAV - ok
09:31:56.0549 0276  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:31:56.0596 0276  mrxsmb - ok
09:31:56.0642 0276  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:31:56.0674 0276  mrxsmb10 - ok
09:31:56.0689 0276  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:31:56.0705 0276  mrxsmb20 - ok
09:31:56.0752 0276  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
09:31:56.0767 0276  msahci - ok
09:31:56.0783 0276  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:31:56.0799 0276  msdsm - ok
09:31:56.0830 0276  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
09:31:56.0861 0276  MSDTC - ok
09:31:56.0908 0276  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:31:56.0939 0276  Msfs - ok
09:31:56.0971 0276  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:31:56.0986 0276  msisadrv - ok
09:31:57.0017 0276  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:31:57.0049 0276  MSiSCSI - ok
09:31:57.0064 0276  msiserver - ok
09:31:57.0111 0276  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:31:57.0174 0276  MSKSSRV - ok
09:31:57.0221 0276  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:31:57.0236 0276  MsMpSvc - ok
09:31:57.0267 0276  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:31:57.0314 0276  MSPCLOCK - ok
09:31:57.0330 0276  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:31:57.0361 0276  MSPQM - ok
09:31:57.0392 0276  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:31:57.0408 0276  MsRPC - ok
09:31:57.0439 0276  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:31:57.0455 0276  mssmbios - ok
09:31:57.0471 0276  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:31:57.0502 0276  MSTEE - ok
09:31:57.0533 0276  [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
09:31:57.0564 0276  MTsensor - ok
09:31:57.0596 0276  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
09:31:57.0611 0276  Mup - ok
09:31:57.0658 0276  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
09:31:57.0705 0276  napagent - ok
09:31:57.0736 0276  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:31:57.0767 0276  NativeWifiP - ok
09:31:57.0830 0276  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:31:57.0861 0276  NDIS - ok
09:31:57.0892 0276  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:31:57.0908 0276  NdisTapi - ok
09:31:57.0924 0276  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:31:57.0971 0276  Ndisuio - ok
09:31:58.0017 0276  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:31:58.0049 0276  NdisWan - ok
09:31:58.0064 0276  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:31:58.0111 0276  NDProxy - ok
09:31:58.0142 0276  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:31:58.0189 0276  NetBIOS - ok
09:31:58.0221 0276  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:31:58.0252 0276  netbt - ok
09:31:58.0283 0276  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
09:31:58.0299 0276  Netlogon - ok
09:31:58.0346 0276  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
09:31:58.0377 0276  Netman - ok
09:31:58.0408 0276  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
09:31:58.0439 0276  netprofm - ok
09:31:58.0455 0276  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:31:58.0471 0276  NetTcpPortSharing - ok
09:31:58.0502 0276  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:31:58.0517 0276  nfrd960 - ok
09:31:58.0549 0276  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:31:58.0580 0276  NisDrv - ok
09:31:58.0611 0276  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
09:31:58.0642 0276  NisSrv - ok
09:31:58.0674 0276  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:31:58.0705 0276  NlaSvc - ok
09:31:58.0736 0276  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:31:58.0767 0276  Npfs - ok
09:31:58.0799 0276  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
09:31:58.0830 0276  nsi - ok
09:31:58.0861 0276  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:31:58.0892 0276  nsiproxy - ok
09:31:58.0955 0276  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:31:59.0002 0276  Ntfs - ok
09:31:59.0033 0276  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:31:59.0096 0276  ntrigdigi - ok
09:31:59.0111 0276  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
09:31:59.0142 0276  Null - ok
09:31:59.0158 0276  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:31:59.0174 0276  nvraid - ok
09:31:59.0189 0276  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:31:59.0205 0276  nvstor - ok
09:31:59.0221 0276  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:31:59.0236 0276  nv_agp - ok
09:31:59.0252 0276  NwlnkFlt - ok
09:31:59.0267 0276  NwlnkFwd - ok
09:31:59.0346 0276  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:31:59.0361 0276  odserv - ok
09:31:59.0408 0276  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:31:59.0439 0276  ohci1394 - ok
09:31:59.0486 0276  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:31:59.0502 0276  ose - ok
09:31:59.0564 0276  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:31:59.0627 0276  p2pimsvc - ok
09:31:59.0642 0276  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:31:59.0674 0276  p2psvc - ok
09:31:59.0721 0276  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
09:31:59.0767 0276  Parport - ok
09:31:59.0799 0276  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:31:59.0814 0276  partmgr - ok
09:31:59.0830 0276  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:31:59.0877 0276  Parvdm - ok
09:31:59.0908 0276  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:31:59.0939 0276  PcaSvc - ok
09:31:59.0971 0276  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
09:31:59.0986 0276  pci - ok
09:32:00.0017 0276  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
09:32:00.0033 0276  pciide - ok
09:32:00.0064 0276  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:32:00.0080 0276  pcmcia - ok
09:32:00.0127 0276  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:32:00.0205 0276  PEAUTH - ok
09:32:00.0299 0276  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
09:32:00.0408 0276  pla - ok
09:32:00.0455 0276  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:32:00.0486 0276  PlugPlay - ok
09:32:00.0517 0276  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:32:00.0549 0276  PNRPAutoReg - ok
09:32:00.0564 0276  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:32:00.0596 0276  PNRPsvc - ok
09:32:00.0642 0276  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:32:00.0674 0276  PolicyAgent - ok
09:32:00.0705 0276  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:32:00.0736 0276  PptpMiniport - ok
09:32:00.0767 0276  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
09:32:00.0783 0276  Processor - ok
09:32:00.0830 0276  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:32:00.0861 0276  ProfSvc - ok
09:32:00.0877 0276  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:32:00.0908 0276  ProtectedStorage - ok
09:32:00.0939 0276  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:32:00.0971 0276  PSched - ok
09:32:01.0002 0276  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
09:32:01.0017 0276  PSI - ok
09:32:01.0096 0276  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:32:01.0142 0276  ql2300 - ok
09:32:01.0174 0276  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:32:01.0189 0276  ql40xx - ok
09:32:01.0236 0276  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
09:32:01.0267 0276  QWAVE - ok
09:32:01.0299 0276  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:32:01.0314 0276  QWAVEdrv - ok
09:32:01.0330 0276  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:32:01.0361 0276  RasAcd - ok
09:32:01.0377 0276  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
09:32:01.0408 0276  RasAuto - ok
09:32:01.0424 0276  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:32:01.0455 0276  Rasl2tp - ok
09:32:01.0502 0276  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
09:32:01.0533 0276  RasMan - ok
09:32:01.0564 0276  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:32:01.0596 0276  RasPppoe - ok
09:32:01.0611 0276  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:32:01.0642 0276  RasSstp - ok
09:32:01.0674 0276  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:32:01.0689 0276  rdbss - ok
09:32:01.0721 0276  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:32:01.0752 0276  RDPCDD - ok
09:32:01.0799 0276  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:32:01.0830 0276  rdpdr - ok
09:32:01.0846 0276  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:32:01.0861 0276  RDPENCDD - ok
09:32:01.0892 0276  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:32:01.0939 0276  RDPWD - ok
09:32:01.0986 0276  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:32:02.0033 0276  RemoteAccess - ok
09:32:02.0080 0276  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:32:02.0096 0276  RemoteRegistry - ok
09:32:02.0142 0276  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
09:32:02.0174 0276  RpcLocator - ok
09:32:02.0205 0276  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
09:32:02.0236 0276  RpcSs - ok
09:32:02.0267 0276  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:32:02.0314 0276  rspndr - ok
09:32:02.0346 0276  [ 557D431125AA3D58F2D132FDA1EB8255 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
09:32:02.0392 0276  RTSTOR - ok
09:32:02.0424 0276  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
09:32:02.0424 0276  SamSs - ok
09:32:02.0455 0276  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:32:02.0471 0276  sbp2port - ok
09:32:02.0502 0276  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:32:02.0533 0276  SCardSvr - ok
09:32:02.0580 0276  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
09:32:02.0627 0276  Schedule - ok
09:32:02.0658 0276  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:32:02.0674 0276  SCPolicySvc - ok
09:32:02.0721 0276  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:32:02.0767 0276  sdbus - ok
09:32:02.0783 0276  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:32:02.0814 0276  SDRSVC - ok
09:32:02.0846 0276  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:32:02.0908 0276  secdrv - ok
09:32:02.0924 0276  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
09:32:02.0955 0276  seclogon - ok
09:32:03.0033 0276  [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
09:32:03.0096 0276  Secunia PSI Agent - ok
09:32:03.0158 0276  [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
09:32:03.0189 0276  Secunia Update Agent - ok
09:32:03.0221 0276  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
09:32:03.0267 0276  SENS - ok
09:32:03.0299 0276  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:32:03.0346 0276  Serenum - ok
09:32:03.0361 0276  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
09:32:03.0424 0276  Serial - ok
09:32:03.0424 0276  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:32:03.0455 0276  sermouse - ok
09:32:03.0502 0276  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:32:03.0533 0276  SessionEnv - ok
09:32:03.0549 0276  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:32:03.0596 0276  sffdisk - ok
09:32:03.0611 0276  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:32:03.0642 0276  sffp_mmc - ok
09:32:03.0658 0276  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:32:03.0689 0276  sffp_sd - ok
09:32:03.0721 0276  [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:32:03.0767 0276  sfloppy - ok
09:32:03.0799 0276  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:32:03.0830 0276  SharedAccess - ok
09:32:03.0861 0276  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:32:03.0908 0276  ShellHWDetection - ok
09:32:03.0924 0276  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:32:03.0939 0276  sisagp - ok
09:32:03.0955 0276  [ A029482BE40DEF54DF02FCE751AA16DC ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSGB6.sys
09:32:03.0986 0276  SiSGbeLH - ok
09:32:04.0033 0276  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:32:04.0049 0276  SiSRaid2 - ok
09:32:04.0064 0276  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:32:04.0080 0276  SiSRaid4 - ok
09:32:04.0236 0276  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:32:04.0392 0276  Skype C2C Service - ok
09:32:04.0439 0276  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
09:32:04.0455 0276  SkypeUpdate - ok
09:32:04.0580 0276  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
09:32:04.0721 0276  slsvc - ok
09:32:04.0736 0276  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:32:04.0767 0276  SLUINotify - ok
09:32:04.0814 0276  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:32:04.0846 0276  Smb - ok
09:32:04.0924 0276  [ C8A58FC905C9184FA70E37F71060C64D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
09:32:05.0017 0276  smserial - ok
09:32:05.0064 0276  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:32:05.0080 0276  SNMPTRAP - ok
09:32:05.0158 0276  [ A709DFA1674C1ED61EF7B5F29B38EEB1 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
09:32:05.0267 0276  SNP2UVC - ok
09:32:05.0299 0276  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
09:32:05.0314 0276  spldr - ok
09:32:05.0346 0276  [ 739DB668DBD812285ECC553E64A5E212 ] spmgr           C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
09:32:05.0361 0276  spmgr - ok
09:32:05.0392 0276  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:32:05.0424 0276  Spooler - ok
09:32:05.0439 0276  sptd - ok
09:32:05.0471 0276  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:32:05.0502 0276  srv - ok
09:32:05.0549 0276  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:32:05.0596 0276  srv2 - ok
09:32:05.0596 0276  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:32:05.0642 0276  srvnet - ok
09:32:05.0674 0276  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:32:05.0705 0276  SSDPSRV - ok
09:32:05.0705 0276  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:32:05.0736 0276  SstpSvc - ok
09:32:05.0799 0276  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
09:32:05.0830 0276  stisvc - ok
09:32:05.0861 0276  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:32:05.0877 0276  swenum - ok
09:32:05.0908 0276  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
09:32:05.0955 0276  swprv - ok
09:32:05.0971 0276  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:32:05.0986 0276  Symc8xx - ok
09:32:06.0002 0276  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:32:06.0017 0276  Sym_hi - ok
09:32:06.0033 0276  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:32:06.0049 0276  Sym_u3 - ok
09:32:06.0096 0276  [ 55F6E55CC2430CA8713387106FA79817 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:32:06.0096 0276  SynTP - ok
09:32:06.0142 0276  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
09:32:06.0189 0276  SysMain - ok
09:32:06.0236 0276  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:32:06.0267 0276  TabletInputService - ok
09:32:06.0299 0276  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:32:06.0330 0276  TapiSrv - ok
09:32:06.0361 0276  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
09:32:06.0392 0276  TBS - ok
09:32:06.0439 0276  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:32:06.0486 0276  Tcpip - ok
09:32:06.0517 0276  [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:32:06.0564 0276  Tcpip6 - ok
09:32:06.0580 0276  [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:32:06.0627 0276  tcpipreg - ok
09:32:06.0642 0276  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:32:06.0674 0276  TDPIPE - ok
09:32:06.0689 0276  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:32:06.0721 0276  TDTCP - ok
09:32:06.0752 0276  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:32:06.0799 0276  tdx - ok
09:32:06.0924 0276  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
09:32:07.0017 0276  TeamViewer7 - ok
09:32:07.0049 0276  [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
09:32:07.0080 0276  teamviewervpn - ok
09:32:07.0111 0276  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:32:07.0127 0276  TermDD - ok
09:32:07.0174 0276  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
09:32:07.0205 0276  TermService - ok
09:32:07.0236 0276  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
09:32:07.0252 0276  Themes - ok
09:32:07.0267 0276  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:32:07.0299 0276  THREADORDER - ok
09:32:07.0330 0276  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
09:32:07.0377 0276  TrkWks - ok
09:32:07.0424 0276  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:32:07.0455 0276  TrustedInstaller - ok
09:32:07.0486 0276  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:32:07.0517 0276  tssecsrv - ok
09:32:07.0627 0276  [ AF5F31156EE89D35AD6EC3179A805D23 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
09:32:07.0689 0276  TuneUp.UtilitiesSvc - ok
09:32:07.0736 0276  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
09:32:07.0752 0276  TuneUpUtilitiesDrv - ok
09:32:07.0783 0276  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:32:07.0799 0276  tunmp - ok
09:32:07.0846 0276  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:32:07.0861 0276  tunnel - ok
09:32:07.0892 0276  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:32:07.0892 0276  uagp35 - ok
09:32:07.0955 0276  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:32:07.0986 0276  udfs - ok
09:32:08.0033 0276  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:32:08.0064 0276  UI0Detect - ok
09:32:08.0096 0276  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:32:08.0111 0276  uliagpkx - ok
09:32:08.0142 0276  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:32:08.0158 0276  uliahci - ok
09:32:08.0174 0276  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:32:08.0189 0276  UlSata - ok
09:32:08.0221 0276  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:32:08.0221 0276  ulsata2 - ok
09:32:08.0252 0276  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:32:08.0283 0276  umbus - ok
09:32:08.0330 0276  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
09:32:08.0361 0276  upnphost - ok
09:32:08.0408 0276  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:32:08.0439 0276  usbccgp - ok
09:32:08.0455 0276  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:32:08.0502 0276  usbcir - ok
09:32:08.0533 0276  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:32:08.0564 0276  usbehci - ok
09:32:08.0596 0276  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:32:08.0627 0276  usbhub - ok
09:32:08.0658 0276  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:32:08.0674 0276  usbohci - ok
09:32:08.0721 0276  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:32:08.0752 0276  usbprint - ok
09:32:08.0783 0276  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:32:08.0814 0276  usbscan - ok
09:32:08.0846 0276  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:32:08.0861 0276  USBSTOR - ok
09:32:08.0908 0276  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:32:08.0924 0276  usbuhci - ok
09:32:08.0971 0276  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:32:09.0002 0276  usbvideo - ok
09:32:09.0017 0276  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
09:32:09.0049 0276  UxSms - ok
09:32:09.0096 0276  [ 6275822AC454A8A831D063841A4DBB5D ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
09:32:09.0111 0276  UxTuneUp - ok
09:32:09.0142 0276  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
09:32:09.0174 0276  vds - ok
09:32:09.0205 0276  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:32:09.0236 0276  vga - ok
09:32:09.0252 0276  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:32:09.0283 0276  VgaSave - ok
09:32:09.0299 0276  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:32:09.0314 0276  viaagp - ok
09:32:09.0330 0276  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:32:09.0361 0276  ViaC7 - ok
09:32:09.0377 0276  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
09:32:09.0392 0276  viaide - ok
09:32:09.0408 0276  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:32:09.0424 0276  volmgr - ok
09:32:09.0455 0276  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:32:09.0471 0276  volmgrx - ok
09:32:09.0502 0276  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:32:09.0517 0276  volsnap - ok
09:32:09.0564 0276  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:32:09.0580 0276  vsmraid - ok
09:32:09.0627 0276  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
09:32:09.0674 0276  VSS - ok
09:32:09.0721 0276  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
09:32:09.0752 0276  W32Time - ok
09:32:09.0799 0276  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:32:09.0846 0276  WacomPen - ok
09:32:09.0877 0276  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:32:09.0908 0276  Wanarp - ok
09:32:09.0908 0276  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:32:09.0939 0276  Wanarpv6 - ok
09:32:09.0971 0276  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:32:10.0002 0276  wcncsvc - ok
09:32:10.0033 0276  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:32:10.0064 0276  WcsPlugInService - ok
09:32:10.0080 0276  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
09:32:10.0096 0276  Wd - ok
09:32:10.0158 0276  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:32:10.0189 0276  Wdf01000 - ok
09:32:10.0236 0276  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:32:10.0283 0276  WdiServiceHost - ok
09:32:10.0299 0276  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:32:10.0330 0276  WdiSystemHost - ok
09:32:10.0361 0276  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
09:32:10.0392 0276  WebClient - ok
09:32:10.0424 0276  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:32:10.0455 0276  Wecsvc - ok
09:32:10.0486 0276  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:32:10.0502 0276  wercplsupport - ok
09:32:10.0533 0276  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:32:10.0564 0276  WerSvc - ok
09:32:10.0611 0276  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:32:10.0642 0276  WinDefend - ok
09:32:10.0642 0276  WinHttpAutoProxySvc - ok
09:32:10.0721 0276  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:32:10.0736 0276  Winmgmt - ok
09:32:10.0799 0276  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:32:10.0861 0276  WinRM - ok
09:32:10.0908 0276  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:32:10.0955 0276  Wlansvc - ok
09:32:11.0002 0276  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:32:11.0033 0276  WmiAcpi - ok
09:32:11.0080 0276  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:32:11.0142 0276  wmiApSrv - ok
09:32:11.0221 0276  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:32:11.0267 0276  WMPNetworkSvc - ok
09:32:11.0314 0276  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:32:11.0346 0276  WPCSvc - ok
09:32:11.0392 0276  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:32:11.0424 0276  WPDBusEnum - ok
09:32:11.0439 0276  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:32:11.0455 0276  WpdUsb - ok
09:32:11.0549 0276  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:32:11.0580 0276  WPFFontCache_v0400 - ok
09:32:11.0596 0276  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:32:11.0627 0276  ws2ifsl - ok
09:32:11.0658 0276  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
09:32:11.0689 0276  wscsvc - ok
09:32:11.0689 0276  WSearch - ok
09:32:11.0783 0276  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
09:32:11.0877 0276  wuauserv - ok
09:32:11.0908 0276  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:32:11.0939 0276  WudfPf - ok
09:32:11.0986 0276  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:32:12.0002 0276  WUDFRd - ok
09:32:12.0033 0276  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:32:12.0049 0276  wudfsvc - ok
09:32:12.0111 0276  [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
09:32:12.0174 0276  yukonwlh - ok
09:32:12.0252 0276  [ 74EC37B9EAF9FCA015B933A526825C7A ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
09:32:12.0267 0276  {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
09:32:12.0299 0276  ================ Scan global ===============================
09:32:12.0330 0276  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:32:12.0377 0276  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:32:12.0392 0276  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
09:32:12.0439 0276  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:32:12.0439 0276  [Global] - ok
09:32:12.0439 0276  ================ Scan MBR ==================================
09:32:12.0455 0276  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
09:32:13.0017 0276  \Device\Harddisk0\DR0 - ok
09:32:13.0017 0276  ================ Scan VBR ==================================
09:32:13.0017 0276  [ 6C031D41BCEC18A54A37E791410BAB24 ] \Device\Harddisk0\DR0\Partition1
09:32:13.0017 0276  \Device\Harddisk0\DR0\Partition1 - ok
09:32:13.0033 0276  [ 3CE3DD99321839A3AFB9905DF7E0AD7B ] \Device\Harddisk0\DR0\Partition2
09:32:13.0033 0276  \Device\Harddisk0\DR0\Partition2 - ok
09:32:13.0033 0276  ============================================================
09:32:13.0033 0276  Scan finished
09:32:13.0033 0276  ============================================================
09:32:13.0064 0256  Detected object count: 4
09:32:13.0064 0256  Actual detected object count: 4
09:34:22.0908 0256  ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:22.0908 0256  ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:34:22.0908 0256  Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:22.0908 0256  Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:34:22.0908 0256  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:22.0908 0256  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:34:22.0924 0256  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:34:22.0924 0256  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-14 09:11:56
-----------------------------
09:11:56.000    OS Version: Windows 6.0.6002 Service Pack 2
09:11:56.000    Number of processors: 2 586 0xF0D
09:11:56.000    ComputerName: XXX
09:12:06.438    AVAST engine defs: 13011301
09:12:12.125    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-0
09:12:12.157    Disk 0 Vendor: Hitachi_HTS543225L9A300 FBEOC40C Size: 238475MB BusType: 3
09:12:12.219    Disk 0 MBR read successfully
09:12:12.219    Disk 0 MBR scan
09:12:12.250    Disk 0 unknown MBR code
09:12:12.266    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    10001 MB offset 63
09:12:12.297    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       119232 MB offset 20482875
09:12:12.313    Disk 0 Partition - 00     0F Extended LBA            109238 MB offset 264670875
09:12:12.360    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       109238 MB offset 264670938
09:12:12.407    Disk 0 scanning sectors +488392065
09:12:12.578    Disk 0 scanning C:\Windows\system32\drivers
09:12:42.969    Service scanning
09:13:12.375    Modules scanning
09:13:21.469    Disk 0 trace - called modules:
09:13:21.516    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
09:13:21.516    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860c2ac8]
09:13:21.532    3 CLASSPNP.SYS[8a9b18b3] -> nt!IofCallDriver -> [0x85908918]
09:13:21.532    5 acpi.sys[806996bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-0[0x85906b98]
09:13:22.422    AVAST engine scan C:\Windows
09:13:27.938    AVAST engine scan C:\Windows\system32
09:18:34.907    AVAST engine scan C:\Windows\system32\drivers
09:19:58.141    AVAST engine scan C:\Users\Admin
09:22:55.610    AVAST engine scan C:\ProgramData
09:25:24.735    Scan finished successfully
09:29:00.092    Disk 0 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
09:29:00.092    The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"

cosinus · 14.01.2013, 10:17

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

klein_lola · 14.01.2013, 10:23

Code:

ATTFilter

# AdwCleaner v2.105 - Datei am 14/01/2013 um 10:22:15 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Admin - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\searchplugins\babylon1.xml
Datei Gefunden : C:\Users\XXx\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\bprotector_extensions.sqlite
Datei Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\bprotector_prefs.js
Datei Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\searchplugins\daemon-search.xml
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\ConduitEngine
Ordner Gefunden : C:\Program Files\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Admin\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Admin\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\Smartbar
Ordner Gefunden : C:\Users\xxx\AppData\Local\Conduit
Ordner Gefunden : C:\Users\xxx\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\xxx\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\Conduit
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\ConduitCommon
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\CT2269050
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\CT2438727
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Ordner Gefunden : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gefunden : C:\Users\\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\d55d98cb53ded43
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\d55d98cb53ded43
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKU\S-1-5-21-2435554401-882913050-925788319-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-2435554401-882913050-925788319-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19393

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=109958&tt=0113_4&babsrc=HP_ss&mntrId=fc7e111200000000000000ffda41a6cd

-\\ Mozilla Firefox v16.0.2 (de)

Datei : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\prefs.js

Gefunden : user_pref("CT2269050..clientLogIsEnabled", false);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.AppTrackingLastCheckTime", "Sat Aug 20 2011 12:46:45 GMT+0200");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true);
Gefunden : user_pref("CT2269050.CT2269050", "CT2269050");
Gefunden : user_pref("CT2269050.CurrentServerDate", "12-1-2013");
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Thu Jan 10 2013 17:20:17 GMT+0100");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Wed Sep 07 2011 19:12:06 GMT+0200");
Gefunden : user_pref("CT2269050.FirstServerDate", "3-7-2011");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstalledDate", "Sun Jul 03 2011 11:33:50 GMT+0200");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsInitSetupIni", true);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2269050.IsProtectorsInit", true);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Sat Jan 12 2013 09:08:47 GMT+0100");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 20:45:32 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 18:40:36 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.14.1.0", "Tue Aug 28 2012 21:08:53 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:46:07 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.16.0.100", "Sat Jan 12 2013 09:08:26 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.16.0.3", "Mon Dec 31 2012 10:23:11 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.5.0.12", "Mon Aug 15 2011 13:40:05 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.6.0.10", "Wed Sep 07 2011 17:37:28 GMT+0200");
Gefunden : user_pref("CT2269050.LatestVersion", "3.16.0.3");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Wed Sep 07 2011 17:05:17 GMT+0200");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2269050.SavedHomepage", "hxxp://www.daemon-search.com/startpage");
Gefunden : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sat Jan 12 2013 09:08:21 GMT+0100");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2269050.SearchProtectorEnabled", false);
Gefunden : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Sat Jan 12 2013 09:08:47 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Sat Jan 12 2013 09:08:20 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1357975058");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Sep 05 2011 14:22:40 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2269050.UserID", "UN99371263986113818");
Gefunden : user_pref("CT2269050.ValidationData_Search", 0);
Gefunden : user_pref("CT2269050.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Wed Sep 07 2011 19:06:13 GMT+0200");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.autoDisableScopes", -1);
Gefunden : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6C71716D7371766F");
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737277777379777C75242F4B4947[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g>d", "66686D3D714241757A754479462049494C792521234E502A56[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Gefunden : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Gefunden : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Gefunden : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D464[...]
Gefunden : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "673A3E706B4372427A767575784A7B7E4A4D782352");
Gefunden : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C71716D72716E78767774");
Gefunden : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Gefunden : user_pref("CT2269050.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Gefunden : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Gefunden : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Gefunden : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gefunden : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Gefunden : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gefunden : user_pref("CT2269050.backendstorage.cbcountry_001", "4445");
Gefunden : user_pref("CT2269050.backendstorage.cbfirsttime", "467269204F637420323620323031322031393A34363A33302[...]
Gefunden : user_pref("CT2269050.backendstorage.facebook_mode", "32");
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "4D6F6E204F637420303120323031322031383A[...]
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Gefunden : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E66616365626F6F6B2E636F6[...]
Gefunden : user_pref("CT2269050.backendstorage.youtube_user_first_login_date", "30372F31312F32303131");
Gefunden : user_pref("CT2269050.backendstorage.youtube_user_survey_visit", "4E4F545F56495349544544");
Gefunden : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Gefunden : user_pref("CT2269050.components.1000515", true);
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Wed Sep 07 2011 17:37:24 GMT+0200");
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2269050.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129391330693125668,129[...]
Gefunden : user_pref("CT2269050.revertSettingsEnabled", true);
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sat Jan 12 2013 09:08:47 GMT+0100");
Gefunden : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sat Aug 27 2011 08:16:50 GMT+0200");
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CT2438727..clientLogIsEnabled", false);
Gefunden : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2438727.CTID", "CT2438727");
Gefunden : user_pref("CT2438727.CurrentServerDate", "12-1-2013");
Gefunden : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2438727.DialogsGetterLastCheckTime", "Thu Jan 10 2013 17:20:17 GMT+0100");
Gefunden : user_pref("CT2438727.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2438727.FirstServerDate", "20-5-2010");
Gefunden : user_pref("CT2438727.FirstTime", true);
Gefunden : user_pref("CT2438727.FirstTimeFF3", true);
Gefunden : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2438727.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2438727.Initialize", true);
Gefunden : user_pref("CT2438727.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2438727.InstallationType", "Unknown");
Gefunden : user_pref("CT2438727.InstalledDate", "Thu May 20 2010 16:23:05 GMT+0200");
Gefunden : user_pref("CT2438727.IsGrouping", false);
Gefunden : user_pref("CT2438727.IsMulticommunity", false);
Gefunden : user_pref("CT2438727.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2438727.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2438727.LanguagePackLastCheckTime", "Fri Jan 11 2013 20:14:51 GMT+0100");
Gefunden : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2438727.LastLogin_2.5.8.6", "Thu May 20 2010 16:23:11 GMT+0200");
Gefunden : user_pref("CT2438727.LastLogin_3.12.0.7", "Sun Apr 29 2012 08:21:44 GMT+0200");
Gefunden : user_pref("CT2438727.LastLogin_3.12.2.3", "Thu May 31 2012 20:45:33 GMT+0200");
Gefunden : user_pref("CT2438727.LastLogin_3.13.0.6", "Mon Jul 16 2012 19:26:23 GMT+0200");
Gefunden : user_pref("CT2438727.LastLogin_3.14.1.0", "Tue Aug 28 2012 21:08:51 GMT+0200");
Gefunden : user_pref("CT2438727.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:46:07 GMT+0100");
Gefunden : user_pref("CT2438727.LastLogin_3.16.0.3", "Sat Jan 12 2013 09:08:47 GMT+0100");
Gefunden : user_pref("CT2438727.LatestVersion", "3.16.0.3");
Gefunden : user_pref("CT2438727.Locale", "en");
Gefunden : user_pref("CT2438727.LoginCache", 4);
Gefunden : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2438727.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gefunden : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Fri Jan 11 2013 20:14:50 GMT+0100");
Gefunden : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2438727.ServiceMapLastCheckTime", "Fri Jan 11 2013 20:14:48 GMT+0100");
Gefunden : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2438727.SettingsLastCheckTime", "Sat Jan 12 2013 09:08:22 GMT+0100");
Gefunden : user_pref("CT2438727.SettingsLastUpdate", "1357975380");
Gefunden : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu May 20 2010 16:23:03 GMT+0200");
Gefunden : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Gefunden : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Gefunden : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2438727.UserID", "UN52676676216882500");
Gefunden : user_pref("CT2438727.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2438727.alertChannelId", "832836");
Gefunden : user_pref("CT2438727.clientLogIsEnabled", true);
Gefunden : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2438727.initDone", true);
Gefunden : user_pref("CT2438727.myStuffEnabled", true);
Gefunden : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2438727.revertSettingsEnabled", true);
Gefunden : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2438727.testingCtid", "");
Gefunden : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Fri Jan 11 2013 20:14:49 GMT+0100");
Gefunden : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CT2438727.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477175123412[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477178459350[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e9e[...]
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\\\AppData\\Roaming\\Moz[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://chat.loke.com/?utm_source=Conduit&utm_med[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/MarketPlace/07/dd/07c[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://storage.conduit.com/MarketPlace/07/dd/07caac7[...]
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie= UTF-8&o[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu May 20 2010 16:23:04 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu May 20 2010 16:23:03 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "{8726ede9-73db-47e4-8b17-a2f3c638a9b4}");
Gefunden : user_pref("CommunityToolbar.globalUserId", "8ff56618-5961-4411-892a-98285a4d2a81");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Sep 03 2011 19:49:0[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Sep 07 2011 17:05:25 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Sep 07 2011 13:37:21 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "7d5a8c7a-a0b3-4683-a704-d3c627d86d16");
Gefunden : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=[...]

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\prefs.js

Gefunden : user_pref("CT2625848.1000082.isDisplayHidden", "true");
Gefunden : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gefunden : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "eyJ1cGRhdGVSZXFUaW1lIjoxMzQ4NDAwOT[...]
Gefunden : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gefunden : user_pref("CT2625848.FirstTime", "true");
Gefunden : user_pref("CT2625848.FirstTimeFF3", "true");
Gefunden : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT262[...]
Gefunden : user_pref("CT2625848.UserID", "UN38386072672685615");
Gefunden : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Gefunden : user_pref("CT2625848.autoDisableScopes", -1);
Gefunden : user_pref("CT2625848.browser.search.defaultthis.engineName", true);
Gefunden : user_pref("CT2625848.defaultSearch", "true");
Gefunden : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"cross[...]
Gefunden : user_pref("CT2625848.enableAlerts", "false");
Gefunden : user_pref("CT2625848.enableSearchFromAddressBar", "true");
Gefunden : user_pref("CT2625848.firstTimeDialogOpened", "true");
Gefunden : user_pref("CT2625848.fixPageNotFoundError", "true");
Gefunden : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Gefunden : user_pref("CT2625848.fixUrls", true);
Gefunden : user_pref("CT2625848.installId", "ConduitNSISIntegration");
Gefunden : user_pref("CT2625848.installType", "ConduitNSISIntegration");
Gefunden : user_pref("CT2625848.isCheckedStartAsHidden", true);
Gefunden : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
Gefunden : user_pref("CT2625848.isNewTabEnabled", true);
Gefunden : user_pref("CT2625848.isPerformedSmartBarTransition", "true");
Gefunden : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gefunden : user_pref("CT2625848.keyword", true);
Gefunden : user_pref("CT2625848.migrateAppsAndComponents", true);
Gefunden : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fgamecopyworld.co[...]
Gefunden : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.openThankYouPage", "false");
Gefunden : user_pref("CT2625848.openUninstallPage", "true");
Gefunden : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Gefunden : user_pref("CT2625848.search.searchCount", "0");
Gefunden : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Gefunden : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gefunden : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348308290773");
Gefunden : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1348308290254");
Gefunden : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348308292261");
Gefunden : user_pref("CT2625848.serviceLayer_services_login_10.13.1.89_lastUpdate", "1353240969193");
Gefunden : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1348308291564");
Gefunden : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348308292332");
Gefunden : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1348308289502");
Gefunden : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1353240968974");
Gefunden : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348308292121");
Gefunden : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1353240969106");
Gefunden : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1353240969161");
Gefunden : user_pref("CT2625848.settingsINI", true);
Gefunden : user_pref("CT2625848.shouldFirstTimeDialog", "false");
Gefunden : user_pref("CT2625848.smartbar.CTID", "CT2625848");
Gefunden : user_pref("CT2625848.smartbar.Uninstall", "0");
Gefunden : user_pref("CT2625848.smartbar.homepage", true);
Gefunden : user_pref("CT2625848.smartbar.isHidden", true);
Gefunden : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
Gefunden : user_pref("CT2625848.startPage", "userChanged");
Gefunden : user_pref("CT2625848.toolbarBornServerTime", "22-9-2012");
Gefunden : user_pref("CT2625848.toolbarCurrentServerTime", "18-11-2012");
Gefunden : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gefunden : user_pref("Smartbar.ConduitHomepagesList", "");
Gefunden : user_pref("Smartbar.ConduitSearchEngineList", "");
Gefunden : user_pref("Smartbar.ConduitSearchUrlList", "");
Gefunden : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");
Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gefunden : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar.id", "fc7e111200000000000000ffda41a6cd");
Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15709");
Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.rvrt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958&tt=0113_4");
Gefunden : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:09:49");

*************************

AdwCleaner[R1].txt - [43735 octets] - [14/01/2013 10:22:15]

########## EOF - C:\AdwCleaner[R1].txt - [43796 octets] ##########

cosinus · 14.01.2013, 10:48

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

klein_lola · 14.01.2013, 15:46

Code:

ATTFilter

# AdwCleaner v2.105 - Datei am 14/01/2013 um 15:01:43 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Admin - PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\searchplugins\babylon1.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\enz\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\ConduitEngine
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Admin\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\Smartbar
Ordner Gelöscht : C:\Users\\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\Conduit
Ordner Gelöscht : C:\Users\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\ConduitCommon
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\CT2269050
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\CT2438727
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Users\\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\d55d98cb53ded43
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\d55d98cb53ded43
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19393

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=109958&tt=0113_4&babsrc=HP_ss&mntrId=fc7e111200000000000000ffda41a6cd --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (de)

Datei : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\prefs.js

C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\hd3pkner.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2269050..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.AppTrackingLastCheckTime", "Sat Aug 20 2011 12:46:45 GMT+0200");
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true);
Gelöscht : user_pref("CT2269050.CT2269050", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "14-1-2013");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.DialogsGetterLastCheckTime", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Wed Sep 07 2011 19:12:06 GMT+0200");
Gelöscht : user_pref("CT2269050.FirstServerDate", "3-7-2011");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2269050.HomePageProtectorEnabled", false);
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2269050.InstalledDate", "Sun Jul 03 2011 11:33:50 GMT+0200");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsInitSetupIni", true);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2269050.IsProtectorsInit", true);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 20:45:32 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 18:40:36 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.14.1.0", "Tue Aug 28 2012 21:08:53 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:46:07 GMT+0100");
Gelöscht : user_pref("CT2269050.LastLogin_3.16.0.100", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2269050.LastLogin_3.16.0.3", "Mon Dec 31 2012 10:23:11 GMT+0100");
Gelöscht : user_pref("CT2269050.LastLogin_3.5.0.12", "Mon Aug 15 2011 13:40:05 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.6.0.10", "Wed Sep 07 2011 17:37:28 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "3.16.0.3");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Wed Sep 07 2011 17:05:17 GMT+0200");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2269050.SavedHomepage", "hxxp://www.daemon-search.com/startpage");
Gelöscht : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Jan 14 2013 13:58:45 GMT+0100");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SearchProtectorEnabled", false);
Gelöscht : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2269050.ServiceMapLastCheckTime", "Mon Jan 14 2013 13:58:46 GMT+0100");
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Mon Jan 14 2013 13:58:44 GMT+0100");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1358149259");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Mon Sep 05 2011 14:22:40 GMT+0200");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
Gelöscht : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gelöscht : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2269050.UserID", "UN99371263986113818");
Gelöscht : user_pref("CT2269050.ValidationData_Search", 0);
Gelöscht : user_pref("CT2269050.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Wed Sep 07 2011 19:06:13 GMT+0200");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.autoDisableScopes", -1);
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6C71716D7371766F");
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737277777379777C75242F4B4947[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b-0?3g>d", "66686D3D714241757A754479462049494C792521234E502A56[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Gelöscht : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Gelöscht : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Gelöscht : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484775213F3E484F4E4D464[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "673A3E706B4372427A767575784A7B7E4A4D782352");
Gelöscht : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C71716D72716E78767774");
Gelöscht : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Gelöscht : user_pref("CT2269050.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Gelöscht : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Gelöscht : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Gelöscht : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gelöscht : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Gelöscht : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gelöscht : user_pref("CT2269050.backendstorage.cbcountry_001", "4445");
Gelöscht : user_pref("CT2269050.backendstorage.cbfirsttime", "467269204F637420323620323031322031393A34363A33302[...]
Gelöscht : user_pref("CT2269050.backendstorage.facebook_mode", "32");
Gelöscht : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "4D6F6E204F637420303120323031322031383A[...]
Gelöscht : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Gelöscht : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E66616365626F6F6B2E636F6[...]
Gelöscht : user_pref("CT2269050.backendstorage.youtube_user_first_login_date", "30372F31312F32303131");
Gelöscht : user_pref("CT2269050.backendstorage.youtube_user_survey_visit", "4E4F545F56495349544544");
Gelöscht : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Gelöscht : user_pref("CT2269050.components.1000515", true);
Gelöscht : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Wed Sep 07 2011 17:37:24 GMT+0200");
Gelöscht : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.initDone", true);
Gelöscht : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2269050.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129391330693125668,129[...]
Gelöscht : user_pref("CT2269050.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.testingCtid", "");
Gelöscht : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sat Aug 27 2011 08:16:50 GMT+0200");
Gelöscht : user_pref("CT2269050.usagesFlag", 2);
Gelöscht : user_pref("CT2438727..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.CTID", "CT2438727");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "14-1-2013");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DialogsGetterLastCheckTime", "Mon Jan 14 2013 13:58:48 GMT+0100");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2438727.FirstServerDate", "20-5-2010");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2438727.InstallationType", "Unknown");
Gelöscht : user_pref("CT2438727.InstalledDate", "Thu May 20 2010 16:23:05 GMT+0200");
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Mon Jan 14 2013 13:58:48 GMT+0100");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_2.5.8.6", "Thu May 20 2010 16:23:11 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.12.0.7", "Sun Apr 29 2012 08:21:44 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.12.2.3", "Thu May 31 2012 20:45:33 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.13.0.6", "Mon Jul 16 2012 19:26:23 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.14.1.0", "Tue Aug 28 2012 21:08:51 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:46:07 GMT+0100");
Gelöscht : user_pref("CT2438727.LastLogin_3.16.0.3", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2438727.LatestVersion", "3.16.0.3");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.LoginCache", 4);
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Mon Jan 14 2013 13:58:47 GMT+0100");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2438727.ServiceMapLastCheckTime", "Mon Jan 14 2013 13:58:46 GMT+0100");
Gelöscht : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Mon Jan 14 2013 13:58:45 GMT+0100");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1358150067");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu May 20 2010 16:23:03 GMT+0200");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Gelöscht : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2438727.UserID", "UN52676676216882500");
Gelöscht : user_pref("CT2438727.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.clientLogIsEnabled", true);
Gelöscht : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.initDone", true);
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.testingCtid", "");
Gelöscht : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Mon Jan 14 2013 13:58:48 GMT+0100");
Gelöscht : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CT2438727.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477175123412[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477178459350[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e9e[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\\AppData\\Roaming\\Moz[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://chat.loke.com/?utm_source=Conduit&utm_med[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/7/176/CT1764407/Brows[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://storage.conduit.com/MarketPlace/07/dd/07c[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://storage.conduit.com/MarketPlace/07/dd/07caac7[...]
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie= UTF-8&o[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2269050");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2269050");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu May 20 2010 16:23:04 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu May 20 2010 16:23:03 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{8726ede9-73db-47e4-8b17-a2f3c638a9b4}");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "8ff56618-5961-4411-892a-98285a4d2a81");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Sep 03 2011 19:49:0[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Sep 07 2011 17:05:25 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Sep 07 2011 13:37:21 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "7d5a8c7a-a0b3-4683-a704-d3c627d86d16");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=[...]

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\prefs.js

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2esxun62.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
Gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "eyJ1cGRhdGVSZXFUaW1lIjoxMzQ4NDAwOT[...]
Gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2625848.FirstTime", "true");
Gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");
Gelöscht : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT262[...]
Gelöscht : user_pref("CT2625848.UserID", "UN38386072672685615");
Gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT2625848.autoDisableScopes", -1);
Gelöscht : user_pref("CT2625848.browser.search.defaultthis.engineName", true);
Gelöscht : user_pref("CT2625848.defaultSearch", "true");
Gelöscht : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"cross[...]
Gelöscht : user_pref("CT2625848.enableAlerts", "false");
Gelöscht : user_pref("CT2625848.enableSearchFromAddressBar", "true");
Gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT2625848.fixPageNotFoundError", "true");
Gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT2625848.fixUrls", true);
Gelöscht : user_pref("CT2625848.installId", "ConduitNSISIntegration");
Gelöscht : user_pref("CT2625848.installType", "ConduitNSISIntegration");
Gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT2625848.isNewTabEnabled", true);
Gelöscht : user_pref("CT2625848.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2625848.keyword", true);
Gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fgamecopyworld.co[...]
Gelöscht : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.openThankYouPage", "false");
Gelöscht : user_pref("CT2625848.openUninstallPage", "true");
Gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Gelöscht : user_pref("CT2625848.search.searchCount", "0");
Gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348308290773");
Gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1348308290254");
Gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348308292261");
Gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.13.1.89_lastUpdate", "1353240969193");
Gelöscht : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1348308291564");
Gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348308292332");
Gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1348308289502");
Gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1353240968974");
Gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348308292121");
Gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1353240969106");
Gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1353240969161");
Gelöscht : user_pref("CT2625848.settingsINI", true);
Gelöscht : user_pref("CT2625848.shouldFirstTimeDialog", "false");
Gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");
Gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT2625848.smartbar.homepage", true);
Gelöscht : user_pref("CT2625848.smartbar.isHidden", true);
Gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
Gelöscht : user_pref("CT2625848.startPage", "userChanged");
Gelöscht : user_pref("CT2625848.toolbarBornServerTime", "22-9-2012");
Gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "18-11-2012");
Gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");
Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");
Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");
Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "fc7e111200000000000000ffda41a6cd");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15709");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.rvrt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958&tt=0113_4");
Gelöscht : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:09:49");

*************************

AdwCleaner[R1].txt - [43866 octets] - [14/01/2013 10:22:15]
AdwCleaner[S1].txt - [43719 octets] - [14/01/2013 15:01:43]

########## EOF - C:\AdwCleaner[S1].txt - [43780 octets] ##########

Code:

ATTFilter

OTL logfile created on: 14.01.2013 15:23:51 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Admin\Downloads\André
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,16% Memory free
6,19 Gb Paging File | 5,35 Gb Available in Paging File | 86,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 21,05 Gb Free Space | 18,08% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 106,63 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Admin\Downloads\André\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\program files\teamviewer\version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKsle4a77429) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5159D02-5E59-4752-AE50-4BFFF5DFCCC1}\MpKsle4a77429.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (Aspi32) -- C:\Windows\System32\drivers\ASPI32.sys (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2435554401-882913050-925788319-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2435554401-882913050-925788319-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2435554401-882913050-925788319-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2435554401-882913050-925788319-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\Windows\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\z\AppData\Roaming\5018 [2011.06.14 14:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.12 11:45:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.12 11:44:47 | 000,000,000 | ---D | M]
 
[2012.02.12 18:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.01.12 18:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\2esxun62.default\extensions
[2013.01.12 18:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\2esxun62.default\extensions\trash
[2013.01.04 16:10:37 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\2esxun62.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.12 11:44:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.01.12 11:44:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.12 11:45:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 13:10:19 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.01.13 21:04:21 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2435554401-882913050-925788319-1001..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2435554401-882913050-925788319-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2435554401-882913050-925788319-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O7 - HKU\S-1-5-21-2435554401-882913050-925788319-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68C77064-0C27-4561-80FD-C7D46EEBBF88}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F255A252-3E2B-411A-9C7B-87E9C58BD95B}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.14 08:58:29 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Admin\Desktop\tdsskiller.exe
[2013.01.14 08:55:33 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Admin\Desktop\aswMBR.exe
[2013.01.13 21:10:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp
[2013.01.13 21:04:42 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.13 21:02:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.13 20:53:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.13 20:53:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.13 20:53:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.13 20:53:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.13 20:52:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.13 20:49:28 | 005,021,655 | R--- | C] (Swearware) -- C:\Users\Admin\Desktop\ComboFix.exe
[2013.01.13 19:24:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\mbar
[2013.01.12 17:47:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Seven Zip
[2013.01.12 15:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.01.12 11:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.09 17:29:00 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 17:27:04 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.08 17:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.01.08 17:34:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\QuickScan
[2013.01.08 17:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.08 17:22:29 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.08 17:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.04 16:12:30 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Audacity
[2013.01.04 16:12:11 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2013.01.04 16:10:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Optimizer Pro
[2013.01.04 16:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2013.01.04 16:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Optimizer Pro
[2012.12.22 20:48:39 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 20:48:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.14 15:20:19 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.14 15:20:13 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.14 15:20:13 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.14 15:20:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.14 15:20:03 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.14 15:04:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.14 14:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.14 14:31:59 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000UA.job
[2013.01.14 10:21:49 | 000,554,087 | ---- | M] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.01.14 09:29:00 | 000,000,512 | ---- | M] () -- C:\Users\Admin\Desktop\MBR.dat
[2013.01.14 08:58:30 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Admin\Desktop\tdsskiller.exe
[2013.01.14 08:56:22 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Admin\Desktop\aswMBR.exe
[2013.01.13 21:04:21 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.13 20:50:41 | 005,021,655 | R--- | M] (Swearware) -- C:\Users\Admin\Desktop\ComboFix.exe
[2013.01.13 20:31:59 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2435554401-882913050-925788319-1000Core.job
[2013.01.13 19:23:46 | 013,462,931 | ---- | M] () -- C:\Users\Admin\Desktop\mbar-1.01.0.1016.zip
[2013.01.12 11:40:26 | 000,000,176 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2013.01.11 21:16:43 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.01.10 17:50:44 | 000,416,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.10 17:32:00 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.10 17:32:00 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.10 17:32:00 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.10 17:32:00 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.08 17:22:40 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.04 16:12:24 | 000,000,811 | ---- | M] () -- C:\Users\Admin\Desktop\Audacity.lnk
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
 
========== Files Created - No Company Name ==========
 
[2013.01.14 10:21:48 | 000,554,087 | ---- | C] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.01.14 09:29:00 | 000,000,512 | ---- | C] () -- C:\Users\Admin\Desktop\MBR.dat
[2013.01.13 20:53:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.13 20:53:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.13 20:53:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.13 20:53:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.13 20:53:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.13 19:23:28 | 013,462,931 | ---- | C] () -- C:\Users\Admin\Desktop\mbar-1.01.0.1016.zip
[2013.01.12 11:40:10 | 000,000,176 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2013.01.08 17:22:40 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.04 16:12:24 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.01.04 16:12:24 | 000,000,811 | ---- | C] () -- C:\Users\Admin\Desktop\Audacity.lnk
[2012.08.18 14:51:02 | 000,009,728 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.04 17:33:22 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.01.04 17:29:31 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.01.20 13:37:23 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 14.01.2013 15:23:51 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Admin\Downloads\André
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,16% Memory free
6,19 Gb Paging File | 5,35 Gb Available in Paging File | 86,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 21,05 Gb Free Space | 18,08% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 106,63 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: -PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-2435554401-882913050-925788319-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2435554401-882913050-925788319-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2435554401-882913050-925788319-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{364B4408-C02B-4C2C-BA87-03F9FF6F4F1A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{45A57A59-0969-4107-B0F2-7C9116FE9209}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{58086E85-30DA-4B8A-A82F-97E40C8A8F84}" = lport=138 | protocol=17 | dir=in | app=system | 
"{60C4AD9C-CDBF-4FAB-825D-D27108636C83}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6444D312-011F-4ADC-9364-D6FDB8E1BC24}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{6C06E174-1566-49B0-91DF-B1B9EE89A339}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6E57E63B-3054-4E64-871C-18C9EAB8A940}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8A36CDBB-C88A-4004-918F-4A9D5F7F984B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9B47BBC4-A858-468B-9D82-158C85787E49}" = rport=139 | protocol=6 | dir=out | app=system | 
"{AC589E97-DC4A-4FE7-80EF-A12D0BE9B811}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D6E031E5-644D-423C-BEAC-C59604A5ECE2}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0046740C-CCC7-41DE-AF11-7D06A1C3C4F0}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{0073226B-518F-4F63-90BD-A86667F2D9B6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{36CD98A9-64C0-461B-B6CD-ADB1A5BBDFF1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{53A56A29-2AFB-449A-A066-87CE9C352D1D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{8FD482C2-8C57-463A-BE2F-94C0B84B6275}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{96EFA47B-2685-4DA8-8A3F-B35E743028A7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A2BBE6E5-35E5-44BC-948F-6BF91A1F259A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{A3ABE10B-16E9-444C-9B8A-C3F626AD335F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A4C78A03-0511-4C29-B60F-8A23F7573F77}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{ACD7568B-3AF0-47ED-A153-D2DCFC066522}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{AEA2B79E-D5F5-4934-9B3A-E6095BEDC7D0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C257D73B-0B23-4FC4-937C-23261CE1E3E5}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{EDFAA43C-CBDD-4F8F-9439-4DCAC1F86B94}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd9.exe | 
"{F92579BB-3104-45AA-B1E7-6C0BADA075EC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{FA837C62-3BFE-43C7-8571-5EE193142628}" = dir=in | app=c:\program files\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{FFE84319-9671-45F8-8E68-DE3601D13626}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"TCP Query User{0A62B40E-C696-4B4B-8D9A-A56681331FA8}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{0C6DB888-7840-4F9C-86BC-5BB7E1E7F597}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{2FA63ABF-8DC7-4643-8905-17A4D641B966}E:\autorun.exe" = protocol=6 | dir=in | app=e:\autorun.exe | 
"TCP Query User{4725B8FA-CBE7-4E7B-9784-6EAEEE277EFD}E:\zenoreader.exe" = protocol=6 | dir=in | app=e:\zenoreader.exe | 
"TCP Query User{56815FE9-B0EC-4774-ABDC-79D9800844F4}C:\users\\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{64A77AB0-839D-49B4-8845-7B5C9BF43AAC}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{6A7B7154-5B14-4F32-9605-D8A75721522D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{8264E69D-387D-4513-8929-4D435DA265D6}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{977726A3-CDB0-42A0-B897-B4BA52D9C1B2}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{D654AE92-FB50-48E1-B5FD-45187B39495A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{56A64251-1E8F-47C8-985B-B3BCEC94B526}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{5D8DD8A2-AA51-4E4C-9065-29B1F348A031}E:\autorun.exe" = protocol=17 | dir=in | app=e:\autorun.exe | 
"UDP Query User{69BACE84-646E-426B-964F-7B750D14E78B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{740BBDA9-52AD-4BB9-89B8-7898DF2D1242}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{76109494-8038-421C-BA09-DA4F841F103E}E:\zenoreader.exe" = protocol=17 | dir=in | app=e:\zenoreader.exe | 
"UDP Query User{AB50FD31-E27C-4BA1-A8C5-1FA4CCD50AF6}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{B3009139-5EB5-4996-B506-2080ADC10B7D}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{E883CF81-23E1-44C4-9FB2-CCD914CF3B72}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{F115B19F-769C-444D-8A2A-1089ED97E41C}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{F31F7B82-0C34-4514-A636-B2F1D09DB9C9}C:\users\\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{088D5DC3-A607-DF3D-6406-7CA7F597F25F}" = Catalyst Control Center Localization Norwegian
"{0A1129C7-E4F7-4EDC-DD38-DC8B467F5DAD}" = CCC Help Italian
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11435553-1388-0583-98C3-AD3C49E9A038}" = Catalyst Control Center Graphics Full Existing
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1C94CB71-A432-873C-E0AC-121EDBD817CE}" = CCC Help German
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{230142CE-A81E-CC3C-35CC-5CC8A49CCB1E}" = Catalyst Control Center Localization Japanese
"{232C78A8-87C5-4E17-A0C5-CEDFDDF04366}" = WinLernen Diktattrainer
"{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29B9C0F8-380D-133D-6551-142BB77F94C8}" = ccc-core-static
"{2C85768B-0BDA-8FB8-3CC8-B36C3CD86151}" = Catalyst Control Center Localization Thai
"{3117A9EF-16BE-3404-CBC8-9AC1BB009335}" = CCC Help French
"{31C74C17-B0AC-0F77-E772-9F7FA9891E36}" = CCC Help Turkish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{37D7562E-389B-6675-13E2-6D4F6994DD9A}" = Catalyst Control Center Localization Dutch
"{389E3080-0B6D-BA11-3369-490623D5FD49}" = CCC Help Portuguese
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A1AF860-2EB4-40EB-9827-17575880D3CE}" = bhv Vokabeltrainer 3.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE772A4-97F3-806B-924F-6D77EE00C1AE}" = CCC Help Hungarian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{431633E7-E6A4-3205-3B80-3F9BC437F797}" = Skins
"{46647CBB-A2D5-AA8E-F951-1712A74668C4}" = Catalyst Control Center Localization Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{52F3D26F-AE33-2F25-1374-DDB65CEB12F3}" = CCC Help Czech
"{54FB7140-FD80-2389-3332-9D85FC74915D}" = Catalyst Control Center Localization Swedish
"{593D6CC5-D02A-BF6C-6463-278368587E02}" = Catalyst Control Center Localization Greek
"{5C1748A8-912B-DF0B-5C35-A9C3A2D546A7}" = Catalyst Control Center Localization Czech
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5EB5EEA7-6432-5827-0080-899DA70A97BA}" = ATI Catalyst Install Manager
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F5D5DE9-D467-43D4-0D43-68B4598FF5CB}" = Catalyst Control Center Localization Russian
"{60204E20-6172-2517-9B6F-6A87416956A1}" = CCC Help Dutch
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6AE16305-FD12-FFF0-85FA-722360417549}" = Catalyst Control Center Localization Korean
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7234908A-5F80-B67A-8DE8-98B75FA43810}" = CCC Help Chinese Traditional
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730801C2-7C9B-2260-614D-A44767CA5DBC}" = CCC Help Thai
"{73B9CDF5-9B29-3DD5-0028-C68CD2490F1E}" = CCC Help Korean
"{7DEEE76B-ED3D-657E-5475-D67ADA440E47}" = CCC Help Norwegian
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{8439EDA7-A85C-E830-2E23-197A1BFD24F5}" = Catalyst Control Center Localization Italian
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9980C99E-6954-614B-EA1C-333473FC2900}" = ccc-utility
"{9A55D681-02D1-6E48-F717-3ACFF6DBB27C}" = CCC Help Russian
"{9B74C58F-A6AE-F383-4AC1-F432FDF35884}" = CCC Help Chinese Standard
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56D5FF-9B49-4435-B23C-E6FE1D4C708C}" = Wild Earth - Africa
"{9F88C8F3-5953-B3D7-7F91-A7CE3A6F5119}" = Catalyst Control Center Localization Finnish
"{A4E83A4C-B057-E197-F156-2FBEFA0761FE}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C95D56-88AA-0CF9-FFE4-E0A45C04A6DC}" = Catalyst Control Center Localization Portuguese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AEA1F5BA-BC7A-05F2-2832-58B4BCEAABEB}" = Catalyst Control Center Localization Danish
"{B10DEBAF-64A4-0FB5-9518-97A21DC2A321}" = CCC Help Greek
"{B5D0714F-56A4-52A2-4C62-6B4E8853F25A}" = Catalyst Control Center Localization Spanish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B7F425-0B72-E926-06FF-136154B31077}" = CCC Help Japanese
"{BA09B3B4-7D61-B444-52AE-4C3C3CADADDA}" = CCC Help Spanish
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5AEAA52-29F8-DF1E-B472-C2ABDC6EA349}" = Catalyst Control Center Localization Chinese Traditional
"{CC77812E-22CB-754E-15C4-1E7BB9B2E89A}" = Catalyst Control Center Graphics Previews Vista
"{CC81D746-51BB-4F97-52EB-BF64E14B1904}" = CCC Help Swedish
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE0CD9D-7759-7D58-F33D-D1968D29B8A2}" = Catalyst Control Center Localization Hungarian
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45D831B-1431-0A69-841B-828F958E95BB}" = CCC Help Danish
"{D9F9D5C6-B889-C333-033B-863C85BB0D6F}" = CCC Help Finnish
"{DA918D70-293B-6776-CD3C-7965EC7D8680}" = Catalyst Control Center Graphics Previews Common
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD07CD74-B4BF-1347-D10C-5A32485D8451}" = CCC Help English
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3DE4A3B-DB2A-9107-BCDD-1C6A64CFB4F5}" = Catalyst Control Center Localization German
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAEDD68A-1037-35C3-707A-1A5316856EF8}" = Catalyst Control Center Core Implementation
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F8875B-F4F4-6BBC-5D86-CFAD9D6B7F12}" = Catalyst Control Center Localization Polish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53B03FE-A48A-9051-F350-554E415730F5}" = Catalyst Control Center Localization Chinese Standard
"{F6141E53-ABEC-97AF-99E7-C12588A20812}" = Catalyst Control Center Graphics Full New
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8935FC0-DE7D-41C3-FC9C-7867B29D2E10}" = Catalyst Control Center Graphics Light
"{FFA6416E-798F-773E-B7A9-0F79BA40ECB8}" = CCC Help Polish
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audacity_is1" = Audacity 2.0.2
"bhv Schule total 2008/09 Starter" = bhv Schule total 2008/09 Starter
"Catz2" = Catz2 (remove only)
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Frogger" = Frogger v3.0e
"Horse Life_is1" = Horse Life
"InstallShield_{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"JungleGames" = Spielesammlung
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Optimizer Pro_is1" = Optimizer Pro v3.0
"Origin" = Origin
"PROHYBRIDR" = 2007 Microsoft Office system
"QuizTime 1.03" = QuizTime 1.03
"RollerCoaster Tycoon Setup" = Roll
"Schule total Mathematik Klasse 5" = Schule total Mathematik Klasse 5 v4.0
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 7" = TeamViewer 7
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.01.2013 06:43:36 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.01.2013 07:41:58 | Computer Name = C | Source = Perflib | ID = 1010
Description = 
 
Error - 12.01.2013 15:32:05 | Computer Name = -PC | Source = Google Update | ID = 20
Description = 
 
Error - 13.01.2013 07:20:30 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.01.2013 16:05:39 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.01.2013 03:23:02 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.01.2013 08:58:41 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.01.2013 09:27:26 | Computer Name = nz-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung vt.exe, Version 3.0.0.134, Zeitstempel 0x45ab5c39,
 fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18704, Zeitstempel 0x5065ccb6,
 Ausnahmecode 0xc000008f, Fehleroffset 0x0003fc16,  Prozess-ID 0x50c, Anwendungsstartzeit
 01cdf25ac856c3e5.
 
Error - 14.01.2013 09:27:48 | Computer Name = PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 14.01.2013 10:01:16 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.01.2013 10:21:43 | Computer Name = -PC | Source = WinMgmt | ID = 10
Description = 
 
[ OSession Events ]
Error - 30.10.2011 06:37:06 | Computer Name = -PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4870
 seconds with 1140 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 13.01.2013 15:52:52 | Computer Name = z-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 13.01.2013 15:54:56 | Computer Name = -PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 13.01.2013 15:58:31 | Computer Name = -PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 13.01.2013 16:02:34 | Computer Name = -PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 13.01.2013 16:02:45 | Computer Name = -PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 13.01.2013 16:10:31 | Computer Name = -PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 14.01.2013 03:23:38 | Computer Name = -PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 14.01.2013 09:00:15 | Computer Name = -PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 14.01.2013 10:01:48 | Computer Name = -PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 14.01.2013 10:22:14 | Computer Name = -PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >

cosinus · 14.01.2013, 15:48

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
FF - user.js - File not found
O4 - HKU\S-1-5-21-2435554401-882913050-925788319-1001..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
:Files
C:\Program Files\Optimizer Pro
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

klein_lola · 14.01.2013, 16:04

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2435554401-882913050-925788319-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro deleted successfully.
C:\Program Files\Optimizer Pro\OptProLauncher.exe moved successfully.
========== FILES ==========
C:\Program Files\Optimizer Pro folder moved successfully.
< ipconfig /flushdns /c >
No captured output from command...
C:\Users\Admin\Downloads\André\cmd.bat deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Admin
->Temp folder emptied: 76684653 bytes
->Temporary Internet Files folder emptied: 2706453 bytes
->FireFox cache emptied: 87631061 bytes
->Flash cache emptied: 545 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Elena Lorenz
->Temp folder emptied: 97368 bytes
->Temporary Internet Files folder emptied: 49554 bytes
->Java cache emptied: 69527 bytes
->FireFox cache emptied: 770901425 bytes
->Flash cache emptied: 16803 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 332332 bytes
RecycleBin emptied: 4967 bytes
 
Total Files Cleaned = 895,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 01142013_155342

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...