live security platinum
 

ich hab mir heute leider diesen blöden virus eingefangen und bitte euch mir zu helfen.

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

26.07.2012 17:19:03
mbam-log-2012-07-26 (17-19-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 393714
Laufzeit: 2 Stunde(n), 57 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Toshiba\Drivers\DVD\DirectX\tdxinstall.exe (Spyware.Zbot.OUT) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3b1c8303-27e5ee22 (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Hallo Arne,
ja ich habe mit Malwarebytes schon meherere Quikscans und auch vollständige Suchläufe durchgeführt....wenn ich unter Logdateien gehe stehen da alle Scans einzeln aufgeführt. Wenn ich die einzelnen Posten anklicke geht ein kleines Fenster auf, soll ich das von allen Scans kopieren und hier einfügen, oder nun von dem letzten vollständigen Scan? Bitte nicht lachen :) hab wirklich nicht viel Ahnung von PC! LG

Nein, davon will ich bitte alle sehen

So, jetzt gehts los :)

2012/07/30 00:36:25 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/30 00:36:37 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/30 00:36:37 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.28.07 to version v2012.07.29.09
2012/07/30 00:36:40 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/30 17:11:17 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/30 17:11:20 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/30 17:11:23 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/30 17:11:23 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753


2012/07/29 00:35:42 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/29 00:35:52 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/29 00:35:52 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.27.11 to version v2012.07.28.07
2012/07/29 00:36:07 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/29 20:11:32 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/29 20:11:37 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/29 20:11:40 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/29 20:11:40 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753


2012/07/28 00:40:54 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/28 00:41:05 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/28 00:41:05 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.26.16 to version v2012.07.27.11
2012/07/28 00:41:26 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully


2012/07/27 01:01:25 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/27 01:01:35 +0200 SHORTYTINE-PC shortytine MESSAGE Scheduled update executed successfully: database updated from version v2012.07.26.11 to version v2012.07.26.16
2012/07/27 01:01:35 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/27 01:01:37 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully


2012/07/26 16:27:25 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 16:27:30 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 16:27:33 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 16:27:33 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/07/26 16:27:42 +0200 SHORTYTINE-PC shortytine MESSAGE Starting database refresh
2012/07/26 16:27:48 +0200 SHORTYTINE-PC shortytine MESSAGE Database refreshed successfully
2012/07/26 16:43:07 +0200 SHORTYTINE-PC shortytine MESSAGE Executing scheduled update: Daily
2012/07/26 16:43:08 +0200 SHORTYTINE-PC shortytine MESSAGE Database already up-to-date
2012/07/26 17:18:02 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 17:18:06 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 17:18:09 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 17:18:09 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/07/26 20:34:15 +0200 SHORTYTINE-PC shortytine MESSAGE Starting protection
2012/07/26 20:34:19 +0200 SHORTYTINE-PC shortytine MESSAGE Protection started successfully
2012/07/26 20:34:22 +0200 SHORTYTINE-PC shortytine MESSAGE Starting IP protection
2012/07/26 20:34:22 +0200 SHORTYTINE-PC shortytine ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.29.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

30.07.2012 13:44:24
mbam-log-2012-07-30 (13-44-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 397228
Laufzeit: 3 Stunde(n), 6 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\shortytine\AppData\Local\Temp\tmp59606db0\jquery-uigui.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\Temp\tmp848dc81c\jquery-uigui.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.16

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

27.07.2012 18:48:16
mbam-log-2012-07-27 (18-48-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 395087
Laufzeit: 2 Stunde(n), 46 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.16

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

27.07.2012 18:43:00
mbam-log-2012-07-27 (18-43-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203683
Laufzeit: 5 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [Administrator]

Schutz: Aktiviert

26.07.2012 17:19:03
mbam-log-2012-07-26 (17-19-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 393714
Laufzeit: 2 Stunde(n), 57 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Toshiba\Drivers\DVD\DirectX\tdxinstall.exe (Spyware.Zbot.OUT) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\shortytine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3b1c8303-27e5ee22 (Spyware.Zbot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.07.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
shortytine :: SHORTYTINE-PC [limitiert]

Schutz: Aktiviert

26.07.2012 16:38:34
mbam-log-2012-07-26 (16-38-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203668
Laufzeit: 7 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\shortytine\Downloads\SoftonicDownloader_fuer_kaspersky-free-cleaner.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


So, das waren alle, hoffe du kannst damit was anfangen,
LG emmibemmi

Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

• Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
• Dein Anti-Virus-Programm während des Scans deaktivieren.
  
  Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
  • Firefox-User:
    Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
  • IE-User:
    müssen das Installieren eines ActiveX Elements erlauben.
• Setze den einen Haken bei Yes, i accept the Terms of Use.
• Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
• Warte bis die Komponenten herunter geladen wurden.
• Setze einen Haken bei "Scan archives".
• Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
• http://img707.imageshack.us/img707/687/starteg.jpg drücken.
• Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

• Klicke Finish.
• Browser schließen.

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Poste nun den Inhalt der log.txt.

Hallo Arne, habe jetzt nach deiner Anweisung ESET ausgeführt, hier das Ergebnis:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=964901916e17eb449cb12c9b74e65b21
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-31 12:39:43
# local_time=2012-07-31 02:39:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 14320460 14320460 0 0
# compatibility_mode=5892 16776574 66 100 446561 181263672 0 0
# compatibility_mode=8192 67108863 100 0 159 159 0 0
# scanned=201078
# found=1
# cleaned=0
# scan_time=7438
C:\Users\shortytine\Downloads\Programme\SweetImSetup (2).exe a variant of Win32/SweetIM.A application (unable to clean) 00000000000000000000000000000000 I


LG emmibemmi

Vermüllte Software von Softonic scheint gerade stark in Mode zu sein! http://cosgan.de/images/midi/boese/a040.gif

Finger weg von Softonic!! :pfui:

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Search.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Hallo Arne, hier der Inhalt von der Log Datei,LG emmibemmi

# AdwCleaner v1.703 - Logfile created 07/31/2012 at 20:56:31
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : shortytine - SHORTYTINE-PC
# Running from : C:\Users\shortytine\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Found : C:\Users\shortytine\AppData\LocalLow\Conduit
Folder Found : C:\Users\shortytine\AppData\LocalLow\PriceGong
Folder Found : C:\Users\shortytine\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Gast\AppData\LocalLow\PriceGong
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\Conduit
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitCommon
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitEngine
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\SweetIMToolbarData
Folder Found : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Program Files\PriceGong
Folder Found : C:\Program Files\Softonic
Folder Found : C:\Program Files\SweetIM
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

***** [H. Navipromo] *****

File Found : C:\Users\shortytine\AppData\Local\qiueiam.bat
File Found : C:\Users\shortytine\AppData\Local\qiueiam.dat
File Found : C:\Users\shortytine\AppData\Local\qiueiam_nav.dat
File Found : C:\Users\shortytine\AppData\Local\qiueiam_navps.dat

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIm
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Found : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Found : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Found : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\SOFTWARE\SweetIM
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Found : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\prefs.js

Found : user_pref("CT2431245..clientLogIsEnabled", false);
Found : user_pref("CT2431245..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2431245..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2431245.AppTrackingLastCheckTime", "Sat May 26 2012 07:17:15 GMT+0200");
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129453394044193841", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129659302539581540", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129682601309982614", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129780209672379590", true);
Found : user_pref("CT2431245.BrowserCompStateIsOpen_129790544018252482", true);
Found : user_pref("CT2431245.CTID", "CT2431245");
Found : user_pref("CT2431245.CurrentServerDate", "31-7-2012");
Found : user_pref("CT2431245.DialogsAlignMode", "LTR");
Found : user_pref("CT2431245.DialogsGetterLastCheckTime", "Mon Jul 30 2012 08:19:01 GMT+0200");
Found : user_pref("CT2431245.DownloadReferralCookieData", "");
Found : user_pref("CT2431245.EMailNotifierPollDate", "Wed Dec 15 2010 22:04:47 GMT+0100");
Found : user_pref("CT2431245.EnableClickToSearchBox", false);
Found : user_pref("CT2431245.EnableSearchHistory", true);
Found : user_pref("CT2431245.EnableSearchSuggest", false);
Found : user_pref("CT2431245.FeedLastCount129009402595187825", 961);
Found : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Dec 15 2010 20:55:16 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Dec 15 2010 20:55:18 GMT+0100");
Found : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Dec 15 2010 20:55:17 GMT+0100");
Found : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Found : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Found : user_pref("CT2431245.FeedTTL7470634014970726540", 2);
Found : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Found : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Found : user_pref("CT2431245.FirstServerDate", "12-12-2010");
Found : user_pref("CT2431245.FirstTime", true);
Found : user_pref("CT2431245.FirstTimeFF3", true);
Found : user_pref("CT2431245.FixPageNotFoundErrors", true);
Found : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2431245.HasUserGlobalKeys", true);
Found : user_pref("CT2431245.HomePageProtectorEnabled", false);
Found : user_pref("CT2431245.HomepageBeforeUnload", "hxxp://www.google.com");
Found : user_pref("CT2431245.Initialize", true);
Found : user_pref("CT2431245.InitializeCommonPrefs", true);
Found : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2431245.InstallationId", "integrated_CT2431245 .exe");
Found : user_pref("CT2431245.InstallationType", "ConduitIntegration");
Found : user_pref("CT2431245.InstalledDate", "Sun Dec 12 2010 09:31:41 GMT+0100");
Found : user_pref("CT2431245.InvalidateCache", false);
Found : user_pref("CT2431245.IsAlertDBUpdated", true);
Found : user_pref("CT2431245.IsGrouping", false);
Found : user_pref("CT2431245.IsMulticommunity", false);
Found : user_pref("CT2431245.IsOpenThankYouPage", false);
Found : user_pref("CT2431245.IsOpenUninstallPage", true);
Found : user_pref("CT2431245.LanguagePackLastCheckTime", "Mon Jul 30 2012 20:06:44 GMT+0200");
Found : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2431245.LastLogin_3.11.0.3", "Sun May 06 2012 17:58:09 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.12.2.3", "Mon May 21 2012 18:58:49 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.13.0.6", "Tue Jul 31 2012 16:21:47 GMT+0200");
Found : user_pref("CT2431245.LastLogin_3.2.1.3", "Thu Dec 16 2010 14:17:45 GMT+0100");
Found : user_pref("CT2431245.LatestVersion", "3.14.1.0");
Found : user_pref("CT2431245.Locale", "de-de");
Found : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Found : user_pref("CT2431245.MCDetectTooltipShow", false);
Found : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Found : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2431245.RadioIsPodcast", false);
Found : user_pref("CT2431245.RadioLastCheckTime", "Wed Dec 15 2010 09:32:10 GMT+0100");
Found : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Found : user_pref("CT2431245.RadioMediaID", "20503672");
Found : user_pref("CT2431245.RadioMediaType", "Media Player");
Found : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Found : user_pref("CT2431245.RadioShrinked", "shrinked");
Found : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Found : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Found : user_pref("CT2431245.SHRINK_TOOLBAR", 0);
Found : user_pref("CT2431245.SavedHomepage", "hxxp://www.google.de/");
Found : user_pref("CT2431245.SearchBackToDefaultEngine", false);
Found : user_pref("CT2431245.SearchBoxWidth", 164);
Found : user_pref("CT2431245.SearchEngineBeforeUnload", "ICQ Search");
Found : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Found : user_pref("CT2431245.SearchInNewTabEnabled", true);
Found : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2431245.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2431245.SearchProtectorEnabled", false);
Found : user_pref("CT2431245.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2431245.ServiceMapLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.SettingsLastCheckTime", "Tue Jul 31 2012 17:04:30 GMT+0200");
Found : user_pref("CT2431245.SettingsLastUpdate", "1339926569");
Found : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Sat May 19 2012 15:48:15 GMT+0200");
Found : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1331806000");
Found : user_pref("CT2431245.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2431245");
Found : user_pref("CT2431245.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2431245.UserID", "UN84968042798076232");
Found : user_pref("CT2431245.ValidationData_Search", 2);
Found : user_pref("CT2431245.ValidationData_Toolbar", 2);
Found : user_pref("CT2431245.WeatherNetwork", "");
Found : user_pref("CT2431245.WeatherPollDate", "Wed Dec 15 2010 22:01:11 GMT+0100");
Found : user_pref("CT2431245.WeatherUnit", "C");
Found : user_pref("CT2431245.alertChannelId", "825452");
Found : user_pref("CT2431245.approveUntrustedApps", false);
Found : user_pref("CT2431245.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Found : user_pref("CT2431245.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Found : user_pref("CT2431245.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Found : user_pref("CT2431245.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Found : user_pref("CT2431245.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Found : user_pref("CT2431245.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Found : user_pref("CT2431245.backendstorage./9b+7e06cg5el8:", "6E6D6E6D6C746C6D7174");
Found : user_pref("CT2431245.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737473727A7273777A242F4B4947[...]
Found : user_pref("CT2431245.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Found : user_pref("CT2431245.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Found : user_pref("CT2431245.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Found : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Found : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Found : user_pref("CT2431245.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Found : user_pref("CT2431245.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Found : user_pref("CT2431245.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Found : user_pref("CT2431245.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Found : user_pref("CT2431245.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Found : user_pref("CT2431245.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Found : user_pref("CT2431245.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Found : user_pref("CT2431245.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Found : user_pref("CT2431245.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Found : user_pref("CT2431245.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Found : user_pref("CT2431245.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Found : user_pref("CT2431245.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Found : user_pref("CT2431245.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Found : user_pref("CT2431245.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2431245.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Found : user_pref("CT2431245.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Found : user_pref("CT2431245.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Found : user_pref("CT2431245.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Found : user_pref("CT2431245.backendstorage./9b-0?3g>d", "3E686A3F724042737A7775477920497E4A7A25207D21242A54[...]
Found : user_pref("CT2431245.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2431245.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Found : user_pref("CT2431245.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2431245.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Found : user_pref("CT2431245.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Found : user_pref("CT2431245.backendstorage./9b5ba==9cjag", "6C3F706E404340407A4277717A7875494B4F207B4D");
Found : user_pref("CT2431245.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D6C746C6D717176767B");
Found : user_pref("CT2431245.backendstorage./9b90e@8ff=eg", "393F352F3E");
Found : user_pref("CT2431245.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2431245.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2431245.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2431245.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2431245.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2431245.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2431245.backendstorage.autocompletepro_enable_auto", "31");
Found : user_pref("CT2431245.backendstorage.ct2431245isadsdisabled", "66616C7365");
Found : user_pref("CT2431245.backendstorage.printitgreenstatus", "74727565");
Found : user_pref("CT2431245.backendstorage.shoppingapp.gk.exipres", "546875204D617920303320323031322030383A[...]
Found : user_pref("CT2431245.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Found : user_pref("CT2431245.components.1000034", false);
Found : user_pref("CT2431245.components.1000082", false);
Found : user_pref("CT2431245.components.1000234", false);
Found : user_pref("CT2431245.components.1042240440808890403", false);
Found : user_pref("CT2431245.components.129009402593156547", false);
Found : user_pref("CT2431245.components.129009402595187825", false);
Found : user_pref("CT2431245.components.129009402595656583", false);
Found : user_pref("CT2431245.components.129009402596594108", false);
Found : user_pref("CT2431245.components.129235916598147545", false);
Found : user_pref("CT2431245.components.129281065370906720", false);
Found : user_pref("CT2431245.components.129453393919975934", false);
Found : user_pref("CT2431245.components.129453393922944692", false);
Found : user_pref("CT2431245.components.129453393923725944", false);
Found : user_pref("CT2431245.components.129453394044193841", false);
Found : user_pref("CT2431245.components.129530497903908208", false);
Found : user_pref("CT2431245.components.129659302539581540", false);
Found : user_pref("CT2431245.components.129682601309982614", false);
Found : user_pref("CT2431245.components.129687697467407697", false);
Found : user_pref("CT2431245.components.129780209672379590", false);
Found : user_pref("CT2431245.components.129790544018252482", false);
Found : user_pref("CT2431245.components.3101995424177833784", false);
Found : user_pref("CT2431245.components.7717972408976606873", false);
Found : user_pref("CT2431245.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2431245.globalFirstTimeInfoLastCheckTime", "Mon May 28 2012 12:04:18 GMT+0200");
Found : user_pref("CT2431245.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2431245.initDone", true);
Found : user_pref("CT2431245.isAppTrackingManagerOn", true);
Found : user_pref("CT2431245.myStuffEnabled", true);
Found : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2431245.oldAppsList", "129009402577063104,129009402577844366,111,129790544018252482,129[...]
Found : user_pref("CT2431245.revertSettingsEnabled", true);
Found : user_pref("CT2431245.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2431245.searchProtectorEnableByLogin", true);
Found : user_pref("CT2431245.testingCtid", "");
Found : user_pref("CT2431245.toolbarAppMetaDataLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Found : user_pref("CT2431245.toolbarContextMenuLastCheckTime", "Sat May 26 2012 09:09:56 GMT+0200");
Found : user_pref("CT2431245.usageEnabled", false);
Found : user_pref("CT2431245.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63427934310393[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT2431245.xml", "\"07ba0[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2431245");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\shortytine\\AppData\\Roaming\\Mozil[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Oct 28 2011 15:52:28 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Nov 09 2011 14:07:33 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Nov 09 2011 14:07:26 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "d8217608-fd8c-4802-a772-00db858ffd00");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Dec 15 2010 09:31:39 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "9dc865f7-0b8d-4a49-87b7-28feec4be75b");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 26 2012 09:09:5[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 01 2012 13:29:22 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 01 2012 13:29:14 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "f2b20d2b-5de1-4646-8900-a7d0247b52c7");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Nov 01 2011 14:08:18 GMT+0100");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Nov 08 2011 14:07:43 GMT+0100");
Found : user_pref("ConduitEngine.FirstServerDate", "03/09/2011 09");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Wed Mar 09 2011 07:01:02 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Nov 09 2011 14:07:31 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Apr 13 2011 20:52:03 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.UserID", "UN79667253251872383");
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Nov 09 2011 14:07:28 GMT+0100");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 1);
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "softonic-de3 Customized Web Search");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.Softonic.admin", false);
Found : user_pref("extensions.Softonic.aflt", "SD");
Found : user_pref("extensions.Softonic.autoRvrt", "false");
Found : user_pref("extensions.Softonic.dfltLng", "de");
Found : user_pref("extensions.Softonic.excTlbr", false);
Found : user_pref("extensions.Softonic.id", "30fbabcf00000000000000216bb399de");
Found : user_pref("extensions.Softonic.instlDay", "15476");
Found : user_pref("extensions.Softonic.instlRef", "MON00015");
Found : user_pref("extensions.Softonic.prdct", "Softonic");
Found : user_pref("extensions.Softonic.prtnrId", "softonic");
Found : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Found : user_pref("extensions.Softonic.tlbrId", "base");
Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Found : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Found : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Found : user_pref("extensions.Softonic_i.newTab", false);
Found : user_pref("extensions.Softonic_i.smplGrp", "none");
Found : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.015:13:15");
Found : user_pref("extensions.facemoods._xpiupdate", true);
Found : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Found : user_pref("extensions.facemoods.firstRun", "true");
Found : user_pref("extensions.facemoods.id", "_#cbf483cd0ffe4fe3957727af763c8698");
Found : user_pref("extensions.facemoods.instlDay", "_#15310");
Found : user_pref("extensions.facemoods.sid", "_#cbf483cd0ffe4fe3957727af763c8698");
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Bing");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEF[...]
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.de/");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.bing.com/search?FORM=IEFM1&q=");
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history", "stayfriends,quoka,freemail.de,meinvz,freemail,autoscout[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{AD9FC17A-6E79-499C-88B6-A5C7099205DF}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Found : user_pref("sweetim.toolbar.version", "1.3.0.1");

Profile name : default
File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\0iuoe0av.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "explicit_host": [ "hxxp://*.facemoods.com/*" ],
Found : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Found : "name": "Facemoods",
Found : "permissions": [ "tabs", "cookies", "hxxp://*.facemoods.com/" ],
Found : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",

*************************

AdwCleaner[R1].txt - [43871 octets] - [31/07/2012 20:56:31]

########## EOF - C:\AdwCleaner[R1].txt - [44000 octets] ##########

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Delete.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

So, hier wieder der Inhalt der Textdatei :)

# AdwCleaner v1.703 - Logfile created 08/01/2012 at 20:20:36
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : shortytine - SHORTYTINE-PC
# Running from : C:\Users\shortytine\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\shortytine\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Gast\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\Conduit
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitCommon
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\ConduitEngine
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\SweetIMToolbarData
Folder Deleted : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Program Files\PriceGong
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\SweetIM
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js

***** [H. Navipromo] *****

File Deleted : C:\Users\shortytine\AppData\Local\qiueiam.bat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam.dat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam_nav.dat
File Deleted : C:\Users\shortytine\AppData\Local\qiueiam_navps.dat

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\SweetIM
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\prefs.js

C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\user.js ... Deleted !

Deleted : user_pref("CT2431245..clientLogIsEnabled", false);
Deleted : user_pref("CT2431245..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2431245..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2431245.AppTrackingLastCheckTime", "Sat May 26 2012 07:17:15 GMT+0200");
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129453394044193841", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129659302539581540", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129682601309982614", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129780209672379590", true);
Deleted : user_pref("CT2431245.BrowserCompStateIsOpen_129790544018252482", true);
Deleted : user_pref("CT2431245.CTID", "CT2431245");
Deleted : user_pref("CT2431245.CurrentServerDate", "31-7-2012");
Deleted : user_pref("CT2431245.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2431245.DialogsGetterLastCheckTime", "Mon Jul 30 2012 08:19:01 GMT+0200");
Deleted : user_pref("CT2431245.DownloadReferralCookieData", "");
Deleted : user_pref("CT2431245.EMailNotifierPollDate", "Wed Dec 15 2010 22:04:47 GMT+0100");
Deleted : user_pref("CT2431245.EnableClickToSearchBox", false);
Deleted : user_pref("CT2431245.EnableSearchHistory", true);
Deleted : user_pref("CT2431245.EnableSearchSuggest", false);
Deleted : user_pref("CT2431245.FeedLastCount129009402595187825", 961);
Deleted : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Dec 15 2010 20:55:16 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Dec 15 2010 20:55:18 GMT+0100");
Deleted : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Dec 15 2010 20:55:17 GMT+0100");
Deleted : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634014970726540", 2);
Deleted : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Deleted : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Deleted : user_pref("CT2431245.FirstServerDate", "12-12-2010");
Deleted : user_pref("CT2431245.FirstTime", true);
Deleted : user_pref("CT2431245.FirstTimeFF3", true);
Deleted : user_pref("CT2431245.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2431245.HasUserGlobalKeys", true);
Deleted : user_pref("CT2431245.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2431245.HomepageBeforeUnload", "hxxp://www.google.com");
Deleted : user_pref("CT2431245.Initialize", true);
Deleted : user_pref("CT2431245.InitializeCommonPrefs", true);
Deleted : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2431245.InstallationId", "integrated_CT2431245 .exe");
Deleted : user_pref("CT2431245.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2431245.InstalledDate", "Sun Dec 12 2010 09:31:41 GMT+0100");
Deleted : user_pref("CT2431245.InvalidateCache", false);
Deleted : user_pref("CT2431245.IsAlertDBUpdated", true);
Deleted : user_pref("CT2431245.IsGrouping", false);
Deleted : user_pref("CT2431245.IsMulticommunity", false);
Deleted : user_pref("CT2431245.IsOpenThankYouPage", false);
Deleted : user_pref("CT2431245.IsOpenUninstallPage", true);
Deleted : user_pref("CT2431245.LanguagePackLastCheckTime", "Mon Jul 30 2012 20:06:44 GMT+0200");
Deleted : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2431245.LastLogin_3.11.0.3", "Sun May 06 2012 17:58:09 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.12.2.3", "Mon May 21 2012 18:58:49 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.13.0.6", "Tue Jul 31 2012 16:21:47 GMT+0200");
Deleted : user_pref("CT2431245.LastLogin_3.2.1.3", "Thu Dec 16 2010 14:17:45 GMT+0100");
Deleted : user_pref("CT2431245.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2431245.Locale", "de-de");
Deleted : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2431245.MCDetectTooltipShow", false);
Deleted : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2431245.RadioIsPodcast", false);
Deleted : user_pref("CT2431245.RadioLastCheckTime", "Wed Dec 15 2010 09:32:10 GMT+0100");
Deleted : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Deleted : user_pref("CT2431245.RadioMediaID", "20503672");
Deleted : user_pref("CT2431245.RadioMediaType", "Media Player");
Deleted : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Deleted : user_pref("CT2431245.RadioShrinked", "shrinked");
Deleted : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Deleted : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Deleted : user_pref("CT2431245.SHRINK_TOOLBAR", 0);
Deleted : user_pref("CT2431245.SavedHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CT2431245.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2431245.SearchBoxWidth", 164);
Deleted : user_pref("CT2431245.SearchEngineBeforeUnload", "ICQ Search");
Deleted : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2431245.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2431245.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2431245.SearchProtectorEnabled", false);
Deleted : user_pref("CT2431245.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2431245.ServiceMapLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.SettingsLastCheckTime", "Tue Jul 31 2012 17:04:30 GMT+0200");
Deleted : user_pref("CT2431245.SettingsLastUpdate", "1339926569");
Deleted : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Sat May 19 2012 15:48:15 GMT+0200");
Deleted : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1331806000");
Deleted : user_pref("CT2431245.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2431245");
Deleted : user_pref("CT2431245.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2431245.UserID", "UN84968042798076232");
Deleted : user_pref("CT2431245.ValidationData_Search", 2);
Deleted : user_pref("CT2431245.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2431245.WeatherNetwork", "");
Deleted : user_pref("CT2431245.WeatherPollDate", "Wed Dec 15 2010 22:01:11 GMT+0100");
Deleted : user_pref("CT2431245.WeatherUnit", "C");
Deleted : user_pref("CT2431245.alertChannelId", "825452");
Deleted : user_pref("CT2431245.approveUntrustedApps", false);
Deleted : user_pref("CT2431245.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e06cg5el8:", "6E6D6E6D6C746C6D7174");
Deleted : user_pref("CT2431245.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737473727A7273777A242F4B4947[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Deleted : user_pref("CT2431245.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Deleted : user_pref("CT2431245.backendstorage./9b-0?3g>d", "3E686A3F724042737A7775477920497E4A7A25207D21242A54[...]
Deleted : user_pref("CT2431245.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2431245.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2431245.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2431245.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Deleted : user_pref("CT2431245.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484776213F3E484F4E4D464[...]
Deleted : user_pref("CT2431245.backendstorage./9b5ba==9cjag", "6C3F706E404340407A4277717A7875494B4F207B4D");
Deleted : user_pref("CT2431245.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E6D6C746C6D717176767B");
Deleted : user_pref("CT2431245.backendstorage./9b90e@8ff=eg", "393F352F3E");
Deleted : user_pref("CT2431245.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2431245.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2431245.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2431245.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2431245.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2431245.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2431245.backendstorage.autocompletepro_enable_auto", "31");
Deleted : user_pref("CT2431245.backendstorage.ct2431245isadsdisabled", "66616C7365");
Deleted : user_pref("CT2431245.backendstorage.printitgreenstatus", "74727565");
Deleted : user_pref("CT2431245.backendstorage.shoppingapp.gk.exipres", "546875204D617920303320323031322030383A[...]
Deleted : user_pref("CT2431245.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Deleted : user_pref("CT2431245.components.1000034", false);
Deleted : user_pref("CT2431245.components.1000082", false);
Deleted : user_pref("CT2431245.components.1000234", false);
Deleted : user_pref("CT2431245.components.1042240440808890403", false);
Deleted : user_pref("CT2431245.components.129009402593156547", false);
Deleted : user_pref("CT2431245.components.129009402595187825", false);
Deleted : user_pref("CT2431245.components.129009402595656583", false);
Deleted : user_pref("CT2431245.components.129009402596594108", false);
Deleted : user_pref("CT2431245.components.129235916598147545", false);
Deleted : user_pref("CT2431245.components.129281065370906720", false);
Deleted : user_pref("CT2431245.components.129453393919975934", false);
Deleted : user_pref("CT2431245.components.129453393922944692", false);
Deleted : user_pref("CT2431245.components.129453393923725944", false);
Deleted : user_pref("CT2431245.components.129453394044193841", false);
Deleted : user_pref("CT2431245.components.129530497903908208", false);
Deleted : user_pref("CT2431245.components.129659302539581540", false);
Deleted : user_pref("CT2431245.components.129682601309982614", false);
Deleted : user_pref("CT2431245.components.129687697467407697", false);
Deleted : user_pref("CT2431245.components.129780209672379590", false);
Deleted : user_pref("CT2431245.components.129790544018252482", false);
Deleted : user_pref("CT2431245.components.3101995424177833784", false);
Deleted : user_pref("CT2431245.components.7717972408976606873", false);
Deleted : user_pref("CT2431245.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2431245.globalFirstTimeInfoLastCheckTime", "Mon May 28 2012 12:04:18 GMT+0200");
Deleted : user_pref("CT2431245.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2431245.initDone", true);
Deleted : user_pref("CT2431245.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2431245.myStuffEnabled", true);
Deleted : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2431245.oldAppsList", "129009402577063104,129009402577844366,111,129790544018252482,129[...]
Deleted : user_pref("CT2431245.revertSettingsEnabled", true);
Deleted : user_pref("CT2431245.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2431245.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2431245.testingCtid", "");
Deleted : user_pref("CT2431245.toolbarAppMetaDataLastCheckTime", "Mon Jul 30 2012 20:06:43 GMT+0200");
Deleted : user_pref("CT2431245.toolbarContextMenuLastCheckTime", "Sat May 26 2012 09:09:56 GMT+0200");
Deleted : user_pref("CT2431245.usageEnabled", false);
Deleted : user_pref("CT2431245.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63427934310393[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/Newtab/Softonic/CT2431245.xml", "\"07ba0[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2431245");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\shortytine\\AppData\\Roaming\\Mozil[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Oct 28 2011 15:52:28 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Nov 09 2011 14:07:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Nov 09 2011 14:07:26 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "d8217608-fd8c-4802-a772-00db858ffd00");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Dec 15 2010 09:31:39 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "9dc865f7-0b8d-4a49-87b7-28feec4be75b");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 26 2012 09:09:5[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 01 2012 13:29:22 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 01 2012 13:29:14 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "f2b20d2b-5de1-4646-8900-a7d0247b52c7");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue Nov 01 2011 14:08:18 GMT+0100");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Nov 08 2011 14:07:43 GMT+0100");
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/09/2011 09");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Wed Mar 09 2011 07:01:02 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Nov 09 2011 14:07:31 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Wed Apr 13 2011 20:52:03 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.UserID", "UN79667253251872383");
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Nov 09 2011 14:07:28 GMT+0100");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Nov 10 2011 07:01:53 GMT+0100");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 1);
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "softonic-de3 Customized Web Search");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.Softonic.admin", false);
Deleted : user_pref("extensions.Softonic.aflt", "SD");
Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Deleted : user_pref("extensions.Softonic.excTlbr", false);
Deleted : user_pref("extensions.Softonic.id", "30fbabcf00000000000000216bb399de");
Deleted : user_pref("extensions.Softonic.instlDay", "15476");
Deleted : user_pref("extensions.Softonic.instlRef", "MON00015");
Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.Softonic.vrsn", "1.5.21.0");
Deleted : user_pref("extensions.Softonic.vrsni", "1.5.21.0");
Deleted : user_pref("extensions.Softonic_i.newTab", false);
Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.015:13:15");
Deleted : user_pref("extensions.facemoods._xpiupdate", true);
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.firstRun", "true");
Deleted : user_pref("extensions.facemoods.id", "_#cbf483cd0ffe4fe3957727af763c8698");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15310");
Deleted : user_pref("extensions.facemoods.sid", "_#cbf483cd0ffe4fe3957727af763c8698");
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Bing");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://www.bing.com/search?FORM=IEF[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.de/");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.bing.com/search?FORM=IEFM1&q=");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history", "stayfriends,quoka,freemail.de,meinvz,freemail,autoscout[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{AD9FC17A-6E79-499C-88B6-A5C7099205DF}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Deleted : user_pref("sweetim.toolbar.version", "1.3.0.1");

Profile name : default
File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\0iuoe0av.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\shortytine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "explicit_host": [ "hxxp://*.facemoods.com/*" ],
Deleted : "css": [ "style/facemoods_chrome_1.0.1.css" ],
Deleted : "name": "Facemoods",
Deleted : "permissions": [ "tabs", "cookies", "hxxp://*.facemoods.com/" ],
Deleted : "update_url": "hxxp://facemoods.com/public/download/chrome/update.xml",

*************************

AdwCleaner[R1].txt - [44002 octets] - [31/07/2012 20:56:31]
AdwCleaner[S1].txt - [45127 octets] - [01/08/2012 20:20:36]

########## EOF - C:\AdwCleaner[S1].txt - [45256 octets] ##########


LG emmibemmi

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Hi Arne, also hier und da tut sich windows noch schwer, und im startmenü habe ich 2 leere Ordner: 1. tablet pc und 2. live platinum security. was mir noch aufgefallen ist, ist das der ebay-icon von meinem desktop verschwunden ist....hoffe konnte deine fragen einigermaßen baentworten! LG emmibemmi

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
• Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

LG emmibemmi

Du hast jetzt 4x das OTL-Log aber keine Extras gepostet :confused:

Hallo Arne, was für extras denn???? hab doch keine ahnung, sorry...lg emmibemmi

OTL erstellt auch ein anderes Log => Extras.txt
Aber gut, das ist nicht so wichtig
Trotzdem frage ich mich, was das soll mit den 4x OTL.txt :confused:

Ich werd die überflüssigen löschen, ... :rolleyes:

Hallo Arne, warum das viermal aufgeführt ist weiß ich auch nicht so genau :D sorry...kommt denn jetzt noch mehr auf mich zu oder kann ich davon ausgehen das alles wieder "clean" ist? lg emmibemmi

So, jetzt steht's nur noch 1x da :pfeiff:


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

So Arne ich hoffe ich hab das jetzt richtig gemacht...

All processes killed
========== OTL ==========
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: "hxxp://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL
Prefs.js: "hxxp://search.sweetim.com/search.asp?src=2&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\shortytine\AppData\Roaming\mozilla\Firefox\Profiles\89w409kx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\shortytine\AppData\Roaming\Mozilla\Firefox\Profiles\89w409kx.default\searchplugins\icqplugin.xml moved successfully.
C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-21-660773486-670838790-555106487-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3381b621-db2e-11dd-935e-00216bb399de}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3381b621-db2e-11dd-935e-00216bb399de}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3381b621-db2e-11dd-935e-00216bb399de}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3381b621-db2e-11dd-935e-00216bb399de}\ not found.
File D:\setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4797536-bfaf-11df-8c67-00235a01be7c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c4797536-bfaf-11df-8c67-00235a01be7c}\ not found.
File H:\PMBP_Win.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f92f2c28-6d30-11df-982b-00235a01be7c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92f2c28-6d30-11df-982b-00235a01be7c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f92f2c28-6d30-11df-982b-00235a01be7c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92f2c28-6d30-11df-982b-00235a01be7c}\ not found.
File D:\VTP_Manager.exe not found.
========== FILES ==========
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\L folder moved successfully.
C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\L folder moved successfully.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U folder moved successfully.
C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\U folder moved successfully.
File\Folder C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n not found.
File\Folder C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\n not found.
C:\Users\shortytine\AppData\Local\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\@ moved successfully.
C:\Windows\Installer\{4c75a3fd-734c-0ebb-1676-980fca40e6aa}\@ moved successfully.
C:\Users\shortytine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum folder moved successfully.
C:\ProgramData\036DFF98FF4F56417C1067A12F3B707C folder moved successfully.
C:\Users\shortytine\AppData\Roaming\Ynoh folder moved successfully.
C:\Users\shortytine\AppData\Roaming\Puluom folder moved successfully.
C:\Users\shortytine\AppData\Roaming\Elagar folder moved successfully.
C:\Users\shortytine\AppData\Roaming\xmldm folder moved successfully.
C:\Users\shortytine\AppData\Roaming\kock folder moved successfully.
File\Folder C:\Users\shortytine\AppData\Roaming\Elagar not found.
C:\Users\shortytine\AppData\Roaming\Gutscheinmieze folder moved successfully.
C:\Users\shortytine\Downloads\Programme\SweetImSetup (2).exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56586 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gast
->Temp folder emptied: 138787 bytes
->Temporary Internet Files folder emptied: 985047 bytes
->FireFox cache emptied: 25924433 bytes
->Flash cache emptied: 57237 bytes

User: Public

User: shortytine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4054752 bytes
->Java cache emptied: 51948933 bytes
->FireFox cache emptied: 577439295 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2853475 bytes

%systemdrive% .tmp files removed: 14648 bytes
%systemroot% .tmp files removed: 1460478 bytes
%systemroot%\System32 .tmp files removed: 2580 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 258113 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 634,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gast
->Flash cache emptied: 0 bytes

User: Public

User: shortytine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.56.0 log created on 08082012_212236

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


lg emmibemmi

Die Log sbitte in CODE-Tags posten!!!

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

lg emmibemmi

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.