|
Log-Analyse und Auswertung: wie entferne ich delta search IIWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.03.2013, 08:37 | #1 |
| wie entferne ich delta search II lieber support, leider kann ich auf den gleichgenannten thread nicht antworten.. deswegen ein neuer.. habe mir auch durch download eines programmes den trojaner delta search eingefangen.. wollte dann die drei schritte abarbeiten, kann nun aber in schritt 2 den adw.cleaner nicht installieren, weil sich die filepony.de seite nicht öffnet... kann mir da jemand weiterhelfen? weiterhin kam in schritt 1 bei der deinstallation don delta search toolbar der hinweis dass microsoft visual c++ 2008 redistributable 9.0.... auch deinstalliert werden sollte... wusste nicht zunächst wo und wie.. jetzt habe ich unter systemsteuerung > software fünf solcher programme gefunden.. handelt es sich um jene und welche soll ich nun deinstallieren? aufgefallen war mir delta search ebenfalls durch das öffnen eines neuen tabs... nach schritt 1 aber ist dieses problem bereits behoben.. dennoch weitermachen? herzlichen dank für eure mühe! lallas79 jetzt hats doch geklappt die adwaresoftware herunterzuladen... hier meine drei log files.. vielen dank füs helfen :-) stefan |
13.03.2013, 16:53 | #2 |
/// TB-Ausbilder | wie entferne ich delta search IIMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Nur Delta Search über die Systemsteuerung deinstallieren, sonst nichts. Wir sehen uns deinen Rechner etwas genauer an. Schritt 1 Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).
Code:
ATTFilter activex msconfig CREATERESTOREPOINT
Schritt 2 Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit)
Bitte poste mit deiner nächsten Antwort
|
13.03.2013, 18:33 | #3 |
| wie entferne ich delta search II hallo matthias,
__________________herzlichen dank für deine hilfe!!OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.03.2013 18:25:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\stefanlamp\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,79% Memory free 4,84 Gb Paging File | 4,38 Gb Available in Paging File | 90,65% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 146,49 Gb Total Space | 133,19 Gb Free Space | 90,92% Space Free | Partition Type: NTFS Drive D: | 151,56 Gb Total Space | 69,69 Gb Free Space | 45,98% Space Free | Partition Type: NTFS Computer Name: STEFAN | User Name: stefanlamp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.13 18:22:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\stefanlamp\Desktop\OTL.exe PRC - [2013.02.11 11:56:30 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.08.31 18:11:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.08.31 18:10:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.08.31 18:10:19 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.08.31 18:10:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.08.31 18:10:06 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.09.09 15:01:16 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe PRC - [2011.09.09 14:49:30 | 000,643,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe PRC - [2009.03.13 08:56:00 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe PRC - [2009.03.13 08:55:00 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe PRC - [2009.03.13 08:55:00 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe PRC - [2009.03.13 08:55:00 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe PRC - [2009.02.20 17:36:00 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe PRC - [2009.02.20 17:36:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- c:\Programme\IDT\XPV10_6147v005\WDM\stacsv.exe PRC - [2009.02.20 17:35:00 | 000,729,088 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe PRC - [2009.01.08 10:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\drivers\o2flash.exe PRC - [2008.07.10 19:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe PRC - [2008.07.10 19:32:38 | 000,352,256 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\WLKEEPER.exe PRC - [2008.07.10 19:30:46 | 001,351,680 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe PRC - [2008.07.10 19:23:22 | 000,901,120 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe PRC - [2008.07.10 19:13:50 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe PRC - [2008.07.10 19:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe PRC - [2008.04.14 00:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004.07.15 22:05:56 | 000,124,416 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe ========== Modules (No Company Name) ========== MOD - [2012.08.31 18:11:25 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2008.07.10 19:25:20 | 000,057,344 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\CustomUIResource.dll MOD - [2008.07.10 19:15:30 | 000,200,704 | ---- | M] () -- C:\Programme\Intel\WiFi\bin\iWMSProv.dll MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013.03.01 07:42:13 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.11 11:56:30 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013.02.07 16:59:00 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.31 18:11:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.08.31 18:10:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.08.31 18:10:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.02.20 17:36:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Programme\IDT\XPV10_6147v005\WDM\stacsv.exe -- (STacSV) SRV - [2009.01.16 12:12:22 | 000,074,392 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2009.01.08 10:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\WINDOWS\system32\drivers\o2flash.exe -- (O2FLASH) SRV - [2008.07.10 19:42:14 | 000,819,200 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008.07.10 19:32:38 | 000,352,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) SRV - [2008.07.10 19:23:22 | 000,901,120 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) SRV - [2008.07.10 19:12:40 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2006.10.26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Boot | Stopped] -- -- (cerc6) DRV - [2012.08.31 18:11:56 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.08.31 18:11:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.08.31 18:11:55 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.08.31 18:11:54 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.03.13 08:55:00 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009.02.20 17:36:00 | 001,548,339 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2009.02.20 17:35:00 | 000,112,512 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud) DRV - [2009.02.02 14:54:00 | 000,120,064 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2009.01.08 10:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2mdg.sys -- (O2MDGRDR) DRV - [2009.01.08 10:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sdg.sys -- (O2SDGRDR) DRV - [2008.06.26 05:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) DRV - [2008.04.18 14:48:50 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.02.07 16:59:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.10.12 14:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\stefanlamp\Anwendungsdaten\Mozilla\Extensions [2013.03.10 08:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\stefanlamp\Anwendungsdaten\Mozilla\Firefox\Profiles\vt8v02b8.default\extensions [2013.02.07 16:58:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.02.07 16:59:00 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2013.01.19 14:20:13 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.19 14:20:13 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2013.01.19 14:20:13 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2013.01.19 14:20:13 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.19 14:20:13 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.19 14:20:13 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 00:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation) O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP) O4 - HKLM..\Run: [IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-861567501-1580818891-1801674531-1003..\Run: [HP Officejet 6600 (NET)] C:\Programme\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-861567501-1580818891-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\stefanlamp\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{682A8333-98AD-43B8-A086-D6CE54F20C4A}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.10.12 08:00:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.03.13 18:22:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\stefanlamp\Desktop\OTL.exe [2013.03.10 11:58:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\stefanlamp\Startmenü\Programme\Verwaltung [2013.03.10 11:58:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\stefanlamp\Eigene Dateien\Eigene Videos [2013.03.05 20:50:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2013.03.05 20:42:16 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe [2013.03.04 10:52:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\stefanlamp\Desktop\htc.one.s [2013.02.25 16:05:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump ========== Files - Modified Within 30 Days ========== [2013.03.13 18:22:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\stefanlamp\Desktop\OTL.exe [2013.03.13 18:13:49 | 000,061,170 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2013.03.13 18:13:26 | 000,200,610 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013.03.13 18:13:24 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.03.13 18:13:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.03.12 23:05:00 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.03.12 22:41:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.03.12 05:13:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013.03.10 20:40:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2013.03.10 14:19:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2013.03.10 14:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2013.03.10 10:10:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013.03.01 07:42:13 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.03.01 07:42:13 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.03.01 07:42:11 | 016,473,456 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013.03.01 02:48:16 | 000,020,992 | ---- | M] () -- C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.02.20 23:46:22 | 000,061,170 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat ========== Files Created - No Company Name ========== [2013.01.18 12:36:05 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\stefanlamp\.SIG_PINSTATUS_VOREINSTELLUNG [2013.01.18 12:36:05 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\stefanlamp\.SIG_DIALOG_VOREINSTELLUNG [2012.12.05 16:16:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.04.24 19:59:44 | 000,000,043 | ---- | C] () -- C:\WINDOWS\festo.ini [2012.04.16 18:29:09 | 000,158,560 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.04.09 13:17:50 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ament.ini [2012.01.16 18:44:54 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2012.01.16 18:44:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe [2012.01.16 18:43:59 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2011.12.13 17:51:21 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011.10.19 15:16:54 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2011.10.18 08:03:55 | 000,020,992 | ---- | C] () -- C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.10.12 08:58:07 | 000,061,170 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat [2011.10.12 08:56:26 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2011.10.12 08:56:25 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2011.10.12 08:56:25 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2011.10.12 08:56:23 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2011.10.12 08:56:20 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2011.10.12 08:56:19 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2011.10.12 08:56:11 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2011.10.12 08:56:08 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2011.10.12 08:51:58 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.10.12 08:51:02 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.10.12 08:02:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.10.12 07:58:06 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== ZeroAccess Check ========== [2012.04.11 07:36:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.10.31 12:33:21 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 00:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Custom Scans ========== < > < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.03.2013 18:25:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\stefanlamp\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 83,79% Memory free 4,84 Gb Paging File | 4,38 Gb Available in Paging File | 90,65% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 146,49 Gb Total Space | 133,19 Gb Free Space | 90,92% Space Free | Partition Type: NTFS Drive D: | 151,56 Gb Total Space | 69,69 Gb Free Space | 45,98% Space Free | Partition Type: NTFS Computer Name: STEFAN | User Name: stefanlamp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-861567501-1580818891-1801674531-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Dokumente und Einstellungen\stefanlamp\Anwendungsdaten\File Scout\filescout.exe" /open "%1" Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "C:\Programme\HP\HP Officejet 6600\Bin\DeviceSetup.exe" = C:\Programme\HP\HP Officejet 6600\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Geräteeinrichtung (HP Officejet 6600) -- (Hewlett-Packard Co.) "C:\Programme\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe" = C:\Programme\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netzwerkkommunikator (HP Officejet 6600) -- (Hewlett-Packard Co.) "C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ""Bilder-CD Metallbautechnik Fachbildung"_is1" = Bilder-CD für Metallbautechnik Fachbildung, 4. Aufl - Einzelliz "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{348E6CDF-A6AE-45E6-B0AB-65A07B3C715E}" = O2Micro Flash Memory Card Windows Driver "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007 "{9813D8C7-92E3-4C20-83FA-CCB4ED4605AD}" = Studie zur Verbesserung von HP Officejet 6600 Produkten "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch "{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel(R) PROSet/Wireless WiFi-Software "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{BE09DD64-706D-4975-8034-E561C270D1E5}" = HP Officejet 6600 - Grundlegende Software für das Gerät "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C818BA3A-226F-4ED0-9CEF-96A0DF300211}" = HP Officejet 6600 Hilfe "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR "{CB87D276-2F4A-453A-A2D8-D597927C59A0}" = Tabellenbuch Metall digital 6.0 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AFPL Ghostscript 8.14" = AFPL Ghostscript 8.14 "AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira Free Antivirus "BASICR" = Microsoft Office Basic 2007 "Bilder-CD Fachkunde Metall_is1" = Bilder-CD Fachkunde Metall, 55. Auflage - Einzellizenz "Bilder-CD Rechenbuch Metall_is1" = Bilder-CD Rechenbuch Metall, 30. Aufl 2. Dq - Einzellizenz "ElsterFormular 13.2.0.8623k" = ElsterFormular "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free YouTube Download_is1" = Free YouTube Download version 3.1.23.403 "FreePDF_XP" = FreePDF XP (Remove only) "InstallShield_{348E6CDF-A6AE-45E6-B0AB-65A07B3C715E}" = O2Micro Flash Memory Card Windows Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MindManager Smart" = MindManager Smart "Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Intel PROSet Wireless "Redirection Port Monitor" = RedMon - Redirection Port Monitor "VLC media player" = VLC media player 1.0.1 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WinRAR archiver" = WinRAR Archivierer ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 06.10.2012 04:00:22 | Computer Name = STEFAN | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig. . Error - 06.10.2012 04:00:22 | Computer Name = STEFAN | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig. . Error - 06.10.2012 04:00:24 | Computer Name = STEFAN | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig. . Error - 06.10.2012 04:00:30 | Computer Name = STEFAN | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig. . Error - 14.10.2012 01:25:34 | Computer Name = STEFAN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung fpassist.exe, Version 3.0.0.106, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 14.10.2012 01:25:34 | Computer Name = STEFAN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung fpassist.exe, Version 3.0.0.106, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 17.10.2012 00:49:49 | Computer Name = STEFAN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 10.0.2.4428, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 29.10.2012 03:00:29 | Computer Name = STEFAN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung fpassist.exe, Version 3.0.0.106, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 09.01.2013 11:57:01 | Computer Name = STEFAN | Source = Microsoft Office 12 | ID = 1000 Description = Faulting application winword.exe, version 12.0.6331.5000, stamp 48fa27b4, faulting module oart.dll, version 12.0.4518.1014, stamp 454283f8, debug? 0, fault address 0x00008424. Error - 12.03.2013 01:17:02 | Computer Name = STEFAN | Source = Microsoft Office 12 | ID = 5000 Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6331.5000, P3 wwlib.dll, P4 12.0.6331.5000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL. [ OSession Events ] Error - 24.01.2012 03:39:44 | Computer Name = STEFAN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6341.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 275 seconds with 240 seconds of active time. This session ended with a crash. Error - 09.05.2012 15:55:46 | Computer Name = STEFAN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 5930 seconds with 2760 seconds of active time. This session ended with a crash. Error - 09.01.2013 11:56:59 | Computer Name = STEFAN | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 4682 seconds with 3300 seconds of active time. This session ended with a crash. [ System Events ] Error - 11.03.2013 22:09:48 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 11.03.2013 22:09:48 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 12.03.2013 01:23:55 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 12.03.2013 01:23:55 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 12.03.2013 01:23:55 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 12.03.2013 13:11:05 | Computer Name = STEFAN | Source = PSched | ID = 14103 Description = QoS [Adapter {B220D1FD-1C79-423F-8CFC-31EC60BC5724}]: Die Abfrage des Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen. Error - 12.03.2013 16:09:07 | Computer Name = STEFAN | Source = PSched | ID = 14103 Description = QoS [Adapter {B220D1FD-1C79-423F-8CFC-31EC60BC5724}]: Die Abfrage des Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen. Error - 13.03.2013 13:13:32 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 13.03.2013 13:13:32 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error - 13.03.2013 13:13:32 | Computer Name = STEFAN | Source = DCOM | ID = 10016 Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung (Lokal) für die COM-Serveranwendung mit CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. < End of report > |
13.03.2013, 18:37 | #4 |
/// TB-Ausbilder | wie entferne ich delta search II Servus, fehlt nur noch die Logdatei von SystemLook. |
13.03.2013, 18:39 | #5 |
| wie entferne ich delta search II SystemLook 30.07.11 by jpshortstuff Log created at 18:37 on 13/03/2013 by stefanlamp Administrator - Elevation successful ========== folderfind ========== Searching for "delta*" No folders found. Searching for "babylon*" No folders found. Searching for "IBUpdater*" No folders found. Searching for "AskToolbar*" C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar d------ [17:18 31/08/2012] Searching for "Conduit*" No folders found. Searching for "DVDVideoSoftTB*" No folders found. Searching for "PriceGong*" No folders found. ========== regfind ========== Searching for "babylon" No data found. Searching for "IBUpdater" [HKEY_USERS\.DEFAULT\Software\IBUpdaterService] [HKEY_USERS\S-1-5-18\Software\IBUpdaterService] Searching for "AskToolbar" [HKEY_CURRENT_USER\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}\1.0\0\win32] @="C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll" [HKEY_USERS\.DEFAULT\Software\Ask.com] "RegPath"="Software\AskToolbar\Macro" [HKEY_USERS\.DEFAULT\Software\AskToolbar] [HKEY_USERS\.DEFAULT\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\Contains\Files] "C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll"="" [HKEY_USERS\.DEFAULT\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\Contains\Files] "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll"="" [HKEY_USERS\.DEFAULT\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\DownloadInformation] "INF"="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\avr-3.inf" [HKEY_USERS\.DEFAULT\Software\AskToolbar\Prefs] "DataDir"="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\" [HKEY_USERS\.DEFAULT\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}\1.0\0\win32] @="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll" [HKEY_USERS\S-1-5-21-861567501-1580818891-1801674531-1003\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}\1.0\0\win32] @="C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll" [HKEY_USERS\S-1-5-21-861567501-1580818891-1801674531-1003_Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}\1.0\0\win32] @="C:\Dokumente und Einstellungen\stefanlamp\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll" [HKEY_USERS\S-1-5-18\Software\Ask.com] "RegPath"="Software\AskToolbar\Macro" [HKEY_USERS\S-1-5-18\Software\AskToolbar] [HKEY_USERS\S-1-5-18\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\Contains\Files] "C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll"="" [HKEY_USERS\S-1-5-18\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\Contains\Files] "C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll"="" [HKEY_USERS\S-1-5-18\Software\AskToolbar\Code Store Database\Distribution Units\{A0359AE6-F410-4425-A975-684AAB785ABD}\DownloadInformation] "INF"="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\avr-3.inf" [HKEY_USERS\S-1-5-18\Software\AskToolbar\Prefs] "DataDir"="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\" [HKEY_USERS\S-1-5-18\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}\1.0\0\win32] @="C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\AviraBrowserSecurity.dll" Searching for "Conduit" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\uninstall.exe"="Conduit Engine Uninstall" [HKEY_USERS\.DEFAULT\Software\Conduit] [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Data\Feeds\661999] "Url"="hxxp://alerts.conduit-services.com/root/666138/661999/DE" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings] "ALPServicesServerName"="hxxp://alert.services.conduit.com" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings] "ALPClientsServerName"="hxxp://alert.client.conduit.com" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings] "AutoUpdateServerName"="hxxp://alert.storage.conduit.com" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings\Services\ChannelsSettings] "URL"="hxxp://alert.services.conduit.com/channels/?aid=EB_CHANNEL_ID" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings\Services\DynamicDialogs] "URL"="hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings\Services\Login] "URL"="hxxp://alert.services.conduit.com/Alerts/AlertServices.asmx/AlertLogin" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings\Services\Translation] "URL"="hxxp://alerts.conduit-services.com/translation/?locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\Conduit\Community Alerts\Settings\Services\Usage] "URL"="hxxp://alert.services.conduit.com/Alerts/AlertServices.asmx/SetAlertUsageRequest" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "Server"="users.conduit.com" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "GroupingServerURL"="hxxp://grouping.services.conduit.com/" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "PrivacyPageURL"="hxxp://www.conduit.com/privacy/Default.aspx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "DisplayTrusteSeal"="hxxp://trust.conduit.com/EB_ORIGINAL_CTID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "UsageURL"="hxxp://usage.users.conduit.com/UsersWebService.asmx/UsersRequests" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "ClientLogURL"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "UninstallURL"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "AppsDetectionUrlPattern"="hxxp://appdownload.conduit.com/" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050] [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ABTestUsage] "ServiceUrl"="hxxp://tb-test.conduit-data.com" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppRegisterUsage] "ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppRegistration.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppsMetaData] "ServiceUrl"="hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppsSettings] "ServiceUrl"="hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppTrackingFirstTime] "ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppTrackingUsage] "ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/Usage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppUninstallUsage] "ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppUninstall.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\BrowserToolbarsInfo] "ServiceUrl"="hxxp://counting.usage.toolbar.conduit-services.com/usage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ClientErrorLog] "ServiceUrl"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\DynamicDialogs] "ServiceUrl"="hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\GottenAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\HostingUsage] "ServiceUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\LocationService] "ServiceUrl"="hxxp://ip2location.conduit-services.com/ip/" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\OtherAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\RecoveryService] "ServiceUrl"="hxxp://recovery.conduit-services.com/toolbar" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SearchInNewTabBlank] "ServiceUrl"="hxxp://storage.conduit.com/SearchInNewTab/SearchInNewTabBlank.html" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SearchSettings] "ServiceUrl"="hxxp://API.search.conduit.com/Settings/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SharedAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarAppComponentUsage] "ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarAppUsage] "ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarComponentUsage] "ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarGrouping] "ServiceUrl"="hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=GetGroup&ctid=EB_ORIGINAL_CTID&lut=0&locale=EB_OS_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenLogin] "ServiceUrl"="hxxp://login.hiddentoolbar.conduit-services.com/Login.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenSettings] "ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenSettingsForSB] "ServiceUrl"="hxxp://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarLogin] "ServiceUrl"="hxxp://login.toolbar.conduit-services.com/Login.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettings] "ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsForPublisher] "ServiceUrl"="hxxp://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsForSB] "ServiceUrl"="hxxp://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsPublisherForSB] "ServiceUrl"="hxxp://settings.publisher.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarTranslation] "ServiceUrl"="hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarUninstall] "ServiceUrl"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarUsage] "ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\UninstallDialog] "ServiceUrl"="hxxp://UninstallDialog.conduit-services.com/view/view.aspx?ctid=EB_TOOLBAR_ID&version=EB_TOOLBAR_VERSION" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\UninstallDialogUsage] "ServiceUrl"="hxxp://uninstalldialogusage.toolbar.conduit-services.com/Usage.ashx" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050_CT2269050] [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050_en] [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\1051808044] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\1516623658] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\175814262] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\226245588] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\2526533536] "dbname"="conduit_CT2269050_en" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\2676808154] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\346401304] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\4017212782] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings] "HomePageUrl"="hxxp://search.conduit.com/?ctid=CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings] "APITrustedDomains"="conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForum Toolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.c om,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings] "SocialDomains"="social.conduit.com;apps.conduit.com;services.apps.conduit.com" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\BackHandStorage\http___storage_conduit_com_PS_ShoppingApp_V1_pgcb1_2_html_ctid=CT2269050] [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\BrowserSearch] "URLFromService"="hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\BrowserSearch] "ConduitEnabled"="TRUE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\HomePage] "URLFromService"="hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\HomePage] "ConduitEnabled"="TRUE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\MyStuff] "AddStuffLink"="hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\MyStuff] "ConduitEnable"="TRUE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\RadioPlayer] "ServerUrl"="hxxp://radio.services.conduit.com/RadioRequest.ctp" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\Search\Settings] "ContextMenuSearchUrl"="hxxp://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsDataUrlConduit"="hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsEnabledByConduit"="TRUE" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsUsageUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\Update] "ModuleURL"="hxxp://ieupdate.conduit.com/ver6.9.0.16/tbedrs.dll" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\Upgrade] "ModuleURL"="hxxp://ieupgrade.conduit-download.com/IEUpgrade/ver6.9.0.16/tbedrs.dll" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\Weather] "SearchServerUrl"="hxxp://search.conduit.com/" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings\Weather\en] "Forecast"="<FORECAST><LOCATION_ID>SZXX0033</LOCATION_ID><DAYS><DAY1><DATE>20120831</DATE><DAY>Friday</DAY><F_MIN>50</F_MIN><F_MAX>55</F_MAX><C_MIN>10</C_MIN><C_MAX>12</C_MAX><UV_DESCRIPTION>High</UV_DESCRIPTION><UV_INDEX>6</UV_INDEX><SUNSET>8:07 pm</SUNSET><SUNRISE>6:44 am</SUNRISE><MOONRISE>7:39 pm</MOONRISE><MOONSET>6:35 am</MOONSET><MOON_PHASE>Full</MOON_PHASE><CONDITION_DESCRIPTION>Rain</CONDITION_DESCRIPTION><CONDITION_ICON>hxxp://weather.conduit.com/images/weather/Default/rain_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20120901</DATE><DAY>Saturday</DAY><F_MIN>47</F_MIN><F_MAX>53</F_MAX><C_MIN>8</C_MIN><C_MAX>11</C_MAX><UV_DESCRIPTION>Moderate</UV_DESCRIPTION><UV_INDEX>3</UV_INDEX><SUNSET>8:05 pm</SUNSET><SUNRISE>6:45 am</SUNRISE><MOONRISE>8:04 pm</MOONRISE><MOONSET>7:44 am</MOONSET><MOON_PHASE>Waning Gibbous</MOON_PHASE><CONDITION_DESCRIPTION>Rain</CONDITION_DESCRIPTION><CONDITION_ICON>hxxp://weather.conduit.com/images/weather/D [HKEY_USERS\S-1-5-21-861567501-1580818891-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\uninstall.exe"="Conduit Engine Uninstall" [HKEY_USERS\S-1-5-18\Software\Conduit] [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Data\Feeds\661999] "Url"="hxxp://alerts.conduit-services.com/root/666138/661999/DE" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings] "ALPServicesServerName"="hxxp://alert.services.conduit.com" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings] "ALPClientsServerName"="hxxp://alert.client.conduit.com" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings] "AutoUpdateServerName"="hxxp://alert.storage.conduit.com" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings\Services\ChannelsSettings] "URL"="hxxp://alert.services.conduit.com/channels/?aid=EB_CHANNEL_ID" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings\Services\DynamicDialogs] "URL"="hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings\Services\Login] "URL"="hxxp://alert.services.conduit.com/Alerts/AlertServices.asmx/AlertLogin" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings\Services\Translation] "URL"="hxxp://alerts.conduit-services.com/translation/?locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\Conduit\Community Alerts\Settings\Services\Usage] "URL"="hxxp://alert.services.conduit.com/Alerts/AlertServices.asmx/SetAlertUsageRequest" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "Server"="users.conduit.com" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "GroupingServerURL"="hxxp://grouping.services.conduit.com/" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "PrivacyPageURL"="hxxp://www.conduit.com/privacy/Default.aspx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "DisplayTrusteSeal"="hxxp://trust.conduit.com/EB_ORIGINAL_CTID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "UsageURL"="hxxp://usage.users.conduit.com/UsersWebService.asmx/UsersRequests" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "ClientLogURL"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "UninstallURL"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "AppsDetectionUrlPattern"="hxxp://appdownload.conduit.com/" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050] [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ABTestUsage] "ServiceUrl"="hxxp://tb-test.conduit-data.com" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppRegisterUsage] "ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppRegistration.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppsMetaData] "ServiceUrl"="hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppsSettings] "ServiceUrl"="hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppTrackingFirstTime] "ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppTrackingUsage] "ServiceUrl"="hxxp://tracking.usage.app.conduit-services.com/Usage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\AppUninstallUsage] "ServiceUrl"="hxxp://apps.usage.conduit-services.com/AppOperations/AppUninstall.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\BrowserToolbarsInfo] "ServiceUrl"="hxxp://counting.usage.toolbar.conduit-services.com/usage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ClientErrorLog] "ServiceUrl"="hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\DynamicDialogs] "ServiceUrl"="hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\GottenAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\HostingUsage] "ServiceUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\LocationService] "ServiceUrl"="hxxp://ip2location.conduit-services.com/ip/" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\OtherAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\RecoveryService] "ServiceUrl"="hxxp://recovery.conduit-services.com/toolbar" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SearchInNewTabBlank] "ServiceUrl"="hxxp://storage.conduit.com/SearchInNewTab/SearchInNewTabBlank.html" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SearchSettings] "ServiceUrl"="hxxp://API.search.conduit.com/Settings/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\SharedAppsContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarAppComponentUsage] "ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarAppUsage] "ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarComponentUsage] "ServiceUrl"="hxxp://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarContextMenu] "ServiceUrl"="hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarGrouping] "ServiceUrl"="hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=GetGroup&ctid=EB_ORIGINAL_CTID&lut=0&locale=EB_OS_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenLogin] "ServiceUrl"="hxxp://login.hiddentoolbar.conduit-services.com/Login.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenSettings] "ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarHiddenSettingsForSB] "ServiceUrl"="hxxp://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarLogin] "ServiceUrl"="hxxp://login.toolbar.conduit-services.com/Login.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettings] "ServiceUrl"="hxxp://Settings.toolbar.search.conduit.com/root/EB_TOOLBAR_ID/EB_ORIGINAL_CTID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsForPublisher] "ServiceUrl"="hxxp://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsForSB] "ServiceUrl"="hxxp://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarSettingsPublisherForSB] "ServiceUrl"="hxxp://settings.publisher.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&protocolVersion=EB_PROTOCOL_VERSION" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarTranslation] "ServiceUrl"="hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarUninstall] "ServiceUrl"="hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\ToolbarUsage] "ServiceUrl"="hxxp://usage.toolbar.conduit-services.com/ToolbarUsage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\UninstallDialog] "ServiceUrl"="hxxp://UninstallDialog.conduit-services.com/view/view.aspx?ctid=EB_TOOLBAR_ID&version=EB_TOOLBAR_VERSION" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050\UninstallDialogUsage] "ServiceUrl"="hxxp://uninstalldialogusage.toolbar.conduit-services.com/Usage.ashx" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050_CT2269050] [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\conduit_CT2269050_en] [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\1051808044] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\1516623658] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\175814262] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\226245588] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\2526533536] "dbname"="conduit_CT2269050_en" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\2676808154] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\346401304] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\Repository\MetaData\4017212782] "dbname"="conduit_CT2269050_CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings] "HomePageUrl"="hxxp://search.conduit.com/?ctid=CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings] "APITrustedDomains"="conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForum Toolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.c om,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings] "SocialDomains"="social.conduit.com;apps.conduit.com;services.apps.conduit.com" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\BackHandStorage\http___storage_conduit_com_PS_ShoppingApp_V1_pgcb1_2_html_ctid=CT2269050] [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\BrowserSearch] "URLFromService"="hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\BrowserSearch] "ConduitEnabled"="TRUE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\HomePage] "URLFromService"="hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\FeatureProtector\HomePage] "ConduitEnabled"="TRUE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\MyStuff] "AddStuffLink"="hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\MyStuff] "ConduitEnable"="TRUE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\RadioPlayer] "ServerUrl"="hxxp://radio.services.conduit.com/RadioRequest.ctp" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\Search\Settings] "ContextMenuSearchUrl"="hxxp://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsDataUrlConduit"="hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsEnabledByConduit"="TRUE" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\SearchInNewTab] "AboutTabsUsageUrl"="hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\Update] "ModuleURL"="hxxp://ieupdate.conduit.com/ver6.9.0.16/tbedrs.dll" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\Upgrade] "ModuleURL"="hxxp://ieupgrade.conduit-download.com/IEUpgrade/ver6.9.0.16/tbedrs.dll" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\Weather] "SearchServerUrl"="hxxp://search.conduit.com/" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings\Weather\en] "Forecast"="<FORECAST><LOCATION_ID>SZXX0033</LOCATION_ID><DAYS><DAY1><DATE>20120831</DATE><DAY>Friday</DAY><F_MIN>50</F_MIN><F_MAX>55</F_MAX><C_MIN>10</C_MIN><C_MAX>12</C_MAX><UV_DESCRIPTION>High</UV_DESCRIPTION><UV_INDEX>6</UV_INDEX><SUNSET>8:07 pm</SUNSET><SUNRISE>6:44 am</SUNRISE><MOONRISE>7:39 pm</MOONRISE><MOONSET>6:35 am</MOONSET><MOON_PHASE>Full</MOON_PHASE><CONDITION_DESCRIPTION>Rain</CONDITION_DESCRIPTION><CONDITION_ICON>hxxp://weather.conduit.com/images/weather/Default/rain_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20120901</DATE><DAY>Saturday</DAY><F_MIN>47</F_MIN><F_MAX>53</F_MAX><C_MIN>8</C_MIN><C_MAX>11</C_MAX><UV_DESCRIPTION>Moderate</UV_DESCRIPTION><UV_INDEX>3</UV_INDEX><SUNSET>8:05 pm</SUNSET><SUNRISE>6:45 am</SUNRISE><MOONRISE>8:04 pm</MOONRISE><MOONSET>7:44 am</MOONSET><MOON_PHASE>Waning Gibbous</MOON_PHASE><CONDITION_DESCRIPTION>Rain</CONDITION_DESCRIPTION><CONDITION_ICON>hxxp://weather.conduit.com/images/weather/D Searching for "DVDVideoSoftTB" [HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\uninstall.exe"="Conduit Engine Uninstall" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB] [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "DisplayName"="DVDVideoSoftTB" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] "WebServerUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings] "RadioHelpUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/help/#2_5" [HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\settings] "WeatherHelpUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/help/#2_8" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe"="ToolbarH Application" [HKEY_USERS\S-1-5-21-861567501-1580818891-1801674531-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\uninstall.exe"="Conduit Engine Uninstall" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB] [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "DisplayName"="DVDVideoSoftTB" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] "WebServerUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings] "RadioHelpUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/help/#2_5" [HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\settings] "WeatherHelpUrl"="hxxp://DVDVideoSoftTB.OurToolbar.com/help/#2_8" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\Programme\DVDVideoSoftTB\DVDVideoSoftTBToolbarHelper.exe"="ToolbarH Application" Searching for "PriceGong" [HKEY_USERS\.DEFAULT\Software\PriceGong] [HKEY_USERS\.DEFAULT\Software\PriceGong\Settings] "server_req_url"="hxxp://service5.pricegong.com/default.aspx" [HKEY_USERS\.DEFAULT\Software\PriceGong\Settings] "cx_server_location"="hxxp://xml.pricegong.com/SiteXMLFolder" [HKEY_USERS\.DEFAULT\Software\PriceGong\Settings] "pr_link_text"="<img src="hxxp://service.pricegong.com/Img/P_Link.png" title="Compare price for this product with PriceGong" />" [HKEY_USERS\.DEFAULT\Software\PriceGong\Settings] "rs_link_text"="<img src="hxxp://service.pricegong.com/Img/R_Link_16.png" title="Compare price for this product with PriceGong" />" [HKEY_USERS\S-1-5-18\Software\PriceGong] [HKEY_USERS\S-1-5-18\Software\PriceGong\Settings] "server_req_url"="hxxp://service5.pricegong.com/default.aspx" [HKEY_USERS\S-1-5-18\Software\PriceGong\Settings] "cx_server_location"="hxxp://xml.pricegong.com/SiteXMLFolder" [HKEY_USERS\S-1-5-18\Software\PriceGong\Settings] "pr_link_text"="<img src="hxxp://service.pricegong.com/Img/P_Link.png" title="Compare price for this product with PriceGong" />" [HKEY_USERS\S-1-5-18\Software\PriceGong\Settings] "rs_link_text"="<img src="hxxp://service.pricegong.com/Img/R_Link_16.png" title="Compare price for this product with PriceGong" />" Searching for " " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList] "SanDiskIMb"="E-USB Fl;ash ; " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB) SAMSUNG WNR-31601A (1.6GB) IBM-DTCA-24090 TC6OAA2A IBM-DTCA-24090 TC6IAA2A IBM-DPLA-25120 PL8OAA2A IBM-DPLA-25120 PL8IAA2A IBM-DPLA-25120 PL8IAA4A IBM-DTCA-23240 TC5OAA2A IBM-DTCA-23240 TC5IAA2A IBM-DPLA-24480 PL7OAA2A IBM-DPLA-24480 PL7IAA2A" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "NoFlushDevice"="QUANTUM_LPS525A SCR-730 " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "PioOnlyDevice"=" Conner Peripherals 425MB - CFS425A MATSHITA CR-581 FX600S CD-44E QUANTUM TRB850A QUANTUM MARVERICK 540A MAXTOR MXT-540 AT Maxtor 71260 AT Maxtor 7850 AV Maxtor 7540 AV Maxtor 7213 AT Maxtor 7345 Maxtor 7245 AT Maxtor 7245 Maxtor 7211AU Maxtor 7171 AT CD-316E SAMSUNG_SCR-2430 CR-2801TE" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "NonRemovableMedia"="Kingston Technology DataPak 340 SunDisk SDP5A-10 SunDisk SDCFB-10 SunDisk SDP3B-20 SunDisk SDP3B-175 SunDisk SDP5-2.5 Calluna Technology CT260MC BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1 ATA_FLASH Mitsubishi ATA Card LEXAR ATA_FLASH MICRON MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK 8M 8K" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "NoPowerDownDevice"="RD-DRC001-M CS-R37 0 " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters] "AutoEjectZipDevice"="IOMEGA ZIP 100 ATAPI 23.D IOMEGA ZIP 100 ATAPI 21.D IOMEGA ZIP 100 ATAPI 20.D IOMEGA ZIP 100 ATAPI 91.D IOMEGA ZIP 100 B.29 IOMEGA ZIP 100 B.22 " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB) SAMSUNG WNR-31601A (1.6GB) IBM-DTCA-24090 TC6OAA2A IBM-DTCA-24090 TC6IAA2A IBM-DPLA-25120 PL8OAA2A IBM-DPLA-25120 PL8IAA2A IBM-DPLA-25120 PL8IAA4A IBM-DTCA-23240 TC5OAA2A IBM-DTCA-23240 TC5IAA2A IBM-DPLA-24480 PL7OAA2A IBM-DPLA-24480 PL7IAA2A" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "NoFlushDevice"="QUANTUM_LPS525A SCR-730 " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "PioOnlyDevice"=" Conner Peripherals 425MB - CFS425A MATSHITA CR-581 FX600S CD-44E QUANTUM TRB850A QUANTUM MARVERICK 540A MAXTOR MXT-540 AT Maxtor 71260 AT Maxtor 7850 AV Maxtor 7540 AV Maxtor 7213 AT Maxtor 7345 Maxtor 7245 AT Maxtor 7245 Maxtor 7211AU Maxtor 7171 AT CD-316E SAMSUNG_SCR-2430 CR-2801TE" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "NonRemovableMedia"="Kingston Technology DataPak 340 SunDisk SDP5A-10 SunDisk SDCFB-10 SunDisk SDP3B-20 SunDisk SDP3B-175 SunDisk SDP5-2.5 Calluna Technology CT260MC BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1 ATA_FLASH Mitsubishi ATA Card LEXAR ATA_FLASH MICRON MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK 8M 8K" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "NoPowerDownDevice"="RD-DRC001-M CS-R37 0 " [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\atapi\Parameters] "AutoEjectZipDevice"="IOMEGA ZIP 100 ATAPI 23.D IOMEGA ZIP 100 ATAPI 21.D IOMEGA ZIP 100 ATAPI 20.D IOMEGA ZIP 100 ATAPI 91.D IOMEGA ZIP 100 B.29 IOMEGA ZIP 100 B.22 " [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB) SAMSUNG WNR-31601A (1.6GB) IBM-DTCA-24090 TC6OAA2A IBM-DTCA-24090 TC6IAA2A IBM-DPLA-25120 PL8OAA2A IBM-DPLA-25120 PL8IAA2A IBM-DPLA-25120 PL8IAA4A IBM-DTCA-23240 TC5OAA2A IBM-DTCA-23240 TC5IAA2A IBM-DPLA-24480 PL7OAA2A IBM-DPLA-24480 PL7IAA2A" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "NoFlushDevice"="QUANTUM_LPS525A SCR-730 " [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "PioOnlyDevice"=" Conner Peripherals 425MB - CFS425A MATSHITA CR-581 FX600S CD-44E QUANTUM TRB850A QUANTUM MARVERICK 540A MAXTOR MXT-540 AT Maxtor 71260 AT Maxtor 7850 AV Maxtor 7540 AV Maxtor 7213 AT Maxtor 7345 Maxtor 7245 AT Maxtor 7245 Maxtor 7211AU Maxtor 7171 AT CD-316E SAMSUNG_SCR-2430 CR-2801TE" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "NonRemovableMedia"="Kingston Technology DataPak 340 SunDisk SDP5A-10 SunDisk SDCFB-10 SunDisk SDP3B-20 SunDisk SDP3B-175 SunDisk SDP5-2.5 Calluna Technology CT260MC BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1 ATA_FLASH Mitsubishi ATA Card LEXAR ATA_FLASH MICRON MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK 8M 8K" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "NoPowerDownDevice"="RD-DRC001-M CS-R37 0 " [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters] "AutoEjectZipDevice"="IOMEGA ZIP 100 ATAPI 23.D IOMEGA ZIP 100 ATAPI 21.D IOMEGA ZIP 100 ATAPI 20.D IOMEGA ZIP 100 ATAPI 91.D IOMEGA ZIP 100 B.29 IOMEGA ZIP 100 B.22 " [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\WINDOWS\TEMP\NEWC.tmp.exe"="Setup Launcher " [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\WINDOWS\TEMP\NEWC.tmp.exe"="Setup Launcher " -= EOF =- |
13.03.2013, 19:49 | #6 |
/// TB-Ausbilder | wie entferne ich delta search II Servus, Schritt 1 Fixen mit OTL
Code:
ATTFilter :OTL O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [] File not found O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\stefanlamp\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found [2013.03.05 20:42:16 | 000,018,096 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe :files C:\WINDOWS\tasks\At*.job C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar :reg [-HKEY_USERS\.DEFAULT\Software\IBUpdaterService] [-HKEY_USERS\S-1-5-18\Software\IBUpdaterService] [-HKEY_USERS\.DEFAULT\Software\Ask.com] [-HKEY_USERS\S-1-5-18\Software\Ask.com] [-HKEY_USERS\S-1-5-18\Software\AskToolbar] [-HKEY_USERS\.DEFAULT\Software\Conduit] [-HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar] [-HKEY_USERS\S-1-5-18\Software\Conduit] [-HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar] [-HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB] [-HKEY_USERS\.DEFAULT\Software\PriceGong] [-HKEY_USERS\S-1-5-18\Software\PriceGong] :commands [Emptytemp]
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
14.03.2013, 11:47 | #7 |
| wie entferne ich delta search II hallo matthias, hier das ergebnis für den FIX von OTL. habe beim FIX keine häkchen gesetzt unter "Scanne alle Benutzer" und "Use Safe List" All processes killed ========== OTL ========== Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully. C:\WINDOWS\system32\roboot.exe moved successfully. ========== FILES ========== C:\WINDOWS\tasks\At1.job moved successfully. C:\WINDOWS\tasks\At2.job moved successfully. C:\WINDOWS\tasks\At3.job moved successfully. C:\WINDOWS\tasks\At4.job moved successfully. C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\temp folder moved successfully. C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files folder moved successfully. C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar\APNU folder moved successfully. C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\AskToolbar folder moved successfully. ========== REGISTRY ========== Registry key HKEY_USERS\.DEFAULT\Software\IBUpdaterService\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\IBUpdaterService\ not found. Registry key HKEY_USERS\.DEFAULT\Software\Ask.com\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\Ask.com\ not found. Registry key HKEY_USERS\S-1-5-18\Software\AskToolbar\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\Conduit\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\toolbar\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\Conduit\ not found. Registry key HKEY_USERS\S-1-5-18\Software\DVDVideoSoftTB\toolbar\ not found. Registry key HKEY_USERS\.DEFAULT\Software\DVDVideoSoftTB\ deleted successfully. Registry key HKEY_USERS\.DEFAULT\Software\PriceGong\ deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\PriceGong\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: stefanlamp ->Temp folder emptied: 875272 bytes ->Temporary Internet Files folder emptied: 6516739 bytes ->FireFox cache emptied: 377556516 bytes ->Flash cache emptied: 1554 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 197844 bytes RecycleBin emptied: 3950091 bytes Total Files Cleaned = 371,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03142013_113829 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... ...malwarebytes... Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.03.14.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 stefanlamp :: STEFAN [Administrator] 14.03.2013 11:55:01 mbam-log-2013-03-14 (11-55-01).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 193592 Laufzeit: 3 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ..das ESET logfile.. ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=95882b32b70fec4f932739de2895013f # engine=13385 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-03-14 11:39:59 # local_time=2013-03-14 12:39:59 (+0100, Westeuropäische Normalzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1799 16775165 100 98 66788 185165438 59559 0 # scanned=88680 # found=0 # cleaned=0 # scan_time=2071 Results of screen317's Security Check version 0.99.59 Windows XP Service Pack 3 x86 Internet Explorer 6 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Please wait while WMIC compiles updated MOF files.d i s p l a y N a m e ECHO ist ausgeschaltet (OFF). A v i r a ECHO ist ausgeschaltet (OFF). D e s k t o p ECHO ist ausgeschaltet (OFF). Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.70.0.1100 Java 7 Update 13 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.6.602.180 Adobe Reader XI Mozilla Firefox 18.0.2 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` |
14.03.2013, 16:34 | #8 |
/// TB-Ausbilder | wie entferne ich delta search II Servus, Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Downloade und installiere als Erstes: Downloade Dir bitte den Internet Explorer 8 von hier und installiere diesen. Auch wenn dieser nicht dein Standard-Browser ist, sollte sich die aktuelle Version am Rechner befinden. Es gibt noch genug Software, die diesen zum Updaten verwendet. Schritt 1 Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Schritt 2 Deine Version von Adobe Flash Player ist veraltet. Bitte folge diesen Schritte, um Adobe Flash zu aktualisieren:
Schritt 3
Prüfe bitte auch (regelmässig) ob folgende Links fehlende Updates bei deinen Plugins zeigen: Schritt 4 Sofern verwendet, starte DeFogger und klicke auf Re-enable. Gegebenenfalls muss dein Rechner neu gestartet werden. Schritt 5 Downloade dir bitte delfix auf deinen Desktop.
Schritt 6 Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
14.03.2013, 18:30 | #9 |
| wie entferne ich delta search II Hallo matthias, herzlichen dank, dann bin ich sehr erfreut und beruhigt! Kann ich die programme wie otl usw und die logdateien einfach in den papierkorb verschieben? Soll ich denn generell sämtliche angebotenene updates zu firefox, IE, windows, flash player, adobe reader, usw, die im normalen rhythmus angeboten werden, installieren? Bin gerade beim schritt 2 JAVA.. habe es installiert.. es gibt aber gar keine älteren programme zur deinstallation… und, den pfad systemsteuerung --> programme gibt es bei mir nicht.. was tun? Viele grüße stefan |
14.03.2013, 19:48 | #10 | |||
/// TB-Ausbilder | wie entferne ich delta search II Servus, Zitat:
Zitat:
Zitat:
Systemsteuerung > Software Sonst noch Probleme? |
14.03.2013, 20:23 | #11 |
| wie entferne ich delta search II ja... ich finde keine java symbol zum klicken, um auf den reiter Allgemein --> temp internetdateien... zu gelangen... grüße |
14.03.2013, 20:25 | #12 |
/// TB-Ausbilder | wie entferne ich delta search II Servus, diesen Schritt kannst du auslassen. Wir haben die temporären Dateien schon bereinigt. Sonst passt alles? |
14.03.2013, 20:37 | #13 |
| wie entferne ich delta search II jetzt passt alles ganz herzlichen dank für alles matthias!! kannst nun löschen ;-) liebe grüße und gute zeit stefan |
14.03.2013, 20:39 | #14 |
/// TB-Ausbilder | wie entferne ich delta search II Ich bin froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
Themen zu wie entferne ich delta search II |
deinstallation, deinstallieren, deinstalliert, delta, download, ebenfalls, hinweis, installieren, lieber, microsoft, neuen, problem, search, seite, software, support, systemsteuerung, thread, toolbar, trojaner, visual, visual c++, weiterhelfen, worte, öffnen |