Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   malwarebytes und ad.adserverplus (https://www.trojaner-board.de/121603-malwarebytes-ad-adserverplus.html)

ranjid 08.08.2012 21:01
malwarebytes und ad.adserverplus
 
Hallo,

mir wurd hier schon einige Male geholfen ... nun habe ich wieder ein Problem...:wtf:

Mein Rechner wurde immer langsamer.... und nun öffnet sich auch noch ständig im firefox ein fenster mit ad.adserverplus :headbang:, ich habe gedacht, es wird nichts schlimmes sein- aber mein Mann meinte, es könnte ein Trojaner sein.
Nun habe ich hier im Board einige Threads durchgelesen und daraufhin Malwarebytes Anti-Malware ausgeführt- und es meldete mir über 40 infizierte Objekte...
HILFE!!!

Was soll ich jetzt tun, damit mein Rechner nicht länger verseucht ist?
Ich habe gedacht, es reicht aus, das Kabel - Sicherheitspaket zu besitzen- es ist immer auf dem neuesten Stand, allerdings hat es schon bei der Installation Malwarebytes Anti- Malware vom Rechner geschubst, (ohne Nachfrage)... viellcith doch nicht so ein tolles Sicherheitspaket. :aufsmaul:
Ich habe ein Logfile von MbaM ....
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.08.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
*** :: NDES00471101000 [Administrator]

08.08.2012 20:55:03
mbam-log-2012-08-08 (20-04-14).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230945
Laufzeit: 32 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 22
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Dateien: 15
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Documents and Settings\***\My Documents\Downloads\SoftonicDownloader_fuer_7-zip.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Documents and Settings\\My Documents\Downloads\SoftonicDownloader_fuer_blockcad.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt.
C:\Documents and Settings\***\My Documents\Downloads\SoftonicDownloader_fuer_ultimate-boot-cd-for-windows.exe (PUP.ToolbarDownloader) -> Keine Aktion durchgeführt.
C:\Documents and Settings\***\My Documents\Downloads\ProductKeyFinder23.exe (PUP.BundleInstaller.BI) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.

(Ende)

t'john 09.08.2012 09:46
:hallo:

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

2. Schritt
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

ranjid 10.08.2012 21:19
vielen lieben Dank für Deine Hilfe!

Hier sind die Log Files:

Malware Anti-Malware:
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.08.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
*** :: NDES00471101000 [Administrator]

10.08.2012 07:32:11
mbam-log-2012-08-10 (07-32-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 325893
Laufzeit: 3 Stunde(n), 48 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Documents and Settings\***\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL 1:

Code:
OTL logfile created on: 10.08.2012 21:38:25 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Documents and Settings\***\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1015,36 Mb Total Physical Memory | 349,46 Mb Available Physical Memory | 34,42% Memory free
3,83 Gb Paging File | 3,19 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): C:\pagefile.sys 3000 3000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 83,79 Gb Total Space | 42,17 Gb Free Space | 50,33% Space Free | Partition Type: NTFS
Drive D: | 9,37 Gb Total Space | 0,16 Gb Free Space | 1,72% Space Free | Partition Type: NTFS
 
Computer Name: NDES00471101000 | User Name:***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\***\My Documents\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe ()
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsgk32.exe (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Program Files\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSHDLL32.EXE (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FWES\program\fsdfwd.exe (F-Secure Corporation)
PRC - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\PMService.exe (TerraNovum)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
PRC - C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe (Hewlett-Packard)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\minifilter\hashlib_x86.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fm4av.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Spam Control\fsas.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPC\fspcfsm.eng ()
MOD - \\?\c:\program files\kabel deutschland\sicherheitspaket\hips\fsumi.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\strres.eng ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\gres.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\fsavures.eng ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\flyerres.eng ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\aboutres.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\about.dll ()
MOD - C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsavhres.eng ()
MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (hpdj) -- C:\DOCUME~1\***~1\LOCALS~1\Temp\hpdj.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (FSORSPClient) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (humyo.com) -- C:\Program Files\Alice SmartDisk\hrfscore.exe (humyo.com Ltd.)
SRV - (FSMA) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\FWES\program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (DWMRCS) -- C:\WINDOWS\system32\DWRCS.exe (DameWare Development LLC)
SRV - (EPA_GPO_PMService) -- C:\WINDOWS\system32\PMService.exe (TerraNovum)
SRV - (BBDistHandler) -- C:\maint\sid\DISTH\DISTH.EXE (IBM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (Changer) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (F-Secure Gatekeeper) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\WINDOWS\system32\drivers\fsbts.sys ()
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)
DRV - (hrfsmrx) -- C:\WINDOWS\system32\drivers\hrfsmrx.sys (humyo.com Ltd.)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (F-Secure HIPS) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (FSFW) -- C:\WINDOWS\system32\drivers\fsdfw.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\win2k\fsfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files\Kabel Deutschland\Sicherheitspaket\Anti-Virus\win2k\fsrec.sys ()
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (APPDRV) -- C:\WINDOWS\system32\drivers\APPDRV.SYS (Dell Inc)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (fpcmbase) -- C:\WINDOWS\system32\drivers\fpcmbase.sys (AVM Berlin)
DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (GTIPCI21) -- C:\WINDOWS\system32\drivers\gtipci21.sys (Texas Instruments)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://blueweb
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://blueweb
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://blueweb
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://blueweb
 
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=hp
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.2.6rc7
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.16752
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B79eab090-17eb-4d01-a820-5db1aa898c97%7D&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&ds=od011&v=11.1.0.12&lang=de&pr=sa&d=2012-07-14%2017%3A37%3A45&sap=ku&q="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\***\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\litmus-ff@f-secure.com: C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.07.13 08:53:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.20 16:25:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.10 17:21:06 | 000,000,000 | ---D | M]
 
[2010.06.23 18:14:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\mozilla\Extensions
[2012.08.02 17:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\mozilla\Firefox\Profiles\cmo0higa.default\extensions
[2012.04.09 18:01:15 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Documents and Settings\***\Application Data\mozilla\Firefox\Profiles\cmo0higa.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.07.15 14:34:08 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Documents and Settings\***\Application Data\mozilla\Firefox\Profiles\cmo0higa.default\extensions\bbrs_002@blabbers.com
[2012.07.14 17:29:10 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\***\Application Data\mozilla\Firefox\Profiles\cmo0higa.default\extensions\ffxtlbr@incredibar.com
[2011.08.25 23:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\***\Application Data\mozilla\Firefox\Profiles\cmo0higa.default\extensions\nostmp
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\conduit.xml
[2012.07.14 17:28:13 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\MyStart Search.xml
[2012.07.15 14:33:57 | 000,002,792 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Plusnetwork.xml
[2012.04.09 18:02:08 | 000,002,270 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\SearchTheWeb.xml
[2012.05.03 08:40:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.04.09 18:00:30 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files\Mozilla Firefox\extensions\webbooster@iminent.com
[2012.08.02 17:03:48 | 000,526,260 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\***\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\CMO0HIGA.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.04.29 11:42:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.07.13 08:53:01 | 000,000,000 | ---D | M] ("Browsing Protection") -- C:\PROGRAM FILES\KABEL DEUTSCHLAND\SICHERHEITSPAKET\NRS\LITMUS-FF@F-SECURE.COM
[2011.01.29 16:13:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.07.20 16:25:44 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.04.29 11:42:42 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.10.26 16:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.04.01 16:18:01 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 17:37:18 | 000,003,750 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.14 16:04:13 | 000,002,353 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.04.01 16:18:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.01 16:18:01 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.01 16:18:01 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.05 08:39:39 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.12.23 13:02:16 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012.04.01 16:18:01 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.01 16:18:01 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=hp
CHR - Extension: No name found = C:\Documents and Settings\***\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
 
O1 HOSTS File: ([2011.02.07 13:42:55 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Kabel Deutschland\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [EPA_EZ_GPO_Tool] C:\WINDOWS\system32\EZ_GPO_Tool.exe (Environmental Protection Agency)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Kabel Deutschland\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-329068152-963894560-725345543-1006..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk = C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft\Office_XP_XL\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save Image To Alice SmartDisk - C:\Program Files\Alice SmartDisk\download.html File not found
O8 - Extra context menu item: Save Target To Alice SmartDisk - C:\Program Files\Alice SmartDisk\download.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Kabel Deutschland\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O15 - HKLM\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..Trusted Ranges: Range38 ([*] in Local intranet)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1297160370687 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4BDA7D2-1C8E-4B12-BEB7-9791C0689685}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\prox - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\Documents and Settings\***\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\***\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.28 15:24:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell - "" = AutoRun
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.10 16:38:03 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.08.10 13:09:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\***\Recent
[2012.08.08 19:10:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.08 19:10:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.08 19:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.03 19:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Boomzap
[2012.08.03 16:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Stand O'Food 3
[2012.07.30 08:31:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\My Games
[2012.07.28 20:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Local Settings\Application Data\fontconfig
[2012.07.28 20:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\.gimp-2.8
[2012.07.28 20:51:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Local Settings\Application Data\gegl-0.2
[2012.07.17 23:26:52 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2012.07.17 23:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Player Utilities 5.22
[2012.07.17 23:23:45 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Utilities 5.22
[2012.07.17 14:43:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\4 Friends Games
[2012.07.16 12:13:18 | 000,000,000 | ---D | C] -- C:\656023b57cb6885c25e2aaa7c869
[2012.07.15 14:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\BrowserCompanion
[2012.07.15 14:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\AppData
[2012.07.14 18:34:21 | 000,000,000 | ---D | C] -- C:\UBCD4Win
[2012.07.14 17:34:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012.07.14 17:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\OpenCandy
[2012.07.14 17:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Start Menu\Programs\KeyFinder
[2012.07.14 17:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\KeyFinder
[2012.07.14 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2012.07.14 17:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Canneverbe Limited
[2012.07.14 17:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2012.07.14 16:59:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Local Settings\Application Data\Nero
[2012.07.14 16:44:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2012.07.14 16:04:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.07.14 15:44:32 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2012.07.14 15:42:59 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2012.07.14 15:41:48 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2012.07.14 15:40:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2012.07.14 15:39:45 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.10 17:21:07 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012.08.10 16:58:04 | 000,000,041 | ---- | M] () -- C:\WINDOWS\Filzip.ini
[2012.08.10 16:38:03 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012.08.10 13:07:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.10 13:02:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.10 13:02:23 | 1064,755,200 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.08 20:36:08 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.08 20:36:08 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.08 10:10:41 | 000,002,714 | ---- | M] () -- C:\Documents and Settings\***\Local Settings\Application Data\recently-used.xbel
[2012.08.07 19:12:12 | 000,001,218 | ---- | M] () -- C:\Documents and Settings\***\Desktop\Verknüpfung mit FabledLegends_TheDarkPiperCE.exe.lnk
[2012.08.07 06:04:45 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.03 10:39:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.03 10:39:26 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.07.28 20:44:47 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\GIMP 2.lnk
[2012.07.28 20:44:47 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2012.07.26 09:19:12 | 000,002,355 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Excel XP XL.lnk
[2012.07.17 06:17:22 | 000,482,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.17 06:17:22 | 000,081,206 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.15 14:34:04 | 000,002,247 | ---- | M] () -- C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk
[2012.07.14 18:47:44 | 000,002,367 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Word XP XL.lnk
[2012.07.14 17:29:13 | 000,000,698 | ---- | M] () -- C:\user.js
[2012.07.14 17:24:12 | 000,001,636 | ---- | M] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2012.07.14 17:24:12 | 000,001,618 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012.07.14 13:06:15 | 000,189,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.08.10 17:21:07 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2012.08.10 17:21:07 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012.08.08 20:36:08 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012.08.08 19:10:51 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.08 10:10:41 | 000,002,714 | ---- | C] () -- C:\Documents and Settings\***\Local Settings\Application Data\recently-used.xbel
[2012.08.07 19:12:12 | 000,001,218 | ---- | C] () -- C:\Documents and Settings\***\Desktop\Verknüpfung mit FabledLegends_TheDarkPiperCE.exe.lnk
[2012.07.28 20:44:47 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\GIMP 2.lnk
[2012.07.28 20:44:47 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GIMP 2.lnk
[2012.07.28 20:44:45 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\GIMP 2.lnk
[2012.07.15 14:34:04 | 000,002,247 | ---- | C] () -- C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk
[2012.07.14 17:24:12 | 000,001,636 | ---- | C] () -- C:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk
[2012.07.14 17:24:12 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CDBurnerXP.lnk
[2012.07.14 17:24:11 | 000,001,562 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\CDBurnerXP.lnk
[2012.04.23 15:16:20 | 000,000,433 | ---- | C] () -- C:\WINDOWS\Buildalot3.ini
[2012.04.09 12:33:21 | 000,044,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2012.03.30 17:36:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.20 12:31:36 | 000,024,457 | ---- | C] () -- C:\Documents and Settings\***\Lebenslauf Andreas Maier.pdf
[2011.07.08 13:46:57 | 000,009,336 | ---- | C] () -- C:\Documents and Settings\***\tcpip
[2011.05.31 19:10:04 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\***\.gtk-bookmarks
[2011.01.21 13:01:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\***\defogger_reenable
[2010.12.20 14:05:26 | 000,000,041 | ---- | C] () -- C:\WINDOWS\System32\Filzip.ini
[2010.11.16 11:54:21 | 000,000,022 | ---- | C] () -- C:\WINDOWS\VPMAB.INI
[2010.10.15 13:09:52 | 000,050,200 | ---- | C] () -- C:\Documents and Settings\***\BT-Backup-2010-10-15-1309.zip
[2010.09.23 04:25:01 | 000,483,960 | ---- | C] () -- C:\Documents and Settings\***\000001_rgew_20100923042442_0.pdf
[2010.06.29 12:59:27 | 000,000,062 | ---- | C] () -- C:\Documents and Settings\***\axa-bt.ini
[2010.06.29 11:24:29 | 000,000,027 | ---- | C] () -- C:\Documents and Settings\***\version.ini
[2009.12.31 09:57:47 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\***\Local Settings\Application Data\fusioncache.dat
[2009.06.21 07:41:02 | 003,195,904 | ---- | C] () -- C:\Program Files\Common FilesDDBACSetup.msi
[2009.04.21 16:13:44 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\***\FPS.ini
[2009.04.05 19:29:33 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.06 16:55:18 | 000,000,273 | ---- | C] () -- C:\Documents and Settings\***\DBImport.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6E86D926
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B2B96C
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F036C20D
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C07A6A6B
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2397415
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4363DE71
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C22674B6
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F84B8DB5
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A3B8F70C
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A688EF17
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A00BCDEF
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F41F8101
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:425759C6
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8140CB50
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BDCD0530
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:385E2CFD
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:80B291A7
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:569CEE83
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3E06C78F
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B6DD2C7E
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0487F955
@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3571475C
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:014BC3B4
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B454A5C
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:193CB03B
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DD20B4A
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38FF076E
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:28CDD861
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2B40A7DB
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CEE4A457
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C28CF6
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:751D6870
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98982C88
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9026FFAC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:61AF2B29
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9FD757A9
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:512E1728
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4FA837B4
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7ADB695A
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AD727397
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:852F2262
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D0D17155
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:438C7496
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4CF76F21
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:627153F1
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:551BED5F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2F24DB5
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7CEDF9F3
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:35C78DCC
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A02025CE
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:957E9765
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:69E3AF64
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC0A74A1
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9857FAE3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F1175E1D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BE6B5FC3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A1628E5
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:059167AF
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0FEE2B
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7B52659E
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3D36932D
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8E5EA40F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:237E4B91
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:99C301D0
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8DF68137
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:663B62CA
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:471AD3D0
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FECEF728
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C928F3BE
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BF0805F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8277EEB5
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CDB9CA3
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A6346EE9
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6444B424
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33EA030E
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BC498A4
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:97C4F81F
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7881FECE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6FE17A89
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2032EBB
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F2AF86D9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DF0BC727
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:67BA17B9
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D0668210
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F44D3C53
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5AE33054
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8F067037

< End of report >
und die 2. :

Code:
OTL Extras logfile created on: 10.08.2012 21:38:25 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Documents and Settings\***\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1015,36 Mb Total Physical Memory | 349,46 Mb Available Physical Memory | 34,42% Memory free
3,83 Gb Paging File | 3,19 Gb Available in Paging File | 83,39% Paging File free
Paging file location(s): C:\pagefile.sys 3000 3000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 83,79 Gb Total Space | 42,17 Gb Free Space | 50,33% Space Free | Partition Type: NTFS
Drive D: | 9,37 Gb Total Space | 0,16 Gb Free Space | 1,72% Space Free | Partition Type: NTFS
 
Computer Name: NDES00471101000 | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\PROGRA~1\MICROS~2\OFFICE~1\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\PROGRA~1\MICROS~2\OFFICE~1\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\MSYS\Snowball.exe" = C:\MSYS\Snowball.exe:*:Disabled:Clientkomponente SB
"C:\Program Files\AXA-BT\COLSERV\jre\bin\javaw.exe" = C:\Program Files\AXA-BT\COLSERV\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary
"C:\Program Files\AXA-BT\COLSERV\BTFrame.exe" = C:\Program Files\AXA-BT\COLSERV\BTFrame.exe:*:Enabled:BTFrame
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"E:\fsetup.exe" = E:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Program Files\Iminent\Iminent.exe" = C:\Program Files\Iminent\Iminent.exe:*:Enabled:Iminent Firewall Rule -- (Iminent)
"C:\Program Files\Iminent\Iminent.Messengers.exe" = C:\Program Files\Iminent\Iminent.Messengers.exe:*:Enabled:Iminent.Messengers Firewall Rule -- (Iminent)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{12E0A949-8861-35F8-B7ED-5658788A7BFE}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ESN
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15C165F1-1DAE-4476-AFB6-8723729B41E7}" = hp deskjet 5100
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{298B7460-A43A-3083-B295-75547FC68392}" = Microsoft .NET Framework 3.5 Language Pack - esn
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A871AF4-7699-4226-A3D3-869EE5E64034}" = Dameware Dameware Mini Remote Control 5.0 [5.0.1.5] DE
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BD8E034-E0F4-4509-A753-467A8E854CD8}" = Iminent
"{511DF669-2930-30C0-8EB6-552887E29EC8}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}" = EOS Capture 1.5
"{59EC5F32-D8D7-3909-B0CB-255AD09F5993}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6183CFBD-5298-4329-BC4E-58568A004D35}" = Microsoft Access Runtime 10 [10.0.6626.0] EN
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{6845AE3B-EB95-46DE-A190-EAB8D7764C60}" = Lexware Elster
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Microsoft MSXML 4 EN
"{71CB2612-627C-3D58-8D82-B77444B27B6A}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{776AC7E8-F6F4-4E4F-98CD-ECCC54948C6A}" = Macromedia Shockwave 10 EN
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7D7C9A8A-F3B4-42A2-9AD2-5B0CA013267C}" = Lexware online banking
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{83169D43-4660-4347-BC95-E9D6E6BE65CE}" = Microsoft NET Framework 1.1 ES
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}" = Media Player Utilities 5.22
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP 10.0.6626.0 XL
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{901E0403-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Catalan User Interface Pack
"{901E0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP German User Interface 10 DE
"{901E040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP French User Interface 10 FR
"{901E0410-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Italian User Interface 10 IT
"{901E042D-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Basque User Interface Pack
"{901E0456-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Galician User Interface Pack
"{901E0C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Spanish User Interface 10 ES
"{917C79E9-9E4E-11D6-B27C-0003FFFFFFFC}" = Fritz und Fertig
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft NET_Framework 1.1 FR
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{ACAB3F35-588C-4F2E-81FF-764839A632D7}" = DDBAC
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B3BBA387-B30B-4E0F-9E35-82B15B7DD10E}" = InstallShield ISScript 3 EN
"{B3F1E526-180B-4480-9FEC-3E2DCB8EA9CE}" = F-Secure PSC Prerequisites
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B516126E-607A-47BD-8B35-335A76328576}" = Quicken Import Export Server 2009
"{BAC47667-0D8E-4B74-8C1B-630D68F7E23E}" = Eagle Star Tarifrechner
"{BB0DCC5E-7477-3350-B5F5-7CE64E1E83B6}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ESN
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BEDFB0D0-CA1E-4CBA-9664-B25A74019D0C}" = Lexware Info Service
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C3B8F0DF-55EA-4793-8F77-3259211A3C9E}" = CyberLink PowerDVD 5.1 [5.1.057] DE
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C5B83F18-6959-4760-9879-709E29E75DAF}" = EZ GPO Power Management Config Tool
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{C8320AEC-2E97-4C78-81EC-43CF6D248B01}" = Microsoft XML Parser
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{DF70AE58-A4D9-43EE-8158-3800CB6EF59D}" = BBFacade
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E5A24EC1-61AF-4AF4-A103-756359FAC92E}" = Quicken 2009 - ServicePack 3
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ECD9E9A7-EA28-4698-8414-3F306C79ECD7}" = Irfanview Irfan View 3.9 [3.98] DE
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft NET Framework 1.1 IT
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"AVIConverter" = AVIConverter 5.1.0
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Azada 1.0.4.2" = Azada 1.0.4.2
"BFG-Azada - Ancient Magic" = Azada ™: Ancient Magic
"BFGC" = Big Fish Games: Game Manager
"BlockCAD3.19_is1" = BlockCAD 3.19
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"Defraggler" = Defraggler
"Filzip 3.0.1.44_is1" = Filzip 3.01
"Filzip 3.0.6.93_is1" = Filzip 3.06
"Fix-It-up - Die schrägen Achtziger" = Fix-It-up - Die schrägen Achtziger
"FRITZ! 2.0" = AVM FRITZ!
"F-Secure Product 444" = Kabel Sicherheitspaket
"GIMP-2_is1" = GIMP 2.8.0
"HFRS_is1" = Alice SmartDisk
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo & Imaging" = HP Image Zone 5.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}" = Canon Utilities EOS Capture 1.5
"IrfanView" = IrfanView (remove only)
"Jojos Fashion Show 2 - Las Cruses" = Jojos Fashion Show 2 - Las Cruses
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 Language Pack - esn" = Paquete de idioma de Microsoft .NET Framework 3.5 - esn
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"ST6UNST #1" = VB6-Runtime und Steuerelemente
"SystemRequirementsLab" = System Requirements Lab
"Viewer97" = Microsoft Word Viewer 97
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wedding Salon" = Wedding Salon
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Product Key Finder Pro®_is1" = Windows Product Key Finder Pro® 2.3
"winusb0100" = Microsoft WinUsb 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Youda Survivor 1.0.0.0" = Youda Survivor 1.0.0.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06.08.2012 03:16:13 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 06.08.2012 03:17:53 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 06.08.2012 23:24:39 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 06.08.2012 23:25:45 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 08.08.2012 03:27:20 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 08.08.2012 03:28:33 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 08.08.2012 21:02:05 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 08.08.2012 21:03:16 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 09.08.2012 16:17:00 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
Error - 09.08.2012 16:18:02 | Computer Name = NDES00471101000 | Source = NativeWrapper | ID = 5000
Description =
 
[ System Events ]
Error - 09.08.2012 12:20:58 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman.
 
Error - 09.08.2012 16:17:05 | Computer Name = NDES00471101000 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).
 
Error - 09.08.2012 16:18:02 | Computer Name = NDES00471101000 | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).
 
Error - 10.08.2012 00:55:22 | Computer Name = NDES00471101000 | Source = NETLOGON | ID = 3095
Description = Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert,
 nicht als  Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser  Konfiguration
 nicht gestartet zu sein.
 
Error - 10.08.2012 00:55:40 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "hpdj" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%2
 
Error - 10.08.2012 00:55:40 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Telnet" ist vom Dienst "NT LM Security Support Provider"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1058
 
Error - 10.08.2012 07:02:36 | Computer Name = NDES00471101000 | Source = NETLOGON | ID = 3095
Description = Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert,
 nicht als  Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser  Konfiguration
 nicht gestartet zu sein.
 
Error - 10.08.2012 07:02:47 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "hpdj" wurde aufgrund folgenden Fehlers nicht gestartet:
  %%2
 
Error - 10.08.2012 07:02:47 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Telnet" ist vom Dienst "NT LM Security Support Provider"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1058
 
Error - 10.08.2012 07:02:53 | Computer Name = NDES00471101000 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  PCIIde
 
 
< End of report >
vielen Dank nochmal :-)

t'john 11.08.2012 01:46
:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Ersetze die *** Sternchen wieder in den Benutzernamen zurück!
Code:
:OTL
MOD - C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe ()
SRV - (hpdj) -- C:\DOCUME~1\***~1\LOCALS~1\Temp\hpdj.exe File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (hwusbdev) -- system32\DRIVERS\ewusbdev.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (Changer) -- File not found
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://de.search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKU\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B79eab090-17eb-4d01-a820-5db1aa898c97%7D&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&ds=od011&v=11.1.0.12&lang=de&pr=sa&d=2012-07-14%2017%3A37%3A45&sap=ku&q="
FF - prefs.js..network.proxy.type: 0
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - Startup: C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk = C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Save Image To Alice SmartDisk - C:\Program Files\Alice SmartDisk\download.html File not found
O8 - Extra context menu item: Save Target To Alice SmartDisk - C:\Program Files\Alice SmartDisk\download.html File not found
O15 - HKLM\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-329068152-963894560-725345543-1006\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.28 15:24:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell - "" = AutoRun
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell - "" = AutoRun
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\Shell\AutoRun\command - "" = F:\AutoRun.exe
[2012.07.15 14:34:04 | 000,002,247 | ---- | M] () -- C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:6E86D926
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:57B2B96C
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F036C20D
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:C07A6A6B
@Alternate Data Stream - 234 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D2397415
@Alternate Data Stream - 216 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:4363DE71
@Alternate Data Stream - 215 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:C22674B6
@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F84B8DB5
@Alternate Data Stream - 210 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A3B8F70C
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A688EF17
@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A00BCDEF
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F41F8101
@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:425759C6
@Alternate Data Stream - 207 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8140CB50
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:BDCD0530
@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:385E2CFD
@Alternate Data Stream - 199 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:80B291A7
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:569CEE83
@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3E06C78F
@Alternate Data Stream - 196 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:B6DD2C7E
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:0487F955
@Alternate Data Stream - 189 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:70E897B5
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3571475C
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:014BC3B4
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3B454A5C
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:193CB03B
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8DD20B4A
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:38FF076E
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:28CDD861
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:2B40A7DB
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:CEE4A457
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:89C28CF6
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:751D6870
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:98982C88
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:9026FFAC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:61AF2B29
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:9FD757A9
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:512E1728
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:4FA837B4
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:7ADB695A
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:AD727397
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:852F2262
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D0D17155
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:438C7496
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:4CF76F21
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:627153F1
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:551BED5F
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:C2F24DB5
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:7CEDF9F3
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:35C78DCC
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A02025CE
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:957E9765
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:69E3AF64
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:EC0A74A1
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:9857FAE3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F1175E1D
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:BE6B5FC3
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:4A1628E5
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:059167AF
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:CB0FEE2B
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:7B52659E
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3D36932D
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8E5EA40F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:237E4B91
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:99C301D0
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8DF68137
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:663B62CA
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:471AD3D0
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:FECEF728
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:C928F3BE
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:6BF0805F
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8277EEB5
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:2CDB9CA3
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A6346EE9
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:6444B424
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:33EA030E
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:2BC498A4
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:97C4F81F
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:7881FECE
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:6FE17A89
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D2032EBB
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F2AF86D9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:DF0BC727
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:67BA17B9
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D0668210
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F44D3C53
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:5AE33054
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8F067037
 
[2012.07.15 14:33:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\BrowserCompanion

:Files


ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

ranjid 12.08.2012 17:26
Code:
All processes killed
========== OTL ==========
Service hpdj stopped successfully!
Service hpdj deleted successfully!
File  C:\DOCUME~1\***\LOCALS~1\Temp\hpdj.exe File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File  File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File  File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File  File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File  File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File  File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File  File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File  File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File  File not found not found.
Service hwusbdev stopped successfully!
Service hwusbdev deleted successfully!
File  system32\DRIVERS\ewusbdev.sys File not found not found.
Service hwdatacard stopped successfully!
Service hwdatacard deleted successfully!
File  system32\DRIVERS\ewusbmdm.sys File not found not found.
Service ewusbnet stopped successfully!
Service ewusbnet deleted successfully!
File  system32\DRIVERS\ewusbnet.sys File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File  File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
HKU\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Prefs.js: "Winload Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://www.google.de" removed from browser.startup.homepage
Prefs.js: "hxxp://isearch.avg.com/search?cid=%7B79eab090-17eb-4d01-a820-5db1aa898c97%7D&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&ds=od011&v=11.1.0.12&lang=de&pr=sa&d=2012-07-14%2017%3A37%3A45&sap=ku&q=" removed from keyword.URL
Prefs.js: 0 removed from network.proxy.type
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk moved successfully.
C:\Documents and Settings\***\Application Data\BrowserCompanion\tbhcn.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Save Image To Alice SmartDisk\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Save Target To Alice SmartDisk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-329068152-963894560-725345543-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
C:\WINDOWS\system32\igfxsrvc.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa85819-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa85819-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa85819-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa85819-46be-11df-a282-404e57434401}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa8581c-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa8581c-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa8581c-46be-11df-a282-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa8581c-46be-11df-a282-404e57434401}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55c13f5c-a004-11e0-a9b8-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55c13f5c-a004-11e0-a9b8-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55c13f5c-a004-11e0-a9b8-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55c13f5c-a004-11e0-a9b8-404e57434401}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60e39af6-b209-11e0-a9cc-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60e39af6-b209-11e0-a9cc-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60e39af6-b209-11e0-a9cc-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60e39af6-b209-11e0-a9cc-404e57434401}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715ba-aba5-11e0-a9c1-404e57434401}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715bd-aba5-11e0-a9c1-404e57434401}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e4715c3-aba5-11e0-a9c1-404e57434401}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdf3683c-9fff-11e0-a9b7-0015c512d44d}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86bc3a6-b0a1-11e0-a9c7-404e57434401}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff91476c-a3d5-11e0-a9b9-404e57434401}\ not found.
File F:\AutoRun.exe not found.
File C:\Documents and Settings\***\Start Menu\Programs\Startup\tbhcn.lnk not found.
ADS C:\Documents and Settings\All Users\Application Data\Temp:6E86D926 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:57B2B96C deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F036C20D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:C07A6A6B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:D2397415 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:4363DE71 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:C22674B6 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F84B8DB5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:A3B8F70C deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:A688EF17 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:A00BCDEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F41F8101 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:425759C6 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8140CB50 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:BDCD0530 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:385E2CFD deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:80B291A7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:569CEE83 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:3E06C78F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:B6DD2C7E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:0487F955 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:70E897B5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:3571475C deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:014BC3B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:3B454A5C deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:193CB03B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8DD20B4A deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:38FF076E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:28CDD861 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:2B40A7DB deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:CEE4A457 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:89C28CF6 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:751D6870 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:98982C88 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:9026FFAC deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:61AF2B29 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:9FD757A9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:512E1728 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:4FA837B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:7ADB695A deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:AD727397 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:852F2262 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:D0D17155 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:438C7496 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:4CF76F21 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:627153F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:551BED5F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:C2F24DB5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:7CEDF9F3 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:35C78DCC deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:A02025CE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:957E9765 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:69E3AF64 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:EC0A74A1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:9857FAE3 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F1175E1D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:BE6B5FC3 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:4A1628E5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:059167AF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:CB0FEE2B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:7B52659E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:3D36932D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8E5EA40F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:237E4B91 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:99C301D0 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8DF68137 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:663B62CA deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:471AD3D0 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:FECEF728 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:C928F3BE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:6BF0805F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8277EEB5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:2CDB9CA3 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:A6346EE9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:6444B424 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:33EA030E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:2BC498A4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:97C4F81F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:7881FECE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:6FE17A89 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:D2032EBB deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F2AF86D9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:DF0BC727 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:67BA17B9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:D0668210 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:F44D3C53 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:5AE33054 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:8F067037 deleted successfully.
C:\Documents and Settings\***\Application Data\BrowserCompanion folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Documents and Settings\***\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Kinder
->Temp folder emptied: 67472 bytes
->Temporary Internet Files folder emptied: 1088155 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 73172901 bytes
->Flash cache emptied: 2454 bytes
 
User: Lara
->Temp folder emptied: 311804 bytes
->Temporary Internet Files folder emptied: 954999 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 164248197 bytes
->Flash cache emptied: 19658 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33177 bytes
 
User: NetworkService
->Temp folder emptied: 47336220 bytes
->Temporary Internet Files folder emptied: 33177 bytes
 
User: ***
->Temp folder emptied: 1321305 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 1336218 bytes
->FireFox cache emptied: 71160529 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 587 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 559701 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 426176926 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 751,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
 
User: Kinder
->Flash cache emptied: 0 bytes
 
User: Lara
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
User: ***
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.56.0 log created on 08122012_175933

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

t'john 12.08.2012 18:14
Sehr gut! :daumenhoc

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

ranjid 18.08.2012 15:50
Hallo t`john,

danke nochmals für Deine Unterstützung.:dankeschoen:

im moment bin ich kaum online, deswegen erst jetzt das logfile:

Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.17.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
*** :: NDES00471101000 [Administrator]

18.08.2012 14:34:11
mbam-log-2012-08-18 (14-34-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 63203
Laufzeit: 1 Stunde(n), 31 Minute(n), 22 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
und vom adwCleaner:

Code:
# AdwCleaner v1.801 - Logfile created 08/18/2012 at 16:51:16
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : *** - NDES00471101000
# Boot Mode : Normal
# Running from : C:\Documents and Settings\***\My Documents\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\***\Local Settings\Application Data\Babylon
Folder Found : C:\Documents and Settings\***\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\***\AppData\LocalLow\bbrs_002.tb
Folder Found : C:\Documents and Settings\***\Application Data\Babylon
Folder Found : C:\Documents and Settings\***\Application Data\Iminent
Folder Found : C:\Documents and Settings\***\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\***\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\***\Application Data\BabylonToolbar
Folder Found : C:\Documents and Settings\***\Application Data\Iminent
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\Conduit
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\ConduitCommon
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\bbrs_002@blabbers.com
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\ffxtlbr@incredibar.com
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found : C:\Documents and Settings\All Users\Application Data\Iminent
Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Iminent
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\MyStart Search.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Plusnetwork.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\SearchTheWeb.xml
File Found : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Found : C:\user.js

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BrowserCompanion
Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Iminent
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\Web Assistant
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=hp

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\prefs.js

Found : user_pref("CT2319825..clientLogIsEnabled", true);
Found : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2319825.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2319825.CTID", "CT2319825");
Found : user_pref("CT2319825.CurrentServerDate", "4-12-2011");
Found : user_pref("CT2319825.DialogsAlignMode", "LTR");
Found : user_pref("CT2319825.DialogsGetterLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Found : user_pref("CT2319825.DownloadReferralCookieData", "");
Found : user_pref("CT2319825.EMailNotifierPollDate", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CT2319825.FeedLastCount128902288263982011", 212);
Found : user_pref("CT2319825.FeedLastCount129056115025381886", 50);
Found : user_pref("CT2319825.FeedLastCount129098533413278042", 0);
Found : user_pref("CT2319825.FeedPollDate11908299", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.FeedPollDate128902288263982011", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129056115025381886", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129098533413278042", "Wed Jul 14 2010 10:31:36 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228016461601757", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228019840048158", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228021559110981", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228022849107630", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FirstServerDate", "24-6-2010");
Found : user_pref("CT2319825.FirstTime", true);
Found : user_pref("CT2319825.FirstTimeFF3", true);
Found : user_pref("CT2319825.FixPageNotFoundErrors", true);
Found : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2319825.HasUserGlobalKeys", true);
Found : user_pref("CT2319825.HomePageProtectorEnabled", false);
Found : user_pref("CT2319825.HomepageBeforeUnload", "hxxp://www.google.de");
Found : user_pref("CT2319825.Initialize", true);
Found : user_pref("CT2319825.InitializeCommonPrefs", true);
Found : user_pref("CT2319825.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2319825.InstallationType", "Unknown");
Found : user_pref("CT2319825.InstalledDate", "Thu Jun 24 2010 13:16:34 GMT+0200");
Found : user_pref("CT2319825.InvalidateCache", false);
Found : user_pref("CT2319825.IsAlertDBUpdated", true);
Found : user_pref("CT2319825.IsGrouping", false);
Found : user_pref("CT2319825.IsMulticommunity", false);
Found : user_pref("CT2319825.IsOpenThankYouPage", false);
Found : user_pref("CT2319825.IsOpenUninstallPage", true);
Found : user_pref("CT2319825.LanguagePackLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2319825.LastLogin_2.5.8.6", "Wed Dec 15 2010 12:29:55 GMT+0100");
Found : user_pref("CT2319825.LastLogin_3.2.5.2", "Mon Mar 28 2011 07:36:56 GMT+0200");
Found : user_pref("CT2319825.LastLogin_3.7.0.6", "Sun Oct 09 2011 16:52:16 GMT+0200");
Found : user_pref("CT2319825.LastLogin_3.8.0.8", "Sun Dec 04 2011 16:58:51 GMT+0100");
Found : user_pref("CT2319825.LatestVersion", "3.8.0.8");
Found : user_pref("CT2319825.Locale", "de");
Found : user_pref("CT2319825.LoginCache", 4);
Found : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Found : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Found : user_pref("CT2319825.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2319825.RadioIsPodcast", false);
Found : user_pref("CT2319825.RadioLastCheckTime", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2319825.RadioLastUpdateServer", "129224641269630000");
Found : user_pref("CT2319825.RadioMediaID", "11949532");
Found : user_pref("CT2319825.RadioMediaType", "Media Player");
Found : user_pref("CT2319825.RadioMenuSelectedID", "EBRadioMenu_CT231982511949532");
Found : user_pref("CT2319825.RadioShrinkedFromSetup", false);
Found : user_pref("CT2319825.RadioStationName", "1Live");
Found : user_pref("CT2319825.RadioStationURL", "hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_ei[...]
Found : user_pref("CT2319825.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2319825.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2319825.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2319825.SearchEngineBeforeUnload", "Google");
Found : user_pref("CT2319825.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Found : user_pref("CT2319825.SearchInNewTabEnabled", true);
Found : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2319825.SearchProtectorEnabled", false);
Found : user_pref("CT2319825.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2319825.ServiceMapLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CT2319825.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2319825.SettingsLastCheckTime", "Sun Dec 04 2011 16:58:41 GMT+0100");
Found : user_pref("CT2319825.SettingsLastUpdate", "1321973105");
Found : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Sun Dec 04 2011 16:58:41 GMT+0100");
Found : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1279194733");
Found : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Found : user_pref("CT2319825.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2319825.Uninstall", true);
Found : user_pref("CT2319825.UserID", "UN32359273971892189");
Found : user_pref("CT2319825.ValidationData_Search", 2);
Found : user_pref("CT2319825.ValidationData_Toolbar", 2);
Found : user_pref("CT2319825.WeatherNetwork", "");
Found : user_pref("CT2319825.WeatherPollDate", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.WeatherUnit", "C");
Found : user_pref("CT2319825.alertChannelId", "715912");
Found : user_pref("CT2319825.backendstorage.id", "313332363730");
Found : user_pref("CT2319825.backendstorage.shpngrd_evnts", "31");
Found : user_pref("CT2319825.backendstorage.shpngrdglblcfg", "7B7265662020202020203A2027776E6C64272C20666565[...]
Found : user_pref("CT2319825.clientLogIsEnabled", false);
Found : user_pref("CT2319825.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2319825.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2319825.globalFirstTimeInfoLastCheckTime", "Sun Dec 04 2011 16:59:14 GMT+0100");
Found : user_pref("CT2319825.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2319825.initDone", true);
Found : user_pref("CT2319825.isAppTrackingManagerOn", true);
Found : user_pref("CT2319825.isFirstRadioInstallation", false);
Found : user_pref("CT2319825.myStuffEnabled", true);
Found : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2319825.oldAppsList", "128898076802619665,128898076802619666,111,129309281463312841,129[...]
Found : user_pref("CT2319825.revertSettingsEnabled", true);
Found : user_pref("CT2319825.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2319825.searchProtectorEnableByLogin", true);
Found : user_pref("CT2319825.testingCtid", "");
Found : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.toolbarContextMenuLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Found : user_pref("CT2319825.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/715912/711772/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2319825&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2319825/CT2319825[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"07b[...]
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "winload");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\***\\App[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2319825");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "winload");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2319825");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2319825");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 13:23:03 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 22 2011 15:40:01 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 22 2011 15:10:58 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "bad79405-8158-479d-b7e2-4ca6d92bd370");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "9ac0e005-720d-4039-b552-2d00bd46822c");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
Found : user_pref("CommunityToolbar.killedEngine", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 04 2011 16:58:5[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Dec 04 2011 16:59:12 GMT+010[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "a92ed0ca-c467-4ba9-9f13-602da870027b");
Found : user_pref("CommunityToolbar.undefined", "");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb167?a=6OyHVuiT2Y&loc=FF_NT");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=050412_30b");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.BabylonToolbar_i.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15444");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=05041[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:04:31");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,jqs@sun.com:1.0,[...]
Found : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "8");
Found : user_pref("extensions.incredibar.actvtyRptTime", "1342355753015");
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Found : user_pref("extensions.incredibar.cntry", "DE");
Found : user_pref("extensions.incredibar.dfltLng", "EN");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.dfltlng", "en");
Found : user_pref("extensions.incredibar.dfltsrch", "false");
Found : user_pref("extensions.incredibar.did", "10671");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "FADD26C3B0357BD83A409E9AAECC8670");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.hrdid", "0");
Found : user_pref("extensions.incredibar.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15535");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.instlday", "15535");
Found : user_pref("extensions.incredibar.instlref", "");
Found : user_pref("extensions.incredibar.isDcmntCmplt", false);
Found : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Found : user_pref("extensions.incredibar.keywordurl", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.newtab", "false");
Found : user_pref("extensions.incredibar.newtaburl", "");
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.smplgrp", "none");
Found : user_pref("extensions.incredibar.srch", "");
Found : user_pref("extensions.incredibar.srchprvdr", "");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Found : user_pref("extensions.incredibar.tlbrid", "base");
Found : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6OyHVuiT2Y");
Found : user_pref("extensions.incredibar.upn2n", "92261754530930308");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnts", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10671");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15535");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6OyHVuiT2Y");
Found : user_pref("extensions.incredibar_i.upn2n", "92261754530930308");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\vg2t0alj.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\zdg5fo82.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\***\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found :    "homepage" : "hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d8[...]

*************************

AdwCleaner[R1].txt - [43426 octets] - [18/08/2012 16:51:16]

########## EOF - C:\AdwCleaner[R1].txt - [43555 octets] ##########

t'john 19.08.2012 17:20
Sehr gut! :daumenhoc


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

ranjid 23.08.2012 16:43
hallo,

hier das File vom adwcleaner:

Code:
# AdwCleaner v1.801 - Logfile created 08/18/2012 at 16:51:16
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : *** - NDES00471101000
# Boot Mode : Normal
# Running from : C:\Documents and Settings\***\My Documents\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\***\Local Settings\Application Data\Babylon
Folder Found : C:\Documents and Settings\***\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\***\AppData\LocalLow\bbrs_002.tb
Folder Found : C:\Documents and Settings\***\Application Data\Babylon
Folder Found : C:\Documents and Settings\***\Application Data\Iminent
Folder Found : C:\Documents and Settings\***\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\***\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\***\Application Data\BabylonToolbar
Folder Found : C:\Documents and Settings\***\Application Data\Iminent
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\Conduit
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\ConduitCommon
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\bbrs_002@blabbers.com
Folder Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\ffxtlbr@incredibar.com
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found : C:\Documents and Settings\All Users\Application Data\Iminent
Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Iminent
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\MyStart Search.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Plusnetwork.xml
File Found : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\SearchTheWeb.xml
File Found : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Found : C:\user.js

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BrowserCompanion
Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Iminent
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\Web Assistant
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=hp

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\prefs.js

Found : user_pref("CT2319825..clientLogIsEnabled", true);
Found : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2319825.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2319825.CTID", "CT2319825");
Found : user_pref("CT2319825.CurrentServerDate", "4-12-2011");
Found : user_pref("CT2319825.DialogsAlignMode", "LTR");
Found : user_pref("CT2319825.DialogsGetterLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Found : user_pref("CT2319825.DownloadReferralCookieData", "");
Found : user_pref("CT2319825.EMailNotifierPollDate", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CT2319825.FeedLastCount128902288263982011", 212);
Found : user_pref("CT2319825.FeedLastCount129056115025381886", 50);
Found : user_pref("CT2319825.FeedLastCount129098533413278042", 0);
Found : user_pref("CT2319825.FeedPollDate11908299", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.FeedPollDate128902288263982011", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129056115025381886", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129098533413278042", "Wed Jul 14 2010 10:31:36 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228016461601757", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228019840048158", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228021559110981", "Fri Sep 10 2010 09:38:38 GMT+0200");
Found : user_pref("CT2319825.FeedPollDate129228022849107630", "Fri Sep 10 2010 09:38:39 GMT+0200");
Found : user_pref("CT2319825.FirstServerDate", "24-6-2010");
Found : user_pref("CT2319825.FirstTime", true);
Found : user_pref("CT2319825.FirstTimeFF3", true);
Found : user_pref("CT2319825.FixPageNotFoundErrors", true);
Found : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2319825.HasUserGlobalKeys", true);
Found : user_pref("CT2319825.HomePageProtectorEnabled", false);
Found : user_pref("CT2319825.HomepageBeforeUnload", "hxxp://www.google.de");
Found : user_pref("CT2319825.Initialize", true);
Found : user_pref("CT2319825.InitializeCommonPrefs", true);
Found : user_pref("CT2319825.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2319825.InstallationType", "Unknown");
Found : user_pref("CT2319825.InstalledDate", "Thu Jun 24 2010 13:16:34 GMT+0200");
Found : user_pref("CT2319825.InvalidateCache", false);
Found : user_pref("CT2319825.IsAlertDBUpdated", true);
Found : user_pref("CT2319825.IsGrouping", false);
Found : user_pref("CT2319825.IsMulticommunity", false);
Found : user_pref("CT2319825.IsOpenThankYouPage", false);
Found : user_pref("CT2319825.IsOpenUninstallPage", true);
Found : user_pref("CT2319825.LanguagePackLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2319825.LastLogin_2.5.8.6", "Wed Dec 15 2010 12:29:55 GMT+0100");
Found : user_pref("CT2319825.LastLogin_3.2.5.2", "Mon Mar 28 2011 07:36:56 GMT+0200");
Found : user_pref("CT2319825.LastLogin_3.7.0.6", "Sun Oct 09 2011 16:52:16 GMT+0200");
Found : user_pref("CT2319825.LastLogin_3.8.0.8", "Sun Dec 04 2011 16:58:51 GMT+0100");
Found : user_pref("CT2319825.LatestVersion", "3.8.0.8");
Found : user_pref("CT2319825.Locale", "de");
Found : user_pref("CT2319825.LoginCache", 4);
Found : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Found : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Found : user_pref("CT2319825.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2319825.RadioIsPodcast", false);
Found : user_pref("CT2319825.RadioLastCheckTime", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2319825.RadioLastUpdateServer", "129224641269630000");
Found : user_pref("CT2319825.RadioMediaID", "11949532");
Found : user_pref("CT2319825.RadioMediaType", "Media Player");
Found : user_pref("CT2319825.RadioMenuSelectedID", "EBRadioMenu_CT231982511949532");
Found : user_pref("CT2319825.RadioShrinkedFromSetup", false);
Found : user_pref("CT2319825.RadioStationName", "1Live");
Found : user_pref("CT2319825.RadioStationURL", "hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_ei[...]
Found : user_pref("CT2319825.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2319825.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2319825.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2319825.SearchEngineBeforeUnload", "Google");
Found : user_pref("CT2319825.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Found : user_pref("CT2319825.SearchInNewTabEnabled", true);
Found : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2319825.SearchProtectorEnabled", false);
Found : user_pref("CT2319825.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2319825.ServiceMapLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CT2319825.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2319825.SettingsLastCheckTime", "Sun Dec 04 2011 16:58:41 GMT+0100");
Found : user_pref("CT2319825.SettingsLastUpdate", "1321973105");
Found : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Sun Dec 04 2011 16:58:41 GMT+0100");
Found : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1279194733");
Found : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Found : user_pref("CT2319825.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2319825.Uninstall", true);
Found : user_pref("CT2319825.UserID", "UN32359273971892189");
Found : user_pref("CT2319825.ValidationData_Search", 2);
Found : user_pref("CT2319825.ValidationData_Toolbar", 2);
Found : user_pref("CT2319825.WeatherNetwork", "");
Found : user_pref("CT2319825.WeatherPollDate", "Sun Dec 04 2011 16:58:47 GMT+0100");
Found : user_pref("CT2319825.WeatherUnit", "C");
Found : user_pref("CT2319825.alertChannelId", "715912");
Found : user_pref("CT2319825.backendstorage.id", "313332363730");
Found : user_pref("CT2319825.backendstorage.shpngrd_evnts", "31");
Found : user_pref("CT2319825.backendstorage.shpngrdglblcfg", "7B7265662020202020203A2027776E6C64272C20666565[...]
Found : user_pref("CT2319825.clientLogIsEnabled", false);
Found : user_pref("CT2319825.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2319825.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2319825.globalFirstTimeInfoLastCheckTime", "Sun Dec 04 2011 16:59:14 GMT+0100");
Found : user_pref("CT2319825.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2319825.initDone", true);
Found : user_pref("CT2319825.isAppTrackingManagerOn", true);
Found : user_pref("CT2319825.isFirstRadioInstallation", false);
Found : user_pref("CT2319825.myStuffEnabled", true);
Found : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2319825.oldAppsList", "128898076802619665,128898076802619666,111,129309281463312841,129[...]
Found : user_pref("CT2319825.revertSettingsEnabled", true);
Found : user_pref("CT2319825.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2319825.searchProtectorEnableByLogin", true);
Found : user_pref("CT2319825.testingCtid", "");
Found : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Found : user_pref("CT2319825.toolbarContextMenuLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Found : user_pref("CT2319825.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/715912/711772/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2319825&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2319825/CT2319825[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"07b[...]
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "winload");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\***\\App[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2319825");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "winload");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2319825");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2319825");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 13:23:03 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 22 2011 15:40:01 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 22 2011 15:10:58 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "bad79405-8158-479d-b7e2-4ca6d92bd370");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "9ac0e005-720d-4039-b552-2d00bd46822c");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
Found : user_pref("CommunityToolbar.killedEngine", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 04 2011 16:58:5[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Dec 04 2011 16:59:12 GMT+010[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "a92ed0ca-c467-4ba9-9f13-602da870027b");
Found : user_pref("CommunityToolbar.undefined", "");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb167?a=6OyHVuiT2Y&loc=FF_NT");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=050412_30b");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.BabylonToolbar_i.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15444");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=05041[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:04:31");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,jqs@sun.com:1.0,[...]
Found : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "8");
Found : user_pref("extensions.incredibar.actvtyRptTime", "1342355753015");
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Found : user_pref("extensions.incredibar.cntry", "DE");
Found : user_pref("extensions.incredibar.dfltLng", "EN");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.dfltlng", "en");
Found : user_pref("extensions.incredibar.dfltsrch", "false");
Found : user_pref("extensions.incredibar.did", "10671");
Found : user_pref("extensions.incredibar.envrmnt", "production");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "FADD26C3B0357BD83A409E9AAECC8670");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.hrdid", "0");
Found : user_pref("extensions.incredibar.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15535");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.instlday", "15535");
Found : user_pref("extensions.incredibar.instlref", "");
Found : user_pref("extensions.incredibar.isDcmntCmplt", false);
Found : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Found : user_pref("extensions.incredibar.keywordurl", "");
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.newtab", "false");
Found : user_pref("extensions.incredibar.newtaburl", "");
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.smplgrp", "none");
Found : user_pref("extensions.incredibar.srch", "");
Found : user_pref("extensions.incredibar.srchprvdr", "");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Found : user_pref("extensions.incredibar.tlbrid", "base");
Found : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6OyHVuiT2Y");
Found : user_pref("extensions.incredibar.upn2n", "92261754530930308");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnts", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10671");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "a0690fb50000000000000015c512d44d");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15535");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6OyHVuiT2Y");
Found : user_pref("extensions.incredibar_i.upn2n", "92261754530930308");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1417:29:18");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\vg2t0alj.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\zdg5fo82.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\***\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found :    "homepage" : "hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d8[...]

*************************

AdwCleaner[R1].txt - [43426 octets] - [18/08/2012 16:51:16]

########## EOF - C:\AdwCleaner[R1].txt - [43555 octets] ##########

t'john 23.08.2012 19:03
Beachte die Anweisung! adwcleaner richtig ausfuehren!

Wo ist Emsisoft Log?

ranjid 24.08.2012 16:47
Hallo !

jetzt habe ich nochmal den adwcleaner ausgeführt- das ist das logfile:
Code:
# AdwCleaner v1.801 - Logfile created 08/24/2012 at 16:51:17
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : *** - NDES00471101000
# Boot Mode : Normal
# Running from : C:\Documents and Settings\***\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\***\Local Settings\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\***\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\***\AppData\LocalLow\bbrs_002.tb
Folder Deleted : C:\Documents and Settings\***\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\***\Application Data\Iminent
Folder Deleted : C:\Documents and Settings\***\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\***\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\***\Application Data\BabylonToolbar
Folder Deleted : C:\Documents and Settings\***\Application Data\Iminent
Folder Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\Conduit
Folder Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\bbrs_002@blabbers.com
Folder Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\extensions\ffxtlbr@incredibar.com
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Iminent
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
File Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\MyStart Search.xml
File Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\Plusnetwork.xml
File Deleted : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\searchplugins\SearchTheWeb.xml
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Deleted : C:\user.js

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d847d0bbd5910711a7adf2-c5cb75a7e9770c60364c86c09fd31f26589f9e9a&lang=de&ds=od011&pr=sa&d=2012-07-14 17:37:45&v=11.1.0.12&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\prefs.js

C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\cmo0higa.default\user.js ... Deleted !

Deleted : user_pref("CT2319825..clientLogIsEnabled", true);
Deleted : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2319825.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2319825.CTID", "CT2319825");
Deleted : user_pref("CT2319825.CurrentServerDate", "4-12-2011");
Deleted : user_pref("CT2319825.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2319825.DialogsGetterLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Deleted : user_pref("CT2319825.DownloadReferralCookieData", "");
Deleted : user_pref("CT2319825.EMailNotifierPollDate", "Sun Dec 04 2011 16:58:45 GMT+0100");
Deleted : user_pref("CT2319825.FeedLastCount128902288263982011", 212);
Deleted : user_pref("CT2319825.FeedLastCount129056115025381886", 50);
Deleted : user_pref("CT2319825.FeedLastCount129098533413278042", 0);
Deleted : user_pref("CT2319825.FeedPollDate11908299", "Sun Dec 04 2011 16:58:47 GMT+0100");
Deleted : user_pref("CT2319825.FeedPollDate128902288263982011", "Fri Sep 10 2010 09:38:39 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129056115025381886", "Fri Sep 10 2010 09:38:38 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129098533413278042", "Wed Jul 14 2010 10:31:36 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129228016461601757", "Fri Sep 10 2010 09:38:38 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129228019840048158", "Fri Sep 10 2010 09:38:39 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129228021559110981", "Fri Sep 10 2010 09:38:38 GMT+0200");
Deleted : user_pref("CT2319825.FeedPollDate129228022849107630", "Fri Sep 10 2010 09:38:39 GMT+0200");
Deleted : user_pref("CT2319825.FirstServerDate", "24-6-2010");
Deleted : user_pref("CT2319825.FirstTime", true);
Deleted : user_pref("CT2319825.FirstTimeFF3", true);
Deleted : user_pref("CT2319825.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2319825.HasUserGlobalKeys", true);
Deleted : user_pref("CT2319825.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2319825.HomepageBeforeUnload", "hxxp://www.google.de");
Deleted : user_pref("CT2319825.Initialize", true);
Deleted : user_pref("CT2319825.InitializeCommonPrefs", true);
Deleted : user_pref("CT2319825.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2319825.InstallationType", "Unknown");
Deleted : user_pref("CT2319825.InstalledDate", "Thu Jun 24 2010 13:16:34 GMT+0200");
Deleted : user_pref("CT2319825.InvalidateCache", false);
Deleted : user_pref("CT2319825.IsAlertDBUpdated", true);
Deleted : user_pref("CT2319825.IsGrouping", false);
Deleted : user_pref("CT2319825.IsMulticommunity", false);
Deleted : user_pref("CT2319825.IsOpenThankYouPage", false);
Deleted : user_pref("CT2319825.IsOpenUninstallPage", true);
Deleted : user_pref("CT2319825.LanguagePackLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Deleted : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2319825.LastLogin_2.5.8.6", "Wed Dec 15 2010 12:29:55 GMT+0100");
Deleted : user_pref("CT2319825.LastLogin_3.2.5.2", "Mon Mar 28 2011 07:36:56 GMT+0200");
Deleted : user_pref("CT2319825.LastLogin_3.7.0.6", "Sun Oct 09 2011 16:52:16 GMT+0200");
Deleted : user_pref("CT2319825.LastLogin_3.8.0.8", "Sun Dec 04 2011 16:58:51 GMT+0100");
Deleted : user_pref("CT2319825.LatestVersion", "3.8.0.8");
Deleted : user_pref("CT2319825.Locale", "de");
Deleted : user_pref("CT2319825.LoginCache", 4);
Deleted : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2319825.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2319825.RadioIsPodcast", false);
Deleted : user_pref("CT2319825.RadioLastCheckTime", "Sun Dec 04 2011 16:58:47 GMT+0100");
Deleted : user_pref("CT2319825.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2319825.RadioLastUpdateServer", "129224641269630000");
Deleted : user_pref("CT2319825.RadioMediaID", "11949532");
Deleted : user_pref("CT2319825.RadioMediaType", "Media Player");
Deleted : user_pref("CT2319825.RadioMenuSelectedID", "EBRadioMenu_CT231982511949532");
Deleted : user_pref("CT2319825.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2319825.RadioStationName", "1Live");
Deleted : user_pref("CT2319825.RadioStationURL", "hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_ei[...]
Deleted : user_pref("CT2319825.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2319825.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT2319825.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2319825.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2319825.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Deleted : user_pref("CT2319825.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Deleted : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2319825.SearchProtectorEnabled", false);
Deleted : user_pref("CT2319825.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2319825.ServiceMapLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Deleted : user_pref("CT2319825.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2319825.SettingsLastCheckTime", "Sun Dec 04 2011 16:58:41 GMT+0100");
Deleted : user_pref("CT2319825.SettingsLastUpdate", "1321973105");
Deleted : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Sun Dec 04 2011 16:58:41 GMT+0100");
Deleted : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1279194733");
Deleted : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Deleted : user_pref("CT2319825.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2319825.Uninstall", true);
Deleted : user_pref("CT2319825.UserID", "UN32359273971892189");
Deleted : user_pref("CT2319825.ValidationData_Search", 2);
Deleted : user_pref("CT2319825.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2319825.WeatherNetwork", "");
Deleted : user_pref("CT2319825.WeatherPollDate", "Sun Dec 04 2011 16:58:47 GMT+0100");
Deleted : user_pref("CT2319825.WeatherUnit", "C");
Deleted : user_pref("CT2319825.alertChannelId", "715912");
Deleted : user_pref("CT2319825.backendstorage.id", "313332363730");
Deleted : user_pref("CT2319825.backendstorage.shpngrd_evnts", "31");
Deleted : user_pref("CT2319825.backendstorage.shpngrdglblcfg", "7B7265662020202020203A2027776E6C64272C20666565[...]
Deleted : user_pref("CT2319825.clientLogIsEnabled", false);
Deleted : user_pref("CT2319825.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2319825.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2319825.globalFirstTimeInfoLastCheckTime", "Sun Dec 04 2011 16:59:14 GMT+0100");
Deleted : user_pref("CT2319825.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2319825.initDone", true);
Deleted : user_pref("CT2319825.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2319825.isFirstRadioInstallation", false);
Deleted : user_pref("CT2319825.myStuffEnabled", true);
Deleted : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2319825.oldAppsList", "128898076802619665,128898076802619666,111,129309281463312841,129[...]
Deleted : user_pref("CT2319825.revertSettingsEnabled", true);
Deleted : user_pref("CT2319825.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2319825.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2319825.testingCtid", "");
Deleted : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Sun Dec 04 2011 16:59:10 GMT+0100");
Deleted : user_pref("CT2319825.toolbarContextMenuLastCheckTime", "Sun Dec 04 2011 16:59:11 GMT+0100");
Deleted : user_pref("CT2319825.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/715912/711772/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2319825&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2319825/CT2319825[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"07b[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "winload");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\***\\App[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2319825");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{40c3cc16-7269-4b32-9531-17f2950fb06f}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "winload");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2319825");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2319825");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 13:23:03 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Aug 22 2011 15:40:01 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Aug 22 2011 15:10:58 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "bad79405-8158-479d-b7e2-4ca6d92bd370");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "9ac0e005-720d-4039-b552-2d00bd46822c");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
Deleted : user_pref("CommunityToolbar.killedEngine", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Dec 04 2011 16:58:5[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Dec 04 2011 16:59:12 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Dec 04 2011 16:58:45 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "a92ed0ca-c467-4ba9-9f13-602da870027b");
Deleted : user_pref("CommunityToolbar.undefined", "");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb167?a=6OyHVuiT2Y&loc=FF_NT");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=050412_30b");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "a0690fb50000000000000015c512d44d");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "a0690fb50000000000000015c512d44d");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15444");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&tt=05041[...]
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:04:31");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,jqs@sun.com:1.0,[...]
Deleted : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "8");
Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1342355753015");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Deleted : user_pref("extensions.incredibar.cntry", "DE");
Deleted : user_pref("extensions.incredibar.dfltLng", "EN");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.dfltlng", "en");
Deleted : user_pref("extensions.incredibar.dfltsrch", "false");
Deleted : user_pref("extensions.incredibar.did", "10671");
Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "FADD26C3B0357BD83A409E9AAECC8670");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.hrdid", "0");
Deleted : user_pref("extensions.incredibar.id", "a0690fb50000000000000015c512d44d");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15535");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.instlday", "15535");
Deleted : user_pref("extensions.incredibar.instlref", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", false);
Deleted : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Deleted : user_pref("extensions.incredibar.keywordurl", "");
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1417:29:18");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.newtab", "false");
Deleted : user_pref("extensions.incredibar.newtaburl", "");
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.smplgrp", "none");
Deleted : user_pref("extensions.incredibar.srch", "");
Deleted : user_pref("extensions.incredibar.srchprvdr", "");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.tlbrid", "base");
Deleted : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6OyHVuiT2Y");
Deleted : user_pref("extensions.incredibar.upn2n", "92261754530930308");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1417:29:18");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnts", "1.5.11.1417:29:18");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10671");
Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Deleted : user_pref("extensions.incredibar_i.id", "a0690fb50000000000000015c512d44d");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15535");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHVuiT2Y&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6OyHVuiT2Y");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92261754530930308");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1417:29:18");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\vg2t0alj.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\zdg5fo82.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\***\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted :    "homepage" : "hxxp://isearch.avg.com/?cid={903FEB6A-F4F8-4954-ACCD-CE279641202E}&mid=a10c5fe4c3d8[...]

*************************

AdwCleaner[R1].txt - [43339 octets] - [18/08/2012 16:51:16]
AdwCleaner[S1].txt - [44684 octets] - [24/08/2012 16:51:17]

########## EOF - C:\AdwCleaner[S1].txt - [44813 octets] ##########

t'john 24.08.2012 18:10
Emsisoft Log?

ranjid 25.08.2012 09:10
hallo :-)

hier ist das emisoft log:

Code:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 24.08.2012 17:57:17

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:        24.08.2012 18:00:48

c:\documents and settings\***\desktop\azada.lnk        gefunden: Trace.File.gamefiesta azada!E1
Key: hkey_local_machine\software\trymedia systems        gefunden: Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software        gefunden: Trace.Registry.trymedia!E1
C:\UBCD4Win\BartPE\I386\SYSTEM32\NIRCMD.EXE        gefunden: Riskware.Win32.NirCmd.D!E1
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211051.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211458.EXE        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211727.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212053.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212058.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212055.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212054.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212061.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212062.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212059.exe        gefunden: Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212069.exe        gefunden: Trojan.Win32.Spy!E2

Gescannt        584315
Gefunden        15

Scan Ende:        25.08.2012 08:27:21
Scan Zeit:        14:26:33

C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211051.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211458.EXE        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0211727.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212053.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212058.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212055.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212054.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212061.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212062.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212059.exe        Quarantäne Trojan.Win32.Spy!E2
C:\System Volume Information\_restore{0111EB27-6CD3-4176-A2E4-F4511F0A8EBE}\RP601\A0212069.exe        Quarantäne Trojan.Win32.Spy!E2
C:\UBCD4Win\BartPE\I386\SYSTEM32\NIRCMD.EXE        Quarantäne Riskware.Win32.NirCmd.D!E1
Key: hkey_local_machine\software\trymedia systems        Quarantäne Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software        Quarantäne Trace.Registry.trymedia!E1
c:\documents and settings\***\desktop\azada.lnk        Quarantäne Trace.File.gamefiesta azada!E1

Quarantäne        15

t'john 25.08.2012 15:57
Sehr gut! :daumenhoc


Deinstalliere:
Emsisoft Anti-Malware


ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

ranjid 16.09.2012 13:03
hallo,

mein Internet war verdammt lahm- jetzt gehts aber wieder... und Hier ist das logfile:

Code:
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=36882
esets_scanner_update returned -1 esets_gle=36882
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=36882
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=dec17a91caf8564482bb8c21c86548ad
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-16 11:33:53
# local_time=2012-09-16 01:33:53 (+0100, W. Europe Daylight Time)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16774142 0 1 51568194 51568194 0 0
# compatibility_mode=2304 16777191 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 754154 754154 0 0
# scanned=32923
# found=0
# cleaned=0
# scan_time=12651


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131