Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   "Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert". (https://www.trojaner-board.de/120111-computer-verletzung-gesetze-bundesrepublik-deutschland-wurde-blockiert.html)

Nico22 22.07.2012 14:09
"Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert".
 
Hallo liebes Team,

mein Rechner (Win 7) wurde am 22.7. evt. mit einem Trojaner infiziert. Die Meldung lautet: "Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert".
Habe den Computer im abgesicherten Modus gestartet und mir Malwarebytes heruntergeladen und das Update installiert.
Der Quick- Scan ergab folgendes:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.22.06

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7601.17514
**** :: **** [Administrator]

Schutz: Deaktiviert

22.07.2012 14:36:18
mbam-log-2012-07-22 (14-36-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 193199
Laufzeit: 2 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Backdoor.Agent) -> Daten: C:\Users\uwe schafstall\AppData\Roaming\appconf32.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\uwe schafstall\Downloads\SoftonicDownloader_fuer_minecraft.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt.
C:\Users\uwe schafstall\Downloads\SoftonicDownloader_fuer_photoscape.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Windows\System32\V.ico (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\SysWOW64\V.ico (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\uwe schafstall\AppData\Roaming\appconf32.exe (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Danach habe ich mir OTL heruntergeladen und ebenfalls einen scan durchgeführt.

OTL Logfile:OTL Logfile:
Code:
OTL logfile created on: 22.07.2012 14:54:53 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\uwe schafstall\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 79,88% Memory free
7,97 Gb Paging File | 7,18 Gb Available in Paging File | 90,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 327,92 Gb Free Space | 71,53% Space Free | Partition Type: NTFS
Drive D: | 458,77 Gb Total Space | 133,61 Gb Free Space | 29,12% Space Free | Partition Type: NTFS
 
Computer Name: UWESCHAFSTALL | User Name: uwe schafstall | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\uwe schafstall\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\uwe schafstall\AppData\Roaming\13001.028\components\AcroFF.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell)
SRV:64bit: - (lxdj_device) -- C:\Windows\SysNative\lxdjcoms.exe ( )
SRV:64bit: - (lxdjCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdjserv.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (lxdjCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdjserv.exe ()
SRV - (lxdj_device) -- C:\Windows\SysWOW64\lxdjcoms.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=10&cc=
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1027E1BA-F410-4B39-A305-B4006A6CB8B8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FEDBCE52-1124-427A-8036-75734638A046&apn_sauid=C3556903-998A-4B3B-BDE3-B42E90AD7ACC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE394
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=814
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.8.1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.21 23:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.21 23:18:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.02.23 21:32:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 18:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.22 22:30:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\uwe schafstall\AppData\Roaming\13001.028 [2012.07.22 01:30:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 18:05:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.22 22:30:27 | 000,000,000 | ---D | M]
 
[2012.04.21 19:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Extensions
[2012.06.27 16:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions
[2012.06.27 16:36:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.04.21 19:08:49 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.04.01 16:58:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.07 14:24:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\battlefieldplay4free@ea.com
[2011.04.01 16:58:27 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com
[2011.08.23 03:12:10 | 000,000,000 | ---D | M] (Gutscheinmieze) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\gutscheinmieze@synatix-gmbh.de
[2012.06.12 20:35:02 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\askcom.xml
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\conduit.xml
[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\Search_Results.xml
[2012.06.12 16:23:36 | 000,002,060 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\softonic.xml
[2012.05.24 21:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.24 21:33:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.22 01:30:56 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\UWE SCHAFSTALL\APPDATA\ROAMING\13001.028
[2012.06.26 18:05:30 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.08.24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.26 18:05:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.26 18:05:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.26 18:05:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.26 18:05:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.26 18:05:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.26 18:05:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=48&cc=
CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.153.1_0\
CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20100919120818.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101225220159.dll (McAfee, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [lxdjamon] C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe ()
O4:64bit: - HKLM..\Run: [lxdjmon.exe] "C:\Program Files (x86)\Lexmark 1400 Series\lxdjmon.exe" File not found
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLD_FrameworkRun] c:\windows\system32\oem\setEvent.exe File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe File not found
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WinSCard] C:\Users\uwe schafstall\AppData\Local\Microsoft\Windows\25\WinSCard.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.103.78 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A778355-EDCC-4EDE-B22C-C1E985BE7681}: DhcpNameServer = 80.69.100.182 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B3E18C5-6BCD-4A29-A740-0403DE581506}: DhcpNameServer = 80.69.103.78 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup\rsrc\autorun.exe
O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.22 14:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.07.22 14:30:39 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\Malwarebytes
[2012.07.22 14:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 14:30:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.22 14:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.22 14:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto
[2012.07.22 13:19:30 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\UAs
[2012.07.22 01:30:56 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028
[2012.07.22 01:30:36 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm
[2012.07.22 01:30:34 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\kock
[2012.07.21 16:05:36 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoD2 - Version Changer
[2012.07.17 21:56:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.17 21:56:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.17 21:55:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.17 21:55:48 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.17 21:55:47 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.06.29 14:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012.06.29 14:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012.06.23 02:22:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.23 02:22:49 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.23 02:22:49 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.23 02:22:23 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.23 02:22:23 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.23 02:22:23 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.23 02:22:10 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.23 02:22:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2009.10.12 13:24:23 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Users\uwe schafstall\AppData\Roaming\*.tmp files -> C:\Users\uwe schafstall\AppData\Roaming\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.22 14:48:42 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
[2012.07.22 14:45:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.22 14:45:10 | 3208,544,256 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 14:42:56 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-uwe schafstall-Startup.job
[2012.07.22 14:30:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 14:17:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.22 14:16:38 | 000,000,034 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\blckdom.res
[2012.07.22 13:58:51 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 13:58:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.22 01:31:07 | 000,006,400 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\BAcroIEHelpe.dll
[2012.07.22 01:31:06 | 000,268,992 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\AcroIEHelpe.dll
[2012.07.18 15:52:58 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini
[2012.07.18 13:47:40 | 000,343,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.17 22:17:30 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.02 21:53:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.02 21:51:44 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.29 15:10:58 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2012.06.29 15:10:58 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
[2012.06.29 13:29:24 | 000,282,472 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.06.29 13:25:47 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[1 C:\Users\uwe schafstall\AppData\Roaming\*.tmp files -> C:\Users\uwe schafstall\AppData\Roaming\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.22 14:30:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 01:31:07 | 000,006,400 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\BAcroIEHelpe.dll
[2012.07.22 01:31:06 | 000,268,992 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\AcroIEHelpe.dll
[2012.07.22 01:30:48 | 000,000,034 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\blckdom.res
[2012.07.18 15:52:58 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini
[2012.06.29 15:10:58 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2012.06.29 15:10:58 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
[2012.06.12 16:28:17 | 000,000,246 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.19 19:58:41 | 000,000,102 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Local\fusioncache.dat
[2012.05.19 19:57:31 | 001,554,702 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.17 13:56:29 | 000,000,000 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Local\{E4C01B19-4D93-43A1-AD58-791CFC8F37E5}
[2011.10.26 12:26:40 | 000,000,040 | ---- | C] () -- C:\Users\uwe schafstall\jagex_cl_runescape_LIVE.dat
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.05.07 14:47:10 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.07 14:47:08 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.20 23:11:50 | 000,000,882 | ---- | C] () -- C:\Users\uwe schafstall\.recently-used.xbel
[2011.02.18 15:18:51 | 000,000,129 | ---- | C] () -- C:\Users\uwe schafstall\jagex_runescape_preferences2.dat
[2011.02.18 15:18:10 | 000,000,035 | ---- | C] () -- C:\Users\uwe schafstall\jagex_runescape_preferences.dat
[2011.02.12 16:59:01 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\UpdateDriver.exe
[2011.02.12 16:59:00 | 000,005,224 | ---- | C] () -- C:\Windows\SysWow64\ucuiinfo.ini
[2011.01.25 16:23:10 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2010.12.25 12:49:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.10.22 16:02:09 | 000,000,082 | ---- | C] () -- C:\Users\uwe schafstall\edencity.ini
[2010.08.27 19:31:47 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjinpa.dll
[2010.08.27 19:31:47 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdjcomx.dll
[2010.08.27 19:31:47 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\lxdjinst.dll
[2010.08.27 19:31:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpmui.dll
[2010.08.27 19:31:46 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjiesc.dll
[2010.08.27 19:31:45 | 000,999,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjusb1.dll
[2010.08.27 19:31:44 | 001,232,896 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjserv.dll
[2010.08.27 19:31:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjlmpm.dll
[2010.08.27 19:31:44 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjih.exe
[2010.08.27 19:31:44 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjppls.exe
[2010.08.27 19:31:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjprox.dll
[2010.08.27 19:31:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpplc.dll
[2010.08.27 19:31:43 | 000,700,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjhbn3.dll
[2010.08.27 19:31:43 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomc.dll
[2010.08.27 19:31:43 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcoms.exe
[2010.08.27 19:31:43 | 000,425,984 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomm.dll
[2010.08.27 19:31:43 | 000,394,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcfg.exe
[2010.08.27 19:25:01 | 000,000,000 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\wklnhst.dat
 
========== LOP Check ==========
 
[2010.12.26 00:46:12 | 000,000,000 | -HSD | M] -- C:\Users\uwe schafstall\AppData\Roaming\.#
[2012.06.12 20:27:34 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\.minecraft
[2012.07.22 01:30:56 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028
[2012.03.20 22:07:58 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1
[2011.11.29 17:42:41 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoft
[2011.04.01 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.27 21:00:56 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\GameConsole
[2011.08.23 03:12:10 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Gutscheinmieze
[2012.07.22 13:51:46 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto
[2012.07.22 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\kock
[2010.12.11 18:36:40 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Lexmark Productivity Studio
[2011.05.08 13:46:06 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\PhotoScape
[2010.12.26 00:11:15 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\PowerCinema
[2011.05.08 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Samsung
[2010.08.27 18:55:49 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\SoftDMA
[2010.08.27 19:25:03 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Template
[2011.11.20 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\TIPP10
[2012.07.22 13:19:30 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\UAs
[2012.07.22 01:30:36 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm
[2012.03.19 20:44:56 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-uwe schafstall-Startup.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2010.09.19 22:10:33 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?L) -- C:\Windows\SysNative\麰L
[2010.09.19 22:10:33 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?L) -- C:\Windows\SysNative\麰L
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838

< End of report >
--- --- ---

Extras.Txt:OTL Logfile:
Code:
OTL Extras logfile created on: 22.07.2012 14:54:53 - Run 1
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\uwe schafstall\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 79,88% Memory free
7,97 Gb Paging File | 7,18 Gb Available in Paging File | 90,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 327,92 Gb Free Space | 71,53% Space Free | Partition Type: NTFS
Drive D: | 458,77 Gb Total Space | 133,61 Gb Free Space | 29,12% Space Free | Partition Type: NTFS
 
Computer Name: UWESCHAFSTALL | User Name: uwe schafstall | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{086656ED-7C87-440C-A583-098E8499ED1D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{132FECBA-AFAD-468F-8052-9A5CCD167F27}" = lport=137 | protocol=17 | dir=in | app=system |
"{1488E7C0-7F5B-430E-829F-1FF6FB8CB089}" = rport=445 | protocol=6 | dir=out | app=system |
"{235663EA-D983-4173-830A-93A0874DD416}" = lport=138 | protocol=17 | dir=in | app=system |
"{2447D796-0DD0-4BB5-AA18-088962EA6C66}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2E9E2054-23C0-407C-AB3E-65E0DC26B437}" = lport=139 | protocol=6 | dir=in | app=system |
"{30A30A67-0DF9-4B1A-B058-44CF5E116333}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{37AA2250-7A64-451C-B031-0301FA36987E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E236E98-57B5-49D9-87F9-40F4A5B501AE}" = lport=445 | protocol=6 | dir=in | app=system |
"{3F18D3F5-ABF1-48B0-94C3-363431988652}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5C1948EF-A62A-46BA-99F9-C4ACF0F236F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7A13492C-6813-4076-979F-6C447A02B83F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88AF6B31-A6A6-4E36-83AE-54AA561BF55F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B2EC1011-FD75-4452-9E80-24494B090A5F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BEB9567B-AA57-4BD8-BF0D-9422317C98C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1737D70-E719-432D-8924-76A728DE338D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5E04955-74A9-4B7E-B6D1-1B5D075FF58B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C9342B08-674B-42C5-B4F3-777E552F133A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DD86214C-26DB-413B-9D00-3A7C6AC9A780}" = rport=137 | protocol=17 | dir=out | app=system |
"{DED21CD8-E654-48FD-B905-494A64BD4795}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E765ED07-7548-4331-A1C0-9BEC8F2BAA8F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF9492E7-157A-476C-9296-D675370236DB}" = rport=139 | protocol=6 | dir=out | app=system |
"{F4389176-1D7A-4B98-B199-FA1AE90D9BCC}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D0F86B-4454-4828-8EC8-2B3C622E8272}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{081042EB-A458-40E4-BB4F-2FCFFA9FB497}" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"{0AB4F0C8-D9A5-41CF-AF40-81ACEAD579DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{0D02F170-6B0B-4537-BE42-EA1DAF9086BA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0FCCC39C-22C5-4EF6-887F-5EA890176067}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10D74238-87CF-4FFE-B1FC-EAE86CDFD1B7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{125065E1-C05D-4A96-83AB-9E72EEAE199F}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{12F49060-B8C9-42BA-A69B-6DBDF81E5415}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{13F88B47-48E6-45F2-9FC8-546803F1FBF1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{16A8344B-DD0D-44D8-87E4-9C0A105DD70C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C5042CD-9E36-41D1-818D-2EDEC9EBF9F0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1FC19372-6FE5-4492-9552-B3D49A2AF8B5}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"{20265966-94D9-4F49-8C7A-6AECBEDBC110}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2463EFC7-E9D2-48E7-A609-FE4B1848DCCD}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{25956C55-2F96-4D8A-94D5-808EBB640470}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{276AB897-1272-4542-A115-6EA7404132CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks ii napoleonic wars\engine.exe |
"{29DD7833-06C6-4190-B89A-3128CE58F8EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\scenarioeditor.exe |
"{2A312CB4-D705-4540-884D-C3195F8D33B4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{2A7ECEF1-B45B-4B56-9683-FFC38E631BF2}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdjcoms.exe |
"{2A914823-678A-403D-AE35-A43B33914DB7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{2DBC9D66-0466-49C9-B8BB-884854D2CC45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks ii napoleonic wars\engine.exe |
"{2EFE9EE1-4B20-4FE4-9BBC-AA4061E9C7BE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2F3FF919-633F-4310-8B4D-34AEA284B022}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks ii battle for europe\engine.exe |
"{35CA41EF-1DB2-46CA-94DC-1652B586A498}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3E077E0B-26E9-4873-9483-F7B2F596568F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{436F5D28-8440-48CB-9109-B217766BF18E}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{439F18F2-F056-40BD-BF11-6842C66F482E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{445275A2-A47C-47B5-8D22-E246EA256F09}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\cshlp.exe |
"{48A39B3E-D240-4622-8600-667EFBAE7C57}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4DEDF912-2DC6-43DE-95DD-360D65250007}" = protocol=6 | dir=in | app=c:\windows\system32\lxdjcoms.exe |
"{50648B03-BD25-48B8-973E-E730919F9D46}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\dmcr.exe |
"{59382FD6-E579-4B68-AA63-05E09AEFCFDF}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{5AE10A14-5BF8-4E95-9C28-FB27DB6E3370}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{643CEE68-9F9E-456D-BDD5-E8CD0EF15FDD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{6616518B-81E2-476E-B0D7-8F5A1AB7D371}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{66545189-9349-4EA4-A23D-1D2A6B7F1A7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\american conquest - fight back\dmcr.exe |
"{6D112700-3780-41F8-B31F-51D9BE226F17}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6F08D1D6-72B7-40D1-B58B-900FAC617C2D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{70FA6548-D8A5-4CF3-84A2-BAB27EE4E4FF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{71B35DD1-2A04-42D2-A41C-EA9E77E121A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{73E7CECB-2B61-4DE9-9D6A-0EDFFF54D519}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7608C46C-E9A8-47A0-B07D-609BCAAAFA34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{775BE3A7-21EF-4E1D-9FDD-E11B13584824}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{7936CE03-948F-4E3B-94C4-6810EDE013CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{800FE393-04DA-4F7A-9CE3-EDEC416685AE}" = protocol=6 | dir=in | app=c:\windows\system32\lxdjcfg.exe |
"{8548B433-E29F-49B5-A737-9CA2AE13B761}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\scenarioeditor.exe |
"{8760AD6A-FCE0-4314-9F94-C581A18C2547}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{877C433C-DC2B-494F-905D-134933BC544D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88955E38-1EDF-4CDA-98CD-258C86A26FA4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{8958B566-9DB5-460C-8059-66DD659A08AC}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8A19D514-0D54-4604-9732-08066D9D06F7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\hview.exe |
"{8B8B303C-E965-42FC-BA0F-BAE502504547}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\cshlp.exe |
"{926C5960-0EE9-4879-A2A6-2432A31DA4C7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{98B4CAF9-0C0E-4E85-AD48-1AB9D94EF862}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9D67D5B2-2312-440E-854B-4C5247F330B9}" = protocol=17 | dir=in | app=c:\windows\system32\lxdjcfg.exe |
"{9DCD561E-A5C1-4252-9E15-5EF31591E709}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{A4354260-ED5E-488F-8C18-E9B765002CEC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7605C5D-F526-47E9-8714-16A1D490391A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks art of war\dmcr.exe |
"{A8C3AD6C-798D-4E99-8B72-D08ECCF49D0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\dmcr.exe |
"{AA2B7EFF-B8D4-4862-A76E-D126B1D3F3C1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AD732F4C-FAF3-43D6-AD8C-14848B6A21FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\csbtw.exe |
"{AD7DD20F-C6AE-4444-85E7-503A2F1DE26A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks ii battle for europe\engine.exe |
"{AE6F9039-DCEB-42FE-8288-F39D6792AFA5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\american conquest - fight back\dmcr.exe |
"{AE8E51FD-7E5E-483F-9941-FB035F464A98}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF9F770A-22BE-49EA-BDFF-6844F9FC3109}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B00D086B-6159-417A-A678-6D07449E3ED0}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{B7B18237-12C3-4315-A0D3-19C9E7C058B4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{B8BE47E7-401B-414A-97D3-2506AA748C42}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{B8C6AA70-BC9D-457F-AA7D-26F367C18698}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\american conquest\dmcr.exe |
"{B9E1B74C-F1D2-4FB6-8349-9656133B001B}" = protocol=17 | dir=in | app=c:\windows\system32\lxdjcoms.exe |
"{BA2262B3-FDD3-4AC7-9F29-F6F4B7402763}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\ocin94\day of defeat source\hl2.exe |
"{BA22F1AA-A962-47B6-B07A-DB671B2D4CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\american conquest\dmcr.exe |
"{BBADFCEF-D923-4C3D-BE01-4D83C013D9FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBBB017F-9AD0-4C01-A9E4-70F0FCE0438C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBCF39D8-DB66-47FB-956A-2CA6C883B47C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C011BD93-CFD2-4D92-93C0-CB4FF6408CFE}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{C1EE6A47-C80F-4F25-AA14-B27E9B3CDE67}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C85D9C7F-EEC0-4591-9321-A6CE0774CFB4}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{C89EF85A-0E87-479A-BFC4-3C152F096E58}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{CB6C9B6E-998E-408F-ACC9-A9B79F1F5C8C}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{CCDC6027-B4FF-45CE-80B2-A4B70D4B5FE7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks european wars\dmcr.exe |
"{CD7B5A2A-9422-4506-BD53-23C605E053A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\ocin94\counter-strike source\hl2.exe |
"{D45F0CF4-DF0D-43E6-ACC2-1C2D2FEBD794}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4CED8A6-E3A4-49E0-B8F7-9A6C512B0D2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D574A868-EFA6-4C02-99DA-9103A26DDE35}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D6526B70-D9FD-44E9-A5A1-C962B406C24C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{D9091EA2-67D4-4512-84AE-44C959F03DE8}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdjcoms.exe |
"{D9D24A72-FF21-46A7-9DE3-BA61C747557A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\csbtw.exe |
"{D9DDCC0F-EA4D-4329-B729-464A30569ADA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DAB86308-77F9-4802-BE1D-16CFAF3FBA90}" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"{DBD9C752-1C61-45F2-A2A4-04C73CD146B7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DFC82109-2A24-4C40-9501-414046A10692}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks art of war\dmcr.exe |
"{E338A0F9-E6EB-4987-A225-1EA72BE08F1F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E9275557-DDD6-42B2-83E4-23743B55A1DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\hview.exe |
"{EB85B93B-0FB8-4E75-927C-98AA4F269BA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\ocin94\counter-strike source\hl2.exe |
"{EBFFCD34-7E3C-4223-9298-30388B78B4CD}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"{ECAEADED-5F46-487A-B19E-EF701866D865}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{EE077BD0-C261-4379-9E3C-D8098626E462}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{EE90F5AA-E085-4B87-BE5D-606D761FFFDB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{F54A9B6A-4EB2-4CD6-96C4-2C4098FB5A07}" = protocol=6 | dir=out | app=system |
"{F8BE96F2-7C4A-4473-819B-6A5B150CF1A2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F9967158-427E-413E-909E-0E191B50884D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cossacks european wars\dmcr.exe |
"{FF6A01BD-02AA-48D7-90AA-5F4179F29A92}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\ocin94\day of defeat source\hl2.exe |
"TCP Query User{B2FD7849-A340-457E-B2E5-95E31D50A02C}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"TCP Query User{CBAA103D-7057-41EA-B787-28C05E87F71E}C:\program files (x86)\lexmark 1400 series\lxdjamon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"UDP Query User{39B6B719-5919-49F7-9220-23D7F99C20A1}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{E1DE7927-A80C-4C00-8B76-7E983A9FA7EC}C:\program files (x86)\lexmark 1400 series\lxdjamon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F9241E8-87C1-FB9C-5D76-3FF7D0318A87}" = ATI Catalyst Install Manager
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Lexmark 1400 Series" = Lexmark 1400 Series
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{52210D57-0B1F-4681-90DD-8659DF4BCC40}" = Moorhuhn Remake
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.5 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{ccb6b889-f9d9-45fd-8a78-2a4f2e599441}" = Nero 9 Essentials
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F9D54D77-01A4-7D34-6F3C-EDC9F8F466E3}" = Fragen-Lern-CD 4.0
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.06.00.8025
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Call of Duty 2 - Version Changer" = Call of Duty 2 - Version Changer
"de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1" = Fragen-Lern-CD 4.0
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security Suite
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"PunkBusterSvc" = PunkBuster Services
"Searchqu Toolbar" = Searchqu Toolbar
"Softonic" = Softonic toolbar  on IE
"Steam App 115200" = Cossacks II: Napoleonic Wars
"Steam App 115210" = American Conquest
"Steam App 115220" = American Conquest - Fight Back
"Steam App 38830" = Crimecraft: BLEEDOUT
"Steam App 440" = Team Fortress 2
"Steam App 4850" = Cossacks: Back to War
"Steam App 4870" = Cossacks: Art of War
"Steam App 4880" = Cossacks: European Wars
"Steam App 4890" = Cossacks II: Battle for Europe
"TIPP10_is1" = TIPP10 Version 2.1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.06.2012 08:41:12 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.06.2012 08:41:12 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.07.2012 10:46:25 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 02.07.2012 10:47:37 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 02.07.2012 10:47:54 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.07.2012 10:47:54 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.07.2012 10:47:54 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 02.07.2012 10:47:54 | Computer Name = uweschafstall | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.07.2012 07:58:35 | Computer Name = uweschafstall | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cod2.exe, Version: 2.1.12.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002dfe4  ID des fehlerhaften Prozesses:
 0x16ac  Startzeit der fehlerhaften Anwendung: 0x01cd5912f209d956  Pfad der fehlerhaften
 Anwendung: E:\Setup\rsrc\cod2.exe  Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
 6abc4919-c506-11e1-a2da-90fba6e162c3
 
Error - 03.07.2012 08:04:18 | Computer Name = uweschafstall | Source = MsiInstaller | ID = 1013
Description =
 
[ System Events ]
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:46:56 | Computer Name = uweschafstall | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 22.07.2012 08:50:44 | Computer Name = uweschafstall | Source = DCOM | ID = 10005
Description =
 
 
< End of report >
--- --- ---


Wäre super wenn ihr mir helfen könntet!
Liebe Grüße

EDIT: Ein 2ter vollständiger Scan über Malewarebytes ergab nichts.

t'john 22.07.2012 21:50
:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
MOD - C:\Users\uwe schafstall\AppData\Roaming\13001.028\components\AcroFF.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1027E1BA-F410-4B39-A305-B4006A6CB8B8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FEDBCE52-1124-427A-8036-75734638A046&apn_sauid=C3556903-998A-4B3B-BDE3-B42E90AD7ACC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE394
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}: "URL" = http://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=814
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.8.1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [lxdjamon] C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe ()
O4:64bit: - HKLM..\Run: [lxdjmon.exe] "C:\Program Files (x86)\Lexmark 1400 Series\lxdjmon.exe" File not found
O4:64bit: - HKLM..\Run: [PLD_FrameworkRun] c:\windows\system32\oem\setEvent.exe File not found
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup\rsrc\autorun.exe

 
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
[2011.04.01 16:58:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.01 16:58:27 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com
[2011.04.01 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.12 20:35:02 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\askcom.xml
[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\conduit.xml
[2012.04.21 19:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Extensions
[2012.04.21 19:08:49 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\Search_Results.xml
[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.12 16:23:36 | 000,002,060 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\softonic.xml
[2012.06.26 18:05:30 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.26 18:05:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.26 18:05:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.26 18:05:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.26 18:05:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.26 18:05:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.26 18:05:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml


[2012.07.22 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto
[2012.07.22 13:51:46 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto
[2012.07.22 13:19:30 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\UAs
[2012.07.22 13:19:30 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\UAs
[2012.07.22 01:30:56 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\UWE SCHAFSTALL\APPDATA\ROAMING\13001.028
[2012.07.22 01:30:56 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028
[2012.07.22 01:30:36 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm
[2012.07.22 01:30:34 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\kock
[2012.07.22 01:30:48 | 000,000,034 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\blckdom.res
[2012.07.22 01:30:56 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028
[2012.07.22 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\kock
[2012.07.22 01:30:36 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm

[2012.07.22 14:42:56 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-uwe schafstall-Startup.job
[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-uwe schafstall-Startup.job
[2012.07.22 14:17:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Nico22 26.07.2012 00:58
Dies kam dabei raus:

Error: Unable to interpret <OTL Logfile:
Code:
OTL logfile created on: 22.07.2012 14:54:53 - Run 1> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\uwe schafstall\Downloads> in the current context!
Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 8.0.7601.17514)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,98 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 79,88% Memory free> in the current context!
Error: Unable to interpret <7,97 Gb Paging File | 7,18 Gb Available in Paging File | 90,16% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 458,45 Gb Total Space | 327,92 Gb Free Space | 71,53% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive D: | 458,77 Gb Total Space | 133,61 Gb Free Space | 29,12% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: UWESCHAFSTALL | User Name: uwe schafstall | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - C:\Users\uwe schafstall\Downloads\OTL.exe (OldTimer Tools)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - C:\Users\uwe schafstall\AppData\Roaming\13001.028\components\AcroFF.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()> in the current context!
Error: Unable to interpret <MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()> in the current context!
Error: Unable to interpret <SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()> in the current context!
Error: Unable to interpret <SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell)> in the current context!
Error: Unable to interpret <SRV:64bit: - (lxdj_device) -- C:\Windows\SysNative\lxdjcoms.exe ( )> in the current context!
Error: Unable to interpret <SRV:64bit: - (lxdjCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdjserv.exe ()> in the current context!
Error: Unable to interpret <SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()> in the current context!
Error: Unable to interpret <SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)> in the current context!
Error: Unable to interpret <SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)> in the current context!
Error: Unable to interpret <SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)> in the current context!
Error: Unable to interpret <SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()> in the current context!
Error: Unable to interpret <SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)> in the current context!
Error: Unable to interpret <SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)> in the current context!
Error: Unable to interpret <SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)> in the current context!
Error: Unable to interpret <SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)> in the current context!
Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <SRV - (lxdjCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdjserv.exe ()> in the current context!
Error: Unable to interpret <SRV - (lxdj_device) -- C:\Windows\SysWOW64\lxdjcoms.exe ( )> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context!
Error: Unable to interpret <DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context!
Error: Unable to interpret <DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context!
Error: Unable to interpret <DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)> in the current context!
Error: Unable to interpret <DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)> in the current context!
Error: Unable to interpret <DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)> in the current context!
Error: Unable to interpret <DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)> in the current context!
Error: Unable to interpret <DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)> in the current context!
Error: Unable to interpret <DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360810z106pe455v165w4681t841> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=10&cc=> in the current context!
Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{1027E1BA-F410-4B39-A305-B4006A6CB8B8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FEDBCE52-1124-427A-8036-75734638A046&apn_sauid=C3556903-998A-4B3B-BDE3-B42E90AD7ACC> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE394> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050> in the current context!
Error: Unable to interpret <IE - HKCU\..\SearchScopes\{ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=814> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultengine: "Ask.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "Ask.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.order.1: "Ask.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Google"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.update: false> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406"> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.8.1.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.21 23:18:21 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.21 23:18:21 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.02.23 21:32:13 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 18:05:30 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.22 22:30:27 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\uwe schafstall\AppData\Roaming\13001.028 [2012.07.22 01:30:56 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.26 18:05:30 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.22 22:30:27 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.04.21 19:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2012.06.27 16:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions> in the current context!
Error: Unable to interpret <[2012.06.27 16:36:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}> in the current context!
Error: Unable to interpret <[2012.04.21 19:08:49 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}> in the current context!
Error: Unable to interpret <[2011.04.01 16:58:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}> in the current context!
Error: Unable to interpret <[2011.05.07 14:24:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\battlefieldplay4free@ea.com> in the current context!
Error: Unable to interpret <[2011.04.01 16:58:27 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com> in the current context!
Error: Unable to interpret <[2011.08.23 03:12:10 | 000,000,000 | ---D | M] (Gutscheinmieze) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\gutscheinmieze@synatix-gmbh.de> in the current context!
Error: Unable to interpret <[2012.06.12 20:35:02 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com> in the current context!
Error: Unable to interpret <[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\askcom.xml> in the current context!
Error: Unable to interpret <[2011.03.15 13:21:54 | 000,000,931 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\conduit.xml> in the current context!
Error: Unable to interpret <[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\Search_Results.xml> in the current context!
Error: Unable to interpret <[2012.06.12 16:23:36 | 000,002,060 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\softonic.xml> in the current context!
Error: Unable to interpret <[2012.05.24 21:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context!
Error: Unable to interpret <[2012.05.24 21:33:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:56 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\UWE SCHAFSTALL\APPDATA\ROAMING\13001.028> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:30 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2010.08.24 14:57:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll> in the current context!
Error: Unable to interpret <[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2012.04.21 19:08:46 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2012.06.26 18:05:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Chrome  ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CHR - default_search_provider:  ()> in the current context!
Error: Unable to interpret <CHR - default_search_provider: search_url = > in the current context!
Error: Unable to interpret <CHR - default_search_provider: suggest_url = > in the current context!
Error: Unable to interpret <CHR - homepage: hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=48&cc=> in the current context!
Error: Unable to interpret <CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.153.1_0\> in the current context!
Error: Unable to interpret <CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\> in the current context!
Error: Unable to interpret <CHR - Extension: No name found = C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20100919120818.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101225220159.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [lxdjamon] C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe ()> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [lxdjmon.exe] "C:\Program Files (x86)\Lexmark 1400 Series\lxdjmon.exe" File not found> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [PLD_FrameworkRun] c:\windows\system32\oem\setEvent.exe File not found> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: []  File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [NPSStartup]  File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [WinSCard] C:\Users\uwe schafstall\AppData\Local\Microsoft\Windows\25\WinSCard.exe ()> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context!
Error: Unable to interpret <O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)> in the current context!
Error: Unable to interpret <O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.4.1)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.103.78 192.168.0.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A778355-EDCC-4EDE-B22C-C1E985BE7681}: DhcpNameServer = 80.69.100.182 192.168.0.1> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B3E18C5-6BCD-4A29-A740-0403DE581506}: DhcpNameServer = 80.69.103.78 192.168.0.1> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found> in the current context!
Error: Unable to interpret <O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup\rsrc\autorun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\Shell\dinstall\command - "" = E:\Directx\dxsetup.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context!
Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.22 14:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:39 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2012.07.22 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto> in the current context!
Error: Unable to interpret <[2012.07.22 13:19:30 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\UAs> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:56 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:36 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:34 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\kock> in the current context!
Error: Unable to interpret <[2012.07.21 16:05:36 | 000,000,000 | ---D | C] -- C:\Users\uwe schafstall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoD2 - Version Changer> in the current context!
Error: Unable to interpret <[2012.07.17 21:56:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll> in the current context!
Error: Unable to interpret <[2012.07.17 21:56:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll> in the current context!
Error: Unable to interpret <[2012.07.17 21:55:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll> in the current context!
Error: Unable to interpret <[2012.07.17 21:55:48 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll> in the current context!
Error: Unable to interpret <[2012.07.17 21:55:47 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll> in the current context!
Error: Unable to interpret <[2012.06.29 14:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision> in the current context!
Error: Unable to interpret <[2012.06.29 14:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:49 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:49 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:23 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:23 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:23 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:10 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll> in the current context!
Error: Unable to interpret <[2012.06.23 02:22:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe> in the current context!
Error: Unable to interpret <[2009.10.12 13:24:23 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe> in the current context!
Error: Unable to interpret <[1 C:\Users\uwe schafstall\AppData\Roaming\*.tmp files -> C:\Users\uwe schafstall\AppData\Roaming\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.22 14:48:42 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk> in the current context!
Error: Unable to interpret <[2012.07.22 14:45:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012.07.22 14:45:10 | 3208,544,256 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2012.07.22 14:42:56 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-uwe schafstall-Startup.job> in the current context!
Error: Unable to interpret <[2012.07.22 14:30:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.07.22 14:17:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2012.07.22 14:16:38 | 000,000,034 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\blckdom.res> in the current context!
Error: Unable to interpret <[2012.07.22 13:58:51 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.07.22 13:58:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012.07.22 01:31:07 | 000,006,400 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\BAcroIEHelpe.dll> in the current context!
Error: Unable to interpret <[2012.07.22 01:31:06 | 000,268,992 | ---- | M] () -- C:\Users\uwe schafstall\AppData\Roaming\AcroIEHelpe.dll> in the current context!
Error: Unable to interpret <[2012.07.18 15:52:58 | 000,000,286 | ---- | M] () -- C:\Windows\game.ini> in the current context!
Error: Unable to interpret <[2012.07.18 13:47:40 | 000,343,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2012.07.17 22:17:30 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk> in the current context!
Error: Unable to interpret <[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2012.07.02 21:53:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe> in the current context!
Error: Unable to interpret <[2012.07.02 21:51:44 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe> in the current context!
Error: Unable to interpret <[2012.06.29 15:10:58 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk> in the current context!
Error: Unable to interpret <[2012.06.29 15:10:58 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk> in the current context!
Error: Unable to interpret <[2012.06.29 13:29:24 | 000,282,472 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr> in the current context!
Error: Unable to interpret <[2012.06.29 13:25:47 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0> in the current context!
Error: Unable to interpret <[1 C:\Users\uwe schafstall\AppData\Roaming\*.tmp files -> C:\Users\uwe schafstall\AppData\Roaming\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012.07.22 14:30:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk> in the current context!
Error: Unable to interpret <[2012.07.22 01:31:07 | 000,006,400 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\BAcroIEHelpe.dll> in the current context!
Error: Unable to interpret <[2012.07.22 01:31:06 | 000,268,992 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\AcroIEHelpe.dll> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:48 | 000,000,034 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\blckdom.res> in the current context!
Error: Unable to interpret <[2012.07.18 15:52:58 | 000,000,286 | ---- | C] () -- C:\Windows\game.ini> in the current context!
Error: Unable to interpret <[2012.06.29 15:10:58 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk> in the current context!
Error: Unable to interpret <[2012.06.29 15:10:58 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk> in the current context!
Error: Unable to interpret <[2012.06.12 16:28:17 | 000,000,246 | ---- | C] () -- C:\Windows\wininit.ini> in the current context!
Error: Unable to interpret <[2012.05.19 19:58:41 | 000,000,102 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Local\fusioncache.dat> in the current context!
Error: Unable to interpret <[2012.05.19 19:57:31 | 001,554,702 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.12.17 13:56:29 | 000,000,000 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Local\{E4C01B19-4D93-43A1-AD58-791CFC8F37E5}> in the current context!
Error: Unable to interpret <[2011.10.26 12:26:40 | 000,000,040 | ---- | C] () -- C:\Users\uwe schafstall\jagex_cl_runescape_LIVE.dat> in the current context!
Error: Unable to interpret <[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat> in the current context!
Error: Unable to interpret <[2011.05.07 14:47:10 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe> in the current context!
Error: Unable to interpret <[2011.05.07 14:47:08 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe> in the current context!
Error: Unable to interpret <[2011.04.20 23:11:50 | 000,000,882 | ---- | C] () -- C:\Users\uwe schafstall\.recently-used.xbel> in the current context!
Error: Unable to interpret <[2011.02.18 15:18:51 | 000,000,129 | ---- | C] () -- C:\Users\uwe schafstall\jagex_runescape_preferences2.dat> in the current context!
Error: Unable to interpret <[2011.02.18 15:18:10 | 000,000,035 | ---- | C] () -- C:\Users\uwe schafstall\jagex_runescape_preferences.dat> in the current context!
Error: Unable to interpret <[2011.02.12 16:59:01 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\UpdateDriver.exe> in the current context!
Error: Unable to interpret <[2011.02.12 16:59:00 | 000,005,224 | ---- | C] () -- C:\Windows\SysWow64\ucuiinfo.ini> in the current context!
Error: Unable to interpret <[2011.01.25 16:23:10 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI> in the current context!
Error: Unable to interpret <[2010.12.25 12:49:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat> in the current context!
Error: Unable to interpret <[2010.10.22 16:02:09 | 000,000,082 | ---- | C] () -- C:\Users\uwe schafstall\edencity.ini> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:47 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjinpa.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:47 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdjcomx.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:47 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\lxdjinst.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpmui.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:46 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjiesc.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:45 | 000,999,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjusb1.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 001,232,896 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjserv.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjlmpm.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjih.exe> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjppls.exe> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjprox.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpplc.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:43 | 000,700,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjhbn3.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:43 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomc.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:43 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcoms.exe> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:43 | 000,425,984 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomm.dll> in the current context!
Error: Unable to interpret <[2010.08.27 19:31:43 | 000,394,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcfg.exe> in the current context!
Error: Unable to interpret <[2010.08.27 19:25:01 | 000,000,000 | ---- | C] () -- C:\Users\uwe schafstall\AppData\Roaming\wklnhst.dat> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2010.12.26 00:46:12 | 000,000,000 | -HSD | M] -- C:\Users\uwe schafstall\AppData\Roaming\.#> in the current context!
Error: Unable to interpret <[2012.06.12 20:27:34 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\.minecraft> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:56 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\13001.028> in the current context!
Error: Unable to interpret <[2012.03.20 22:07:58 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1> in the current context!
Error: Unable to interpret <[2011.11.29 17:42:41 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoft> in the current context!
Error: Unable to interpret <[2011.04.01 16:58:16 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context!
Error: Unable to interpret <[2010.08.27 21:00:56 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\GameConsole> in the current context!
Error: Unable to interpret <[2011.08.23 03:12:10 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Gutscheinmieze> in the current context!
Error: Unable to interpret <[2012.07.22 13:51:46 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\hellomoto> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\kock> in the current context!
Error: Unable to interpret <[2010.12.11 18:36:40 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Lexmark Productivity Studio> in the current context!
Error: Unable to interpret <[2011.05.08 13:46:06 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\PhotoScape> in the current context!
Error: Unable to interpret <[2010.12.26 00:11:15 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\PowerCinema> in the current context!
Error: Unable to interpret <[2011.05.08 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Samsung> in the current context!
Error: Unable to interpret <[2010.08.27 18:55:49 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\SoftDMA> in the current context!
Error: Unable to interpret <[2010.08.27 19:25:03 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\Template> in the current context!
Error: Unable to interpret <[2011.11.20 18:23:22 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\TIPP10> in the current context!
Error: Unable to interpret <[2012.07.22 13:19:30 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\UAs> in the current context!
Error: Unable to interpret <[2012.07.22 01:30:36 | 000,000,000 | ---D | M] -- C:\Users\uwe schafstall\AppData\Roaming\xmldm> in the current context!
Error: Unable to interpret <[2012.03.19 20:44:56 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret <[2012.07.22 14:42:53 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-uwe schafstall-Startup.job> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Unicode (All) ==========> in the current context!
Error: Unable to interpret <[2010.09.19 22:10:33 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?L) -- C:\Windows\SysNative\麰L> in the current context!
Error: Unable to interpret <[2010.09.19 22:10:33 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?L) -- C:\Windows\SysNative\麰L> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:AB689DEA> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838> in the current context!
Error: Unable to interpret << End of report >
--- --- ---
> in the current context!
Error: Unable to interpret < > in the current context!

OTL by OldTimer - Version 3.2.54.0 log created on 07262012_015541

t'john 26.07.2012 10:56
Du musst den FIX in OTL einfuegen!!!
Du hast das Log reinkopiert!

Nochmal! Anleitung bachten!

Nico22 26.07.2012 15:38
sry, mein fehler :s

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found.
File c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1027E1BA-F410-4B39-A305-B4006A6CB8B8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1027E1BA-F410-4B39-A305-B4006A6CB8B8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECAE4F22-0EDD-45C3-979A-A5FF4E44A199}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.update
Prefs.js: "hxxp://www.searchnu.com/406" removed from browser.startup.homepage
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 removed from extensions.enabledItems
Prefs.js: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 removed from extensions.enabledItems
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.8.1.0 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Prefs.js: battlefieldplay4free@ea.com:1.0.53.2 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Prefs.js: gutscheinmieze@synatix-gmbh.de:1.03 removed from extensions.enabledItems
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lxdjamon deleted successfully.
C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\lxdjmon.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PLD_FrameworkRun deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\snpstd3 deleted successfully.
C:\Windows\vsnpstd3.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files (x86)\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\F5D7050v3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53d0f6c2-6d4e-11df-9b77-806e6f6e6963}\ not found.
File E:\Setup\rsrc\autorun.exe not found.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:93DE1838 deleted successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\DVDVideoSoftIEHelpers folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\askcom.xml moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\conduit.xml moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\Search_Results.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\searchplugins\softonic.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\hellomoto folder moved successfully.
Folder C:\Users\uwe schafstall\AppData\Roaming\hellomoto\ not found.
C:\Users\uwe schafstall\AppData\Roaming\UAs folder moved successfully.
Folder C:\Users\uwe schafstall\AppData\Roaming\UAs\ not found.
C:\USERS\UWE SCHAFSTALL\APPDATA\ROAMING\13001.028\components folder moved successfully.
C:\USERS\UWE SCHAFSTALL\APPDATA\ROAMING\13001.028 folder moved successfully.
Folder C:\Users\uwe schafstall\AppData\Roaming\13001.028\ not found.
C:\Users\uwe schafstall\AppData\Roaming\xmldm folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\kock folder moved successfully.
C:\Users\uwe schafstall\AppData\Roaming\blckdom.res moved successfully.
Folder C:\Users\uwe schafstall\AppData\Roaming\13001.028\ not found.
Folder C:\Users\uwe schafstall\AppData\Roaming\kock\ not found.
Folder C:\Users\uwe schafstall\AppData\Roaming\xmldm\ not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\WinMaximizer-uwe schafstall-Startup.job moved successfully.
File C:\Windows\Tasks\WinMaximizer-uwe schafstall-Startup.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\uwe schafstall\Downloads\cmd.bat deleted successfully.
C:\Users\uwe schafstall\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: uwe schafstall
->Temp folder emptied: 34407344 bytes
->Temporary Internet Files folder emptied: 1315508 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 30407160 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 689 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 529706 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 64,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: uwe schafstall
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.54.0 log created on 07262012_162857

Files\Folders moved on Reboot...
File move failed. C:\Users\uwe schafstall\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012.07.22 17:22:22 | 000,000,000 | ---- | M] () C:\Users\uwe schafstall\AppData\Local\Temp\FXSAPIDebugLogFile.txt : Unable to obtain MD5

Registry entries deleted on Reboot...


mfg Nico

t'john 26.07.2012 15:39
Sehr gut! :daumenhoc

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Nico22 26.07.2012 16:55
Ein erster Scan, den ich dummerweise abbrechen musste ergab folgendes:
(nach diesem Scan lief windows bereits einwandfrei, wofür ich mich herzlich bedanken möchte :-).)


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.11

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7601.17514
uwe schafstall :: UWESCHAFSTALL [Administrator]

Schutz: Deaktiviert

26.07.2012 16:47:46
mbam-log-2012-07-26 (16-47-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 45367
Laufzeit: 2 Minute(n), 45 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WinSCard (Trojan.Agent.3D) -> Daten: C:\Users\uwe schafstall\AppData\Local\Microsoft\Windows\25\WinSCard.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\uwe schafstall\AppData\Local\Microsoft\Windows\25\WinSCard.exe (Trojan.Agent.3D) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Hier der vollständige Scan:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
uwe schafstall :: UWESCHAFSTALL [Administrator]

Schutz: Aktiviert

26.07.2012 16:55:39
mbam-log-2012-07-26 (16-55-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 389538
Laufzeit: 46 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0

(Ende)


AWD ergab:
# AdwCleaner v1.703 - Logfile created 07/26/2012 at 17:48:41
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : uwe schafstall - UWESCHAFSTALL
# Running from : C:\Users\uwe schafstall\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\uwe schafstall\AppData\Local\Conduit
Folder Found : C:\Users\UWESCH~1\AppData\Local\Temp\boost_interprocess
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\Conduit
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\DVDVideoSoftTB
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\PriceGong
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\searchquband
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\uwe schafstall\AppData\LocalLow\Softonic
Folder Found : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\Conduit
Folder Found : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\ConduitCommon
Folder Found : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\ConduitEngine
Folder Found : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\Searchqutoolbar
Folder Found : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DVDVideoSoftTB
Folder Found : C:\Program Files (x86)\Searchqu Toolbar
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Found : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\DVDVideoSoftTB
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Found : HKLM\SOFTWARE\SearchquMediabarTb
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
[x64] Key Found : HKCU\Software\APN
[x64] Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\Ask.com
[x64] Key Found : HKCU\Software\DataMngr
[x64] Key Found : HKCU\Software\DataMngr_Toolbar
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
[x64] Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
[x64] Key Found : HKLM\SOFTWARE\DataMngr
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\uwe schafstall\AppData\Roaming\Mozilla\Firefox\Profiles\kzwwx02r.default\prefs.js

Found : user_pref("CT2269050..clientLogIsEnabled", false);
Found : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.AppTrackingLastCheckTime", "Sat Jun 23 2012 02:18:51 GMT+0200");
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129575150554007677", true);
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129705015340022508", true);
Found : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Found : user_pref("CT2269050.CT2269050", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "26-7-2012");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DialogsGetterLastCheckTime", "Thu Jul 26 2012 01:53:27 GMT+0200");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Thu Jul 26 2012 17:45:53 GMT+0200");
Found : user_pref("CT2269050.FirstServerDate", "2-4-2011");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.HasUserGlobalKeys", true);
Found : user_pref("CT2269050.HomePageProtectorEnabled", false);
Found : user_pref("CT2269050.HomepageBeforeUnload", "google.de");
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2269050.InstallationId", "StubInstaller");
Found : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Found : user_pref("CT2269050.InstalledDate", "Sat Apr 02 2011 11:40:17 GMT+0200");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsAlertDBUpdated", true);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", true);
Found : user_pref("CT2269050.IsOpenUninstallPage", true);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Thu Jul 26 2012 01:53:28 GMT+0200");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_3.10.0.1", "Mon Apr 23 2012 17:03:07 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.12.0.7", "Sat Apr 28 2012 15:20:35 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 23:51:20 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 14:19:23 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.14.1.0", "Thu Jul 26 2012 16:18:59 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.3.3.2", "Sat Oct 01 2011 11:41:00 GMT+0200");
Found : user_pref("CT2269050.LastLogin_3.8.1.0", "Thu Mar 22 2012 21:20:32 GMT+0100");
Found : user_pref("CT2269050.LatestVersion", "3.14.1.0");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Thu Jul 26 2012 01:53:27 GMT+0200");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2269050.SearchBoxWidth", 153);
Found : user_pref("CT2269050.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Thu Jul 26 2012 01:53:26 GMT+0200");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2269050.SearchProtectorEnabled", false);
Found : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2269050.ServiceMapLastCheckTime", "Thu Jul 26 2012 01:53:26 GMT+0200");
Found : user_pref("CT2269050.SettingsLastCheckTime", "Thu Jul 26 2012 16:18:58 GMT+0200");
Found : user_pref("CT2269050.SettingsLastUpdate", "1341904940");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Thu Jul 26 2012 01:53:26 GMT+0200");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Found : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2269050.UserID", "UN42242411576594652");
Found : user_pref("CT2269050.ValidationData_Search", 0);
Found : user_pref("CT2269050.ValidationData_Toolbar", 2);
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Thu Jul 26 2012 17:45:54 GMT+0200");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.approveUntrustedApps", false);
Found : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Found : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Found : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Found : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Found : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Found : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6D6F716E75727675");
Found : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473737577747B787C7B242F4B4947[...]
Found : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Found : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Found : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj1j@>?d#ncf", "247E61393F236B256F7877742A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj6<?@5\"mbe", "247E61393F236B25717770732A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj7;chgjd$nn", "247E61393F236B25717277732A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj7@3=i\"mbe", "247E61393F236B25707876792A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj7c==!mk>>@oijrf,wlo", "247E61393F236B25727579752A212C[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj7c==>fbj%peh", "247E61393F236B25737572722A212C6E414F4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj8j@=fco<@nf(shk", "247E61393F236B25737676712A212C6E41[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj:?k?i;$>bdbac*tt", "247E61393F236B25747072742A212C6E4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj;ig4kca=jjfn)til", "247E61393F236B257678717A742B222D6[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj=b99i==am;'qq", "247E61393F236B25717172782A212C6E414F[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj>bggi=ocnd'qq", "247E61393F236B25717176712A212C6E414F[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj?j:?i9oe&fonuddjhv/yy", "247E61393F236B25756F77732A21[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cj@b>5!lad", "247E61393F236B25757076742A212C6E414F444D3[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjb<@ae<<l@pe(shk", "247E61393F236B25757378792A212C6E41[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjdjihl@af%peh", "247E61393F236B25767172727A2B222D6F425[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cje6:>!kkef&qfi", "247E61393F236B25757876752A212C6E414F[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cje>c;m;k>%peh", "247E61393F236B256E7074752A212C6E414F4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cje?jh@8oen&pp", "247E61393F236B2576767372782B222D6F425[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjegk9i<#mm", "247E61393F236B25706F73772A212C6E414F444D[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjeik4!kk", "247E61393F236B25767177722A212C6E414F444D32[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjeik4!lad", "247E61393F236B25767179732A212C6E414F444D3[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjf9g:;#jb@'hpcd+uu", "247E61393F236B25767479732A212C6E[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjfff!;gaa%peh", "247E61393F236B25717277792A212C6E414F4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjg<>f;;o?%oo", "247E61393F236B256F7673792A212C6E414F44[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cji8=:!lad", "247E61393F236B257378287E2A6C3F4D424B30783[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cji;<ai\"mbe", "247E61393F236B256E7378762A212C6E414F444[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cji>k3?a#mm", "247E61393F236B257377287E2A6C3F4D424B3078[...]
Found : user_pref("CT2269050.backendstorage./9b+7e31;cjiig;k=adpjo(shk", "247E61393F236B2576787729202B6D404E[...]
Found : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Found : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Found : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Found : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Found : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Found : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Found : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Found : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Found : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Found : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Found : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Found : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Found : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Found : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Found : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Found : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Found : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Found : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Found : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Found : user_pref("CT2269050.backendstorage./9b-0?3g>d", "6A6A3B41427274427A4375787920797E7A4B257A7B7C522A7E[...]
Found : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Found : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D464[...]
Found : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3A3C406D724344767A444345454B7D4B7D4F785150");
Found : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6D6F716E7572776F76787B");
Found : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2269050.backendstorage.autocompletepro_enable", "31");
Found : user_pref("CT2269050.backendstorage.autocompletepro_enable_auto", "31");
Found : user_pref("CT2269050.backendstorage.cbcountry_000", "4445");
Found : user_pref("CT2269050.backendstorage.cbfirsttime", "4D6F6E2041707220313620323031322032313A34323A31342[...]
Found : user_pref("CT2269050.backendstorage.ct2269050ads1", "25374225323261647325323225334125354225374225323[...]
Found : user_pref("CT2269050.backendstorage.ct2269050current_term", "74726F6A616E65722B626F617264");
Found : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "66616C7365");
Found : user_pref("CT2269050.backendstorage.ct2269050sdate", "3236");
Found : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "547565204A756C20333120323031322030313A[...]
Found : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Found : user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F7777772E78766964656F732E636F6D2[...]
Found : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Found : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Tue Jul 17 2012 22:16:05 GMT+0200");
Found : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2269050.initDone", true);
Found : user_pref("CT2269050.isAppTrackingManagerOn", true);
Found : user_pref("CT2269050.isFirstRadioInstallation", false);
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129853623028165512,129[...]
Found : user_pref("CT2269050.revertSettingsEnabled", true);
Found : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Found : user_pref("CT2269050.testingCtid", "");
Found : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Thu Jul 26 2012 01:53:27 GMT+0200");
Found : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sat Jul 21 2012 13:36:25 GMT+0200");
Found : user_pref("CT2269050.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2269050&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"229[...]
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\uwe schafstall\\AppData\\Roaming\\M[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 02 2011 11:40:17 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertEnabled", true);
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Nov 28 2011 21:38:56 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Nov 28 2011 21:38:48 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "082a67e2-4663-4157-9b23-046455c07185");
Found : user_pref("CommunityToolbar.globalUserId", "8a00c8b9-f89f-4f78-bd52-ee09a1d3c32b");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Found : user_pref("CommunityToolbar.killedEngine", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jul 26 2012 01:53:2[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 26 2012 01:53:36 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 26 2012 01:53:28 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "d93134ca-2707-4bef-b5b0-22cf814081ee");
Found : user_pref("CommunityToolbar.undefined", "");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Nov 28 2011 21:38:54 GMT+0100");
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "orgnl");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.dfltLng", "");
Found : user_pref("extensions.Softonic.dfltSrch", true);
Found : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.dspOld", "Search Results");
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&[...]
Found : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc[...]
Found : user_pref("extensions.Softonic.hpOld", "hxxp://www.searchnu.com/406");
Found : user_pref("extensions.Softonic.id", "fe54a85e0000000000009444524666b4");
Found : user_pref("extensions.Softonic.instlDay", "15503");
Found : user_pref("extensions.Softonic.instlRef", "MON00001");
Found : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=[...]
Found : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1[...]
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Found : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Found : user_pref("extensions.Softonic.tlbrId", "base");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.vrsn", "1.5.24.3");
Found : user_pref("extensions.Softonic.vrsni", "1.5.24.3");
Found : user_pref("extensions.Softonic_i.dnsErr", true);
Found : user_pref("extensions.Softonic_i.hmpg", true);
Found : user_pref("extensions.Softonic_i.newTab", false);
Found : user_pref("extensions.Softonic_i.smplGrp", "none");
Found : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.316:28:16");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\uwe schafstall\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "name" : "Search the web (Softonic)",
Found : "search_url" : "hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=49&cc=",
Found : "homepage" : "hxxp://www.searchnu.com/406",
Found : "urls_to_restore_on_startup" : [ "hxxp://www.searchnu.com/406" ]

*************************

AdwCleaner[R1].txt - [42356 octets] - [26/07/2012 17:48:41]

########## EOF - C:\AdwCleaner[R1].txt - [42485 octets] ##########


Ich hoffe ich bin den Fießling nun los

Mfg Nico

t'john 26.07.2012 16:59
Sehr gut! :daumenhoc


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

t'john 09.08.2012 09:33
Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:57 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131