Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.08.2012, 12:16   #1
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Hallo zusammen!

Mich hat er auch erwischt: der GVU-Virus. Ich bräuchte deshalb einen guten Rat.

Zur Geschichte des Problems:
Mittwochabend (29.08.) tauchte die "Erpresser-Seite" zum ersten Mal auf. Nach einem Kaltstart funktionierte (scheinbar) wieder alles. Ich habe dann mit Kaspersky und Avira nach dem Problem suchen lassen, allerdings ohne Erfolg... Danach habe ich Avira von meinem PC ordnungsgemäßg entfernt und dann versucht, Avast! zu installieren. Allerdings wurde der Virenschutz nicht aktiviert, auch die anderen Funktionen (Scan etc.) funktonierten nicht.
Als ich dann den PC mehrfach starten wollte, erschien jedes Mal nach kurzer Zeit die bekannte "Erpresser-Seite". Daraufhin bin ich auf dieses Forum aufmerksam geworden und würde mich über eure Hilfe freuen.

Ich habe bereits den Malwarebytes Anti-Malware-Scanner drüber laufen lassen (im abgesicherten Modus). Das Protokoll steht hiernach:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.31.04

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Standard :: CONSTANZE [Administrator]

Schutz: Deaktiviert

31.08.2012 11:13:39
mbam-log-2012-08-31 (11-13-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 442826
Laufzeit: 1 Stunde(n), 23 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: ;áÃzÊ;XA³0öm»Áµ -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://startsear.ch/?aff=1) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\Standard\AppData\Local\Temp\roper0dun.exe (Spyware.Zeus) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\7d8a5843-6a545597 (Spyware.Zeus) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3-converter.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Bitte helft mir! Danke! :-)

Alt 31.08.2012, 15:47   #2
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!





Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.


Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

2. Schritt
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 31.08.2012, 18:18   #3
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Hier nochmal alle drei Files zusammen:

MBAM-log:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.08.31.04

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Standard :: CONSTANZE [Administrator]

Schutz: Deaktiviert

31.08.2012 11:13:39
mbam-log-2012-08-31 (11-13-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 442826
Laufzeit: 1 Stunde(n), 23 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: ;áÃzÊ;XA³0öm»Áµ -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (StartPins) Gut: (Google) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\Standard\AppData\Local\Temp\roper0dun.exe (Spyware.Zeus) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\7d8a5843-6a545597 (Spyware.Zeus) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3-converter.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.08.2012 19:00:44 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 73,98% Memory free
4,23 Gb Paging File | 3,88 Gb Available in Paging File | 91,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,48 Gb Total Space | 11,28 Gb Free Space | 11,01% Space Free | Partition Type: NTFS
Drive D: | 1,89 Gb Total Space | 1,40 Gb Free Space | 74,06% Space Free | Partition Type: FAT32
 
Computer Name: CONSTANZE | User Name: Standard | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\1031\nsextint.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (GDFwSvc) -- C:\Program Files\G DATA InternetSecurity\Firewall\GDFwSvc.exe File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (AVKWCtl) -- C:\Program Files\G DATA InternetSecurity\AVK\AVKWCtl.exe File not found
SRV - (AVKService) -- C:\Program Files\G DATA InternetSecurity\AVK\AVKService.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (UMVPFSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (dtpd) -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe ()
SRV - (iked) -- C:\Program Files\ShrewSoft\VPN Client\iked.exe ()
SRV - (ipsecd) -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe ()
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (toshidpt) -- system32\drivers\Toshidpt.sys File not found
DRV - (PDNSp50) -- C:\Windows\system32\drivers\PDNSp50.sys File not found
DRV - (PDNMp50) -- C:\Windows\system32\drivers\PDNMp50.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (ntcdrdrv) -- C:\Windows\System32\drivers\ntcdrdrv.sys (NoteBurn Software)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (vflt) -- C:\Windows\System32\drivers\vfilter.sys (Shrew Soft Inc)
DRV - (vnet) -- C:\Windows\System32\drivers\virtualnet.sys (Shrew Soft Inc)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG)
DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G DATA Software AG)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (SiFilter) -- C:\Windows\System32\drivers\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (SiRemFil) -- C:\Windows\System32\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV - (SI3132) -- C:\Windows\System32\drivers\SI3132.sys (Silicon Image, Inc.)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (SonyImgF) -- C:\Windows\System32\drivers\SonyImgF.sys (Sony Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {1DCABD38-80C4-4A1A-AAC0-03453DE120E6}
IE - HKLM\..\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=175&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes,DefaultScope = {950892BA-F179-46C2-AEFE-D5283BB31E2E}
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLA_en
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{950892BA-F179-46C2-AEFE-D5283BB31E2E}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=175&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{A1ADEE33-74C2-43EA-AECD-F0D5AFAE77D0}: "URL" = hxxp://www.cuil.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "iLivid Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "iLivid Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: dplauncher@digitalpublishing.de:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=175&systemid=406&sr=0&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Standard\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Standard\AppData\Roaming\nprhapengine.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.11 22:23:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.30 22:08:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.31 13:21:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.01 11:26:48 | 000,000,000 | ---D | M]
 
[2011.10.21 18:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions
[2012.08.21 20:05:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\ha5vzwsg.default\extensions
[2012.08.21 20:05:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.04.30 17:57:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.06.06 16:44:49 | 000,000,000 | ---D | M] (dp Launcher Plugin) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\dplauncher@digitalpublishing.de
[2011.06.20 14:07:00 | 000,000,931 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\conduit.xml
[2011.10.21 17:48:03 | 000,002,520 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SearchResults.xml
[2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\startsear.xml
[2012.03.09 16:44:23 | 000,003,915 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\sweetim.xml
[2012.03.25 20:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.07.22 20:10:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.08.31 13:21:14 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.09 18:35:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 13:21:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.09 18:35:16 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.09 18:35:16 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.21 17:48:03 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012.06.09 18:35:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.09 18:35:16 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: D'Fusion @Home Web Plug-In (3.10.17859) (Enabled) = C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Standard\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll File not found
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe (Noteburner.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Plugin Install] C:\Program Files\QuickTime\Plugins\DeleteMe1.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O7 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Standard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: RSS-Support-Site zu VAIO Information FLOW hinzufügen - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BB5534D-5D38-4AF9-A096-BE9A90E43DAD}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\g data internetsecurity\avkkid\avkcks.exe) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\Shell - "" = AutoRun
O33 - MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\Shell - "" = AutoRun
O33 - MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\Shell - "" = AutoRun
O33 - MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\Shell - "" = AutoRun
O33 - MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\Shell - "" = AutoRun
O33 - MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b64ded37-77eb-11df-a763-0016fef3706c}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.31 11:12:10 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\Malwarebytes
[2012.08.31 11:11:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.31 11:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.31 11:11:48 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.31 11:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.31 10:14:15 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.08.30 22:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.08.30 22:09:45 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.08.30 22:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.08.30 22:09:44 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.08.30 22:09:29 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.08.30 22:09:27 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.08.30 22:09:23 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.08.30 22:08:05 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.08.30 22:08:04 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.08.30 22:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.08.30 22:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.08.20 21:08:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.20 21:08:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.20 21:08:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.20 21:08:32 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.20 21:08:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.20 21:08:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.20 21:08:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.20 21:08:01 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.13 12:29:26 | 017,798,272 | ---- | C] (Dropbox, Inc.) -- C:\Users\Standard\Desktop\Dropbox 1.4.12.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Standard\Documents\*.tmp files -> C:\Users\Standard\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.31 19:00:17 | 000,702,798 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.31 19:00:17 | 000,657,616 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.31 19:00:17 | 000,158,414 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.31 19:00:17 | 000,128,732 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.31 18:58:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.31 11:11:51 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.31 10:36:01 | 083,023,306 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.08.31 10:31:49 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.31 10:31:37 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 10:31:37 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 10:14:18 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.31 10:14:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.08.31 09:52:23 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.30 23:21:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.30 22:13:22 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.30 21:47:17 | 083,023,306 | ---- | M] () -- C:\ProgramData\23lldnur.pad
[2012.08.30 21:41:54 | 000,011,576 | ---- | M] () -- C:\ProgramData\erolpxei.pad
[2012.08.30 21:34:14 | 093,654,616 | ---- | M] () -- C:\Users\Standard\Desktop\avast_free_antivirus_setup_7.0.1466.exe
[2012.08.30 17:54:15 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.30 17:54:08 | 000,002,463 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.08.25 12:47:57 | 000,014,555 | ---- | M] () -- C:\Users\Standard\Desktop\egg_candled_bodycheck.jpg
[2012.08.21 17:21:18 | 000,391,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.08.21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.08.21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.08.15 20:52:10 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.15 20:52:10 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.13 12:29:39 | 017,798,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Standard\Desktop\Dropbox 1.4.12.exe
[2012.08.03 14:20:43 | 000,008,404 | ---- | M] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Standard\Documents\*.tmp files -> C:\Users\Standard\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.31 11:11:51 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.30 22:13:22 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.30 22:10:16 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.30 22:10:04 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.30 22:09:46 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.30 21:46:48 | 083,023,306 | ---- | C] () -- C:\ProgramData\23lldnur.pad
[2012.08.30 21:30:49 | 093,654,616 | ---- | C] () -- C:\Users\Standard\Desktop\avast_free_antivirus_setup_7.0.1466.exe
[2012.08.30 17:19:58 | 000,011,576 | ---- | C] () -- C:\ProgramData\erolpxei.pad
[2012.08.29 19:44:53 | 083,023,306 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.08.25 12:47:52 | 000,014,555 | ---- | C] () -- C:\Users\Standard\Desktop\egg_candled_bodycheck.jpg
[2012.06.15 20:51:22 | 000,758,050 | ---- | C] () -- C:\Users\Standard\Word_2007_Tastenkombinationen.pdf
[2011.08.21 22:39:06 | 004,444,996 | ---- | C] () -- C:\Users\Standard\Vorlesung_Schokolade_Teil_2.pdf
[2011.08.21 22:39:03 | 004,040,197 | ---- | C] () -- C:\Users\Standard\Vorlesung_Schokolade_Teil_1_09052011.pdf
[2011.08.21 21:23:57 | 028,048,977 | ---- | C] () -- C:\Users\Standard\Schokolade-Text.pdf
[2011.08.12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011.05.26 06:05:00 | 010,879,000 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011.05.26 06:05:00 | 000,333,336 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011.05.26 06:05:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011.05.26 05:56:28 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.12.06 20:38:07 | 000,104,448 | ---- | C] () -- C:\Users\Standard\neue folie.odp
[2010.09.27 13:03:08 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009.09.27 17:01:29 | 000,014,059 | ---- | C] () -- C:\Users\Standard\lukas.jpg
[2009.01.28 18:56:04 | 000,809,781 | ---- | C] () -- C:\Users\Standard\organische_chemie_dipl_06.rar
[2008.12.23 21:53:41 | 009,644,144 | ---- | C] () -- C:\Users\Standard\chemie_Skripte 2.rar
[2008.11.29 22:52:38 | 000,253,544 | ---- | C] () -- C:\Users\Standard\anhaenge_29_11_2008.zip
[2008.11.24 14:31:17 | 009,644,179 | ---- | C] () -- C:\Users\Standard\chemie_Skripte.rar
[2008.11.12 22:15:29 | 001,971,200 | ---- | C] () -- C:\Users\Standard\gleitlager.pps
[2008.10.08 19:11:58 | 000,005,910 | ---- | C] () -- C:\Users\Standard\TAN Liste.pdf
[2008.05.15 23:50:09 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.10.22 17:59:16 | 000,000,096 | ---- | C] () -- C:\Users\Standard\AppData\Local\fusioncache.dat
[2007.06.13 14:14:28 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.05.19 22:54:27 | 000,000,680 | RHS- | C] () -- C:\Users\Standard\ntuser.pol
[2007.05.19 20:46:28 | 000,001,624 | ---- | C] () -- C:\Users\Standard\AppData\Roaming\wklnhst.dat
[2007.02.12 19:29:03 | 000,020,992 | ---- | C] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.16 15:23:14 | 000,008,404 | ---- | C] () -- C:\Users\Standard\AppData\Local\d3d9caps.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:A0C7D68A
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:95775248
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:38E2864F
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:3118E26B
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:D8139E6A
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:213AFE42
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:B12D1A7D
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:9E2BD6A9
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:5D17C178
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:AB82C54F
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:66871744
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:ED9B661E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:56F368C9
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:393F7B1E
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8DD36B71
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:DA18D4E3
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4B244549
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:6247E766
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:9EE6560D
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:073139EC
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:DE47A3DA
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:43E95997
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:2E9900EE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A7DA2BCD
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:88698068
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4DCAC4BC
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:98AE08EA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:7972CF54
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:4A392155
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2B4E9D93
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A3E39C6A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8E7F155B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5F85EE30
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3B812EE0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:1B9E79B3
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:0ED4AC2F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:08D8BB20
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F67AAFC5
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DDEB08FD
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D3A8AA31
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:7776B809
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:162E02F7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:FDCAE7B5
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D9987109
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A00BCDEF
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:98DFF516
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:581B0446
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:483AC68A
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:3C0887BF
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EE3A2438
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:57CC1FDC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:554C6431
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4C49306C
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:3539CD43
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:00811B66
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E1D818F7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6FDE1666
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2EC5D66C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:063969F8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:BDF08FAF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:AE2EA3C2
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A561576B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:51E1A4D8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3815BC84
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9E50C1C9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9B285B76
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7CA7BED1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:22313216
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:FC8FFA4E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:CC073296
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:918B7566
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:10D45FC3
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E855BDCF
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D055FC10
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:AC95B5ED
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:8C6D2EC3
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:5C1EAB4E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:225CD7D5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A8F2382B
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A3750BE5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:85C3B823
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:072F1F69
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D994162E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:C86B29EB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:AA004D25
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:9398DBB4
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8F00BFC0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:76CF2021
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:42B6425E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3ADB6F65
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:35629AE6
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:275AA066
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:ED796303
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A745DB5D
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8AA99C0C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:6C5EC3CD
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:5C9CC85F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:48FEA089
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3BF63E4A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3A6BC948
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:9AA05701
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:710F4DBF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:6677D85A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:4E6B8D68
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:4A966CC2
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:3C5ABDC7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:2FC7B9E4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:BD9F7E4E
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A6346EE9
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A1023D41
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9C44EEEE
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:99A29126
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:90B52091
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:81653DC8
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:63F8EC77
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:41B2DADD
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:89F44603
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:7C412B92
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:33611CFB
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:EC0A74A1
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:BDCD0530
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:B321E944
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:94F67F32
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:51F17BB8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:32FFF2D1
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FC2E567F
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:CC7738DB
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:9E3E060F
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:7C4DF735
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:69FD6BF0
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B82C0BB
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:EF4FB3C5
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:D8DB81DC
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:BABA07C2
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:5A437AC3
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:537E6E55
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:3C282BEA
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:3BAD65EA
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:0F0A5896
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C8AC644A
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:B83F1B83
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8BA6C9F8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0C5AF2AA
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:EF794BCD
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D2A66480
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9E4F05ED
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:5CE2502D
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:FC4EA67C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:A3251D01
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:961B4D58
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:10D98D98
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:F42B5B0E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:9547F1DB
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:667565EE
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:538A9F02
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:4AD2C54D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:43D34EF3
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:1CB3187E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:1037D53D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:0E636D62
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:090FB735
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:ECC979BD
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:D1713795
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:B268A25C
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:90D89144
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4F96D8E6
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4C7A7DE9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4A0829E0
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E2C9E369
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:C74009E5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:80B291A7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5BC73C48
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:07241935
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D2C57161
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:A4F0E644
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8DA9DB01
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5AE41FFB
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:453190EC
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:3E988A0F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:0778CBF2
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E66FFABE
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E32966C0
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:D507B5A8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:C7B98566
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:B1381B34
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:6BD304B9
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:126591AF
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:D31BE97C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:BDCD8531
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:A296A63F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8247A199
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:81A3F151
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:490BCC52
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:A56D6987
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:8B51CAAE
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:614F17D3
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:52E1DB1D
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:31F2397C
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:B9F8237A
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:70B3C619

< End of report >
         
--- --- ---
Extras.txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.08.2012 19:00:44 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 73,98% Memory free
4,23 Gb Paging File | 3,88 Gb Available in Paging File | 91,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,48 Gb Total Space | 11,28 Gb Free Space | 11,01% Space Free | Partition Type: NTFS
Drive D: | 1,89 Gb Total Space | 1,40 Gb Free Space | 74,06% Space Free | Partition Type: FAT32
 
Computer Name: CONSTANZE | User Name: Standard | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CB2309-A77F-4636-A814-A2190CCE4117}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0BC117AE-04BE-4DEF-A9EA-672660BE5181}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{29D1C7CA-7043-4CF4-A92A-B70A7C41CBCF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{2EACAED7-CE6E-4D45-9825-A74F2F21054E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3FDC3403-BC38-496F-A3F9-32A4426FCDD4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{535B4AA3-260F-495C-8C3C-43EAB256A871}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{57C93C27-E66F-4F75-8673-C5D5723D9ABB}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | 
"{673C26B2-0B03-4039-B0C9-5F1EB91B0C59}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6C34A710-6FED-4493-B083-CD4A178071BE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{775F68AB-FEAC-45FF-9D65-60305CAFFD15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{843C0023-7807-4630-A7F3-3BC164A7E0BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{86745D27-428F-4972-AA65-FD109099A807}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8974EB32-5B08-4653-A059-6B3D8E8C9A15}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{8DC230C4-29A9-4F9F-A798-A6AC6EAF5889}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9B204E60-F481-4A1F-BC8F-2EB0AF82353D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A329EB70-1F2B-4390-9D75-E7A1B3669D09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{C6B5DD1B-A2E5-4467-979E-7CE4B52C6604}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CC6655DE-9ED0-4EA4-9CE8-4CFE3B375359}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E45915CE-B987-48B0-A017-487861261FDE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E7874D6D-D015-43D0-978D-3205DF8A3A2E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{F6045A59-E741-4825-97F7-496C41E06CF6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{F66A6781-A1F3-4343-BD67-BC771FA627AD}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A96CABF-40A3-4A58-B72F-4A1CC99197AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0B296FCA-B777-4A61-A748-33166DC5BD51}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0B57DE3C-7DFB-428B-A21E-7399F59DB727}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0DF32B29-DC91-4C88-ACC9-07ED28A01917}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0E8FD215-8A00-45FD-A376-6CEB920DE8D3}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{1DDB2696-4D8B-4785-8D00-2548AFAE3B2E}" = protocol=6 | dir=in | app=c:\program files\norton 360\mainstub.exe | 
"{260F9F74-58A0-4D1E-99AD-2E406CC48D39}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2B673FE7-10BD-4C1E-B680-6A4EA84B4694}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2BB1F731-CFE2-466B-BEAB-E8B97BEEEA0F}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{2D0598A4-613C-45D7-9319-FA87AABC16F9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{442C2307-FA73-41A3-A391-0C2B4E2FBC4A}" = protocol=6 | dir=out | app=system | 
"{4617277F-F9BF-411D-8A7F-9808896BC58A}" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe | 
"{51ECFC77-DAF0-425A-B29F-323998DA56A0}" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe | 
"{5B26B09D-0960-4A4B-A417-79698C54109D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{66C89FFF-5A2C-4FAE-87E8-FB38C0C99673}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7B92BD49-E4FE-42EE-B20F-5BC31C97839E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{802C9CBD-2FBF-4765-86E9-F622DD1CDDF1}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{88F35A6D-4F9D-4AB8-83E7-2CCD6516DAD4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8D2CA0CB-DB02-4C27-8801-A850A81F8D9B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8E35B345-7C28-411E-913E-CE2BAEE7A4F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{974A6BA3-C330-41EE-9B62-9D3830A8DE92}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{A6D15D03-9F97-4FBF-B085-9117D5FE3E52}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{AB11ADF2-E0A5-45A0-87E9-351C1D45F081}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{B3D3181B-7566-47B3-8EED-AC124BD377EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B425F1AF-747F-404A-AF9D-FF9DD8E94FE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C1B2FFD8-49B8-4107-8E5A-5D3645A33EFE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C5182F53-CD20-4726-BD9A-84B24A018445}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C51B6E71-11FB-4615-8D46-64CD4CEE89F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{C63A56F6-CCC2-4EF7-B36E-1C7E356E8408}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{C85829CF-E973-4566-B78B-6B8B683DA283}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{C9696015-AE53-4339-B455-FA8D90BCA72E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CB08F173-22BD-4779-8259-2EA81DD5454B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F377547C-2BB9-49A2-B11F-398CD2D8A530}" = protocol=17 | dir=in | app=c:\program files\norton 360\mainstub.exe | 
"TCP Query User{2B74A178-B6B2-4EFB-AC35-439A291EC3CA}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{2E66D9E9-DC1A-4B62-95B0-17C1148DF77F}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{40277E13-36CB-4345-9D5A-641A3830D2C4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{52351F00-6806-45B9-BD05-012FD4A51CED}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{531C6827-80A3-45A3-B8E1-BC4F8930832C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{7DC5932F-4E5C-4FF0-A649-0FE3B0F307A8}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"TCP Query User{9E3982AA-6A7C-4FAF-9294-CCA2B0D6F5AE}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{AE75074B-2BCA-4F73-B93F-C46B2E1096BC}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"TCP Query User{BC58CC6A-EAA4-49FB-B5EE-E10F30F284C7}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{D3E58C8D-C867-4340-987E-4B8132940801}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{0AD8538F-EA74-44EB-876E-DA115DF8AB53}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"UDP Query User{11AE070F-01AC-4E01-A7A0-6D072A293A74}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{36FE94AD-8869-4A86-AE4F-C71D16FC4F24}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{392436FA-19F0-48FB-9EE1-CFA1D99E240A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{4AE8DE9A-2DD7-4DAA-B2F7-578058F262FF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{5EF85747-71A4-4058-9E2C-934F584B2762}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{625A051E-579A-4055-8F64-7E5085446085}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | 
"UDP Query User{9ADC9945-AF2B-4164-8037-22CD80C5B862}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{BA4ECA3E-DD60-48D7-BF45-8BF5EB2AA492}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{C1A6BA02-D8F2-4037-A804-32F71FBC30EC}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series" = Canon iP3500 series
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW
"{25152BB0-030B-4F54-BEE9-E3A61F22DC3A}}_is1" = SPEEDO Aquabeat Playlist Editor V1.50
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" = 
"{530AFAFF-6F0A-48BB-88D0-04F9658322D3}" = Adobe Premiere Elements 3.0
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" = 
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = Die Sims™ 2 Teen Style-Accessoires
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{851367C1-2F9F-4087-B3E8-8DECFE328370}" = The Da Vinci Code
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{97260AE9-A1EE-492E-8DCC-FD0AFF785720}" = 
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plug-Ins
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{C183A21C-395A-490F-99D4-CCAB35E32859}" = 
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB965182-A944-4DF0-9344-8DE0C3E65F83}" = VAIO Media
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4D9F101-9C35-477E-88FC-935415CD9916}" = Norton Security Scan
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E2B38044-AEF2-40AF-BDD8-FEDE799A8633}" = 
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.3.0 Standard
"Adobe Acrobat  8 Standard - English, Français, Deutsch_830" = Adobe Acrobat 8.3.0 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"avast" = avast! Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Canon iP3500 series Benutzerregistrierung" = Canon iP3500 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"DivX Setup" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"JDownloader" = JDownloader
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoteBurner_is1" = NoteBurner 2.35
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PremElem30" = Adobe Premiere Elements 3.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.6
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.08.2012 13:24:25 | Computer Name = Constanze | Source = MsiInstaller | ID = 11730
Description = 
 
Error - 30.08.2012 13:25:43 | Computer Name = Constanze | Source = VSS | ID = 8194
Description = 
 
Error - 30.08.2012 13:25:48 | Computer Name = Constanze | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 30.08.2012 16:06:59 | Computer Name = Constanze | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 30.08.2012 16:07:02 | Computer Name = Constanze | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 31.08.2012 03:55:43 | Computer Name = Constanze | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16448, Zeitstempel
 0x4fecf1b7, fehlerhaftes Modul USER32.dll, Version 6.0.6002.18541, Zeitstempel 
0x4ec3e3d5, Ausnahmecode 0xc0000142, Fehleroffset 0x00009f5d,  Prozess-ID 0xfe0, Anwendungsstartzeit
 01cd874df3e55a95.
 
Error - 31.08.2012 04:22:57 | Computer Name = Constanze | Source = EventSystem | ID = 4609
Description = 
 
Error - 31.08.2012 04:38:13 | Computer Name = Constanze | Source = EventSystem | ID = 4609
Description = 
 
Error - 31.08.2012 07:23:10 | Computer Name = Constanze | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description = 
 
Error - 31.08.2012 12:58:41 | Computer Name = Constanze | Source = EventSystem | ID = 4609
Description = 
 
[ OSession Events ]
Error - 18.04.2009 17:51:05 | Computer Name = VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 21078
 seconds with 7680 seconds of active time.  This session ended with a crash.
 
Error - 28.04.2009 16:56:59 | Computer Name = VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10117
 seconds with 420 seconds of active time.  This session ended with a crash.
 
Error - 28.04.2009 18:07:52 | Computer Name = VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6341.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 11175
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 02.07.2011 13:12:09 | Computer Name = Constanze | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 182
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 27.07.2011 06:12:25 | Computer Name = Constanze | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 35
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 13.11.2011 06:43:33 | Computer Name = Constanze | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 14.11.2011 12:13:29 | Computer Name = Constanze | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 31.08.2012 04:38:53 | Computer Name = Constanze | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.08.2012 04:38:53 | Computer Name = Constanze | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.08.2012 04:38:53 | Computer Name = Constanze | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 31.08.2012 12:58:33 | Computer Name = Constanze | Source = DCOM | ID = 10005
Description = 
 
Error - 31.08.2012 12:58:41 | Computer Name = Constanze | Source = DCOM | ID = 10005
Description = 
 
Error - 31.08.2012 12:58:43 | Computer Name = Constanze | Source = DCOM | ID = 10005
Description = 
 
Error - 31.08.2012 12:58:52 | Computer Name = Constanze | Source = DCOM | ID = 10005
Description = 
 
Error - 31.08.2012 12:59:22 | Computer Name = Constanze | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.08.2012 12:59:22 | Computer Name = Constanze | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 31.08.2012 12:59:22 | Computer Name = Constanze | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 31.08.2012, 23:57   #4
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
  • Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.


Code:
ATTFilter
:OTL
DRV - (toshidpt) -- system32\drivers\Toshidpt.sys File not found 
DRV - (PDNSp50) -- C:\Windows\system32\drivers\PDNSp50.sys File not found 
DRV - (PDNMp50) -- C:\Windows\system32\drivers\PDNMp50.sys File not found 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found 
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found 
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found 
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found 
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found 
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) 
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.) 
IE - HKLM\..\SearchScopes,DefaultScope = {1DCABD38-80C4-4A1A-AAC0-03453DE120E6} 
IE - HKLM\..\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}: "URL" = http://www.google.de/search?hl=de&q={searchTerms}&meta= 
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=175&systemid=406&sr=0&q={searchTerms} 
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes,DefaultScope = {950892BA-F179-46C2-AEFE-D5283BB31E2E} 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLA_en 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{950892BA-F179-46C2-AEFE-D5283BB31E2E}: "URL" = http://startsear.ch/?aff=1&q={searchTerms} 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=175&systemid=406&sr=0&q={searchTerms} 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{A1ADEE33-74C2-43EA-AECD-F0D5AFAE77D0}: "URL" = http://www.cuil.com/search?q={searchTerms} 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms} 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
FF - prefs.js..browser.search.defaultengine: "Web Search" 
FF - prefs.js..browser.search.defaultenginename: "iLivid Web Search" 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search" 
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" 
FF - prefs.js..browser.search.order.1: "iLivid Web Search" 
FF - prefs.js..browser.search.selectedEngine: "Google" 
FF - prefs.js..browser.startup.homepage: "http://www.google.de/" 
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.6.0 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 
FF - prefs.js..extensions.enabledItems: dplauncher@digitalpublishing.de:1.1 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=175&systemid=406&sr=0&q=" 
FF - prefs.js..network.proxy.no_proxies_on: "*.local" 
FF - user.js - File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Standard\AppData\Roaming\nprhapengine.dll File not found 
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. 
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) 
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) 
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll File not found 
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found. 
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. 
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.) 
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) 
O3 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.) 
O4 - HKLM..\Run: [] File not found 
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () 
O4 - HKLM..\Run: [QuickTime Plugin Install] C:\Program Files\QuickTime\Plugins\DeleteMe1.exe () 
O7 - HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] 
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found 
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found 
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll () 
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe File not found 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.5.1) 
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.5.1) 
O20 - HKLM Winlogon: UserInit - (c:\program files\g data internetsecurity\avkkid\avkcks.exe) - File not found 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] 
O33 - MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\Shell - "" = AutoRun 
O33 - MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\Shell - "" = AutoRun 
O33 - MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\Shell - "" = AutoRun 
O33 - MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\Shell - "" = AutoRun 
O33 - MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\Shell - "" = AutoRun 
O33 - MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\Shell - "" = AutoRun 
O33 - MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{b64ded37-77eb-11df-a763-0016fef3706c}\Shell\AutoRun\command - "" = G:\setup.exe 
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe 
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe 

[2012.08.31 10:36:01 | 083,023,306 | ---- | M] () -- C:\ProgramData\nud0repor.pad 
[2012.08.30 21:47:17 | 083,023,306 | ---- | M] () -- C:\ProgramData\23lldnur.pad 
[2012.08.30 21:41:54 | 000,011,576 | ---- | M] () -- C:\ProgramData\erolpxei.pad 

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:A0C7D68A 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:95775248 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:38E2864F 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:3118E26B 
@Alternate Data Stream - 96 bytes -> C:\ProgramData\Temp:D8139E6A 
@Alternate Data Stream - 96 bytes -> C:\ProgramData\Temp:213AFE42 
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:B12D1A7D 
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:9E2BD6A9 
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:5D17C178 
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:AB82C54F 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:66871744 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:ED9B661E 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:56F368C9 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:393F7B1E 
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:8DD36B71 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:DA18D4E3 
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:4B244549 
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:6247E766 
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:9EE6560D 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:073139EC 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:DE47A3DA 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:43E95997 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:2E9900EE 
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:A7DA2BCD 
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:A18D1A5B 
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:88698068 
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:4DCAC4BC 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:98AE08EA 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:7972CF54 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:4A392155 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:2B4E9D93 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:A3E39C6A 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:8E7F155B 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:5F85EE30 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:3B812EE0 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:1B9E79B3 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:0ED4AC2F 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:08D8BB20 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:F67AAFC5 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DDEB08FD 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D3A8AA31 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:7776B809 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:162E02F7 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:FDCAE7B5 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:D9987109 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A00BCDEF 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:98DFF516 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:581B0446 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:483AC68A 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:3C0887BF 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:FDDD8917 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:EE3A2438 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:57CC1FDC 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:554C6431 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4C49306C 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:3539CD43 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:00811B66 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1D818F7 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:7A0EFE63 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:6FDE1666 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2EC5D66C 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:063969F8 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:BDF08FAF 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:AE2EA3C2 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A561576B 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:51E1A4D8 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:3815BC84 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:9E50C1C9 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:9B285B76 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:7CA7BED1 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:22313216 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:FC8FFA4E 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:CC073296 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:918B7566 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:331B76C7 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:10D45FC3 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E855BDCF 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:D055FC10 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:AC95B5ED 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:8C6D2EC3 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:5C1EAB4E 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:225CD7D5 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:A8F2382B 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:A3750BE5 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:85C3B823 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:072F1F69 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:D994162E 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:C86B29EB 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AA004D25 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:9398DBB4 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:8F00BFC0 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:76CF2021 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:42B6425E 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:3ADB6F65 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:35629AE6 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:275AA066 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:ED796303 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:A745DB5D 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:8AA99C0C 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:6C5EC3CD 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:5C9CC85F 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:48FEA089 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:3BF63E4A 
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:3A6BC948 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:9AA05701 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:710F4DBF 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:6677D85A 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:4E6B8D68 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:4A966CC2 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:3C5ABDC7 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2FC7B9E4 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:260575F1 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:DFC5A2B2 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:BD9F7E4E 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A6346EE9 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A1023D41 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:9C44EEEE 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:99A29126 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:90B52091 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:81653DC8 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:78E0DF72 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:63F8EC77 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:41B2DADD 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:FA5F15C4 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:89F44603 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:7C412B92 
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:33611CFB 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:EC0A74A1 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:BDCD0530 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:B321E944 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:9ACB70D7 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:94F67F32 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:51F17BB8 
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:32FFF2D1 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:FC2E567F 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:CC7738DB 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:9E3E060F 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:7C4DF735 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:69FD6BF0 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:2B82C0BB 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:EF4FB3C5 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:D8DB81DC 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:BABA07C2 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5A437AC3 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:537E6E55 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:3C282BEA 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:3BAD65EA 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:0F0A5896 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:C8AC644A 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:B83F1B83 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:8BA6C9F8 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:0C5AF2AA 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:EF794BCD 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:D2A66480 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:9E4F05ED 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:5CE2502D 
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:55F44B88 
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:FC4EA67C 
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:A3251D01 
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:961B4D58 
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:10D98D98 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F42B5B0E 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:9547F1DB 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:667565EE 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:538A9F02 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:4AD2C54D 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:43D34EF3 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:1CB3187E 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:1037D53D 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:0E636D62 
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:090FB735 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:ECC979BD 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:D1713795 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:B268A25C 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:90D89144 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:4F96D8E6 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:4C7A7DE9 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:4A0829E0 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:E2C9E369 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:C74009E5 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:80B291A7 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5BC73C48 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:07241935 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D2C57161 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:A4F0E644 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:8DA9DB01 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:5AE41FFB 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:453190EC 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:43301D1D 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:3E988A0F 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:0778CBF2 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:E66FFABE 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:E32966C0 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:D507B5A8 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:C7B98566 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:B1381B34 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:6BD304B9 
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:126591AF 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D31BE97C 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:BDCD8531 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:A296A63F 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:8247A199 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:81A3F151 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:490BCC52 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:270A3983 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:A56D6987 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8B51CAAE 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:70E897B5 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:614F17D3 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:52E1DB1D 
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:31F2397C 
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:B9F8237A 
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:70B3C619 

:Files

C:\Users\Standard\AppData\Local\{*}
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Standard\AppData\Local\Temp\*.exe
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
%SystemRoot%\System32\*.tmp
%SystemRoot%\SysWOW64\*.tmp
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 01.09.2012, 15:49   #5
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Hier ist das OTL-Log-File:


All processes killed
========== OTL ==========
Service toshidpt stopped successfully!
Service toshidpt deleted successfully!
File system32\drivers\Toshidpt.sys File not found not found.
Service PDNSp50 stopped successfully!
Service PDNSp50 deleted successfully!
File C:\Windows\system32\drivers\PDNSp50.sys File not found not found.
Service PDNMp50 stopped successfully!
Service PDNMp50 deleted successfully!
File C:\Windows\system32\drivers\PDNMp50.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Service hwdatacard stopped successfully!
Service hwdatacard deleted successfully!
File system32\DRIVERS\ewusbmdm.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
C:\Program Files\softonic-de3\prxtbsof0.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files\softonic-de3\prxtbsof0.dll not found.
HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1DCABD38-80C4-4A1A-AAC0-03453DE120E6}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{950892BA-F179-46C2-AEFE-D5283BB31E2E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{950892BA-F179-46C2-AEFE-D5283BB31E2E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A1ADEE33-74C2-43EA-AECD-F0D5AFAE77D0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1ADEE33-74C2-43EA-AECD-F0D5AFAE77D0}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "iLivid Web Search" removed from browser.search.defaultenginename
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "iLivid Web Search" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.google.de/" removed from browser.startup.homepage
Prefs.js: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.6.0 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: dplauncher@digitalpublishing.de:1.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Prefs.js: "hxxp://www.searchqu.com/web?src=ffb&appid=175&systemid=406&sr=0&q=" removed from keyword.URL
Prefs.js: "*.local" removed from network.proxy.no_proxies_on
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File C:\Program Files\softonic-de3\prxtbsof0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
File de3\prxtbsof0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully.
c:\program files\google\googletoolbar1.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
File de3\prxtbsof0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Plugin Install deleted successfully.
C:\Program Files\QuickTime\Plugins\DeleteMe1.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1857011055-3848313868-2638332301-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft &Excel exportieren\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85d1f590-48f4-11d9-9669-0800200c9a66}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:c:\program files\g data internetsecurity\avkkid\avkcks.exe deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d2fc199-bd53-11dd-86ee-0016fef3706c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d2fc1b1-bd53-11dd-86ee-0016fef3706c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{720570ca-bd67-11dd-8819-0016fef3706c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{720570ca-bd67-11dd-8819-0016fef3706c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{720570ca-bd67-11dd-8819-0016fef3706c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{720570e2-bd67-11dd-8819-0016fef3706c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{720570e2-bd67-11dd-8819-0016fef3706c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{720570e2-bd67-11dd-8819-0016fef3706c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a259e159-bd8f-11dd-a2e7-0013a98454d5}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a32cae78-bd66-11dd-98e6-0016fef3706c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a32cae78-bd66-11dd-98e6-0016fef3706c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a32cae78-bd66-11dd-98e6-0016fef3706c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b64ded37-77eb-11df-a763-0016fef3706c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b64ded37-77eb-11df-a763-0016fef3706c}\ not found.
File G:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
File F:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
File G:\Autorun.exe not found.
C:\ProgramData\nud0repor.pad moved successfully.
C:\ProgramData\23lldnur.pad moved successfully.
C:\ProgramData\erolpxei.pad moved successfully.
ADS C:\ProgramData\Temp:A0C7D68A deleted successfully.
ADS C:\ProgramData\Temp:95775248 deleted successfully.
ADS C:\ProgramData\Temp:38E2864F deleted successfully.
ADS C:\ProgramData\Temp:3118E26B deleted successfully.
ADS C:\ProgramData\Temp8139E6A deleted successfully.
ADS C:\ProgramData\Temp:213AFE42 deleted successfully.
ADS C:\ProgramData\Temp:B12D1A7D deleted successfully.
ADS C:\ProgramData\Temp:9E2BD6A9 deleted successfully.
ADS C:\ProgramData\Temp:5D17C178 deleted successfully.
ADS C:\ProgramData\Temp:AB82C54F deleted successfully.
ADS C:\ProgramData\Temp:66871744 deleted successfully.
ADS C:\ProgramData\Temp:ED9B661E deleted successfully.
ADS C:\ProgramData\Temp:56F368C9 deleted successfully.
ADS C:\ProgramData\Temp:393F7B1E deleted successfully.
ADS C:\ProgramData\Temp:8DD36B71 deleted successfully.
ADS C:\ProgramData\TempA18D4E3 deleted successfully.
ADS C:\ProgramData\Temp:4B244549 deleted successfully.
ADS C:\ProgramData\Temp:6247E766 deleted successfully.
ADS C:\ProgramData\Temp:9EE6560D deleted successfully.
ADS C:\ProgramData\Temp:073139EC deleted successfully.
ADS C:\ProgramData\TempE47A3DA deleted successfully.
ADS C:\ProgramData\Temp:43E95997 deleted successfully.
ADS C:\ProgramData\Temp:2E9900EE deleted successfully.
ADS C:\ProgramData\Temp:A7DA2BCD deleted successfully.
ADS C:\ProgramData\Temp:A18D1A5B deleted successfully.
ADS C:\ProgramData\Temp:88698068 deleted successfully.
ADS C:\ProgramData\Temp:4DCAC4BC deleted successfully.
ADS C:\ProgramData\Temp:98AE08EA deleted successfully.
ADS C:\ProgramData\Temp:7972CF54 deleted successfully.
ADS C:\ProgramData\Temp:4A392155 deleted successfully.
ADS C:\ProgramData\Temp:2B4E9D93 deleted successfully.
ADS C:\ProgramData\Temp:A3E39C6A deleted successfully.
ADS C:\ProgramData\Temp:8E7F155B deleted successfully.
ADS C:\ProgramData\Temp:5F85EE30 deleted successfully.
ADS C:\ProgramData\Temp:3B812EE0 deleted successfully.
ADS C:\ProgramData\Temp:1B9E79B3 deleted successfully.
ADS C:\ProgramData\Temp:0ED4AC2F deleted successfully.
ADS C:\ProgramData\Temp:08D8BB20 deleted successfully.
ADS C:\ProgramData\Temp:F67AAFC5 deleted successfully.
ADS C:\ProgramData\TempDEB08FD deleted successfully.
ADS C:\ProgramData\Temp3A8AA31 deleted successfully.
ADS C:\ProgramData\Temp:7776B809 deleted successfully.
ADS C:\ProgramData\Temp:162E02F7 deleted successfully.
ADS C:\ProgramData\Temp:FDCAE7B5 deleted successfully.
ADS C:\ProgramData\Temp9987109 deleted successfully.
ADS C:\ProgramData\Temp:A00BCDEF deleted successfully.
ADS C:\ProgramData\Temp:98DFF516 deleted successfully.
ADS C:\ProgramData\Temp:581B0446 deleted successfully.
ADS C:\ProgramData\Temp:483AC68A deleted successfully.
ADS C:\ProgramData\Temp:3C0887BF deleted successfully.
ADS C:\ProgramData\Temp:FDDD8917 deleted successfully.
ADS C:\ProgramData\Temp:EE3A2438 deleted successfully.
ADS C:\ProgramData\Temp:57CC1FDC deleted successfully.
ADS C:\ProgramData\Temp:554C6431 deleted successfully.
ADS C:\ProgramData\Temp:4C49306C deleted successfully.
ADS C:\ProgramData\Temp:3539CD43 deleted successfully.
ADS C:\ProgramData\Temp:00811B66 deleted successfully.
ADS C:\ProgramData\Temp:E1D818F7 deleted successfully.
ADS C:\ProgramData\Temp:7A0EFE63 deleted successfully.
ADS C:\ProgramData\Temp:6FDE1666 deleted successfully.
ADS C:\ProgramData\Temp:2EC5D66C deleted successfully.
ADS C:\ProgramData\Temp:063969F8 deleted successfully.
ADS C:\ProgramData\Temp:BDF08FAF deleted successfully.
ADS C:\ProgramData\Temp:AE2EA3C2 deleted successfully.
ADS C:\ProgramData\Temp:A561576B deleted successfully.
ADS C:\ProgramData\Temp:51E1A4D8 deleted successfully.
ADS C:\ProgramData\Temp:3815BC84 deleted successfully.
ADS C:\ProgramData\Temp:9E50C1C9 deleted successfully.
ADS C:\ProgramData\Temp:9B285B76 deleted successfully.
ADS C:\ProgramData\Temp:7CA7BED1 deleted successfully.
ADS C:\ProgramData\Temp:22313216 deleted successfully.
ADS C:\ProgramData\Temp:FC8FFA4E deleted successfully.
ADS C:\ProgramData\Temp:CC073296 deleted successfully.
ADS C:\ProgramData\Temp:918B7566 deleted successfully.
ADS C:\ProgramData\Temp:331B76C7 deleted successfully.
ADS C:\ProgramData\Temp:10D45FC3 deleted successfully.
ADS C:\ProgramData\Temp:E855BDCF deleted successfully.
ADS C:\ProgramData\Temp055FC10 deleted successfully.
ADS C:\ProgramData\Temp:AC95B5ED deleted successfully.
ADS C:\ProgramData\Temp:8C6D2EC3 deleted successfully.
ADS C:\ProgramData\Temp:5C1EAB4E deleted successfully.
ADS C:\ProgramData\Temp:225CD7D5 deleted successfully.
ADS C:\ProgramData\Temp:A8F2382B deleted successfully.
ADS C:\ProgramData\Temp:A3750BE5 deleted successfully.
ADS C:\ProgramData\Temp:85C3B823 deleted successfully.
ADS C:\ProgramData\Temp:072F1F69 deleted successfully.
ADS C:\ProgramData\Temp994162E deleted successfully.
ADS C:\ProgramData\Temp:C86B29EB deleted successfully.
ADS C:\ProgramData\Temp:AA004D25 deleted successfully.
ADS C:\ProgramData\Temp:9398DBB4 deleted successfully.
ADS C:\ProgramData\Temp:8F00BFC0 deleted successfully.
ADS C:\ProgramData\Temp:76CF2021 deleted successfully.
ADS C:\ProgramData\Temp:42B6425E deleted successfully.
ADS C:\ProgramData\Temp:3ADB6F65 deleted successfully.
ADS C:\ProgramData\Temp:35629AE6 deleted successfully.
ADS C:\ProgramData\Temp:275AA066 deleted successfully.
ADS C:\ProgramData\Temp:ED796303 deleted successfully.
ADS C:\ProgramData\Temp:A745DB5D deleted successfully.
ADS C:\ProgramData\Temp:8AA99C0C deleted successfully.
ADS C:\ProgramData\Temp:6C5EC3CD deleted successfully.
ADS C:\ProgramData\Temp:5C9CC85F deleted successfully.
ADS C:\ProgramData\Temp:48FEA089 deleted successfully.
ADS C:\ProgramData\Temp:3BF63E4A deleted successfully.
ADS C:\ProgramData\Temp:3A6BC948 deleted successfully.
ADS C:\ProgramData\Temp:9AA05701 deleted successfully.
ADS C:\ProgramData\Temp:710F4DBF deleted successfully.
ADS C:\ProgramData\Temp:6677D85A deleted successfully.
ADS C:\ProgramData\Temp:4E6B8D68 deleted successfully.
ADS C:\ProgramData\Temp:4A966CC2 deleted successfully.
ADS C:\ProgramData\Temp:3C5ABDC7 deleted successfully.
ADS C:\ProgramData\Temp:2FC7B9E4 deleted successfully.
ADS C:\ProgramData\Temp:260575F1 deleted successfully.
ADS C:\ProgramData\TempFC5A2B2 deleted successfully.
ADS C:\ProgramData\Temp:BD9F7E4E deleted successfully.
ADS C:\ProgramData\Temp:A6346EE9 deleted successfully.
ADS C:\ProgramData\Temp:A1023D41 deleted successfully.
ADS C:\ProgramData\Temp:9C44EEEE deleted successfully.
ADS C:\ProgramData\Temp:99A29126 deleted successfully.
ADS C:\ProgramData\Temp:90B52091 deleted successfully.
ADS C:\ProgramData\Temp:81653DC8 deleted successfully.
ADS C:\ProgramData\Temp:78E0DF72 deleted successfully.
ADS C:\ProgramData\Temp:63F8EC77 deleted successfully.
ADS C:\ProgramData\Temp:41B2DADD deleted successfully.
ADS C:\ProgramData\Temp:FA5F15C4 deleted successfully.
ADS C:\ProgramData\Temp:89F44603 deleted successfully.
ADS C:\ProgramData\Temp:7C412B92 deleted successfully.
ADS C:\ProgramData\Temp:33611CFB deleted successfully.
ADS C:\ProgramData\Temp:EC0A74A1 deleted successfully.
ADS C:\ProgramData\Temp:BDCD0530 deleted successfully.
ADS C:\ProgramData\Temp:B321E944 deleted successfully.
ADS C:\ProgramData\Temp:9ACB70D7 deleted successfully.
ADS C:\ProgramData\Temp:94F67F32 deleted successfully.
ADS C:\ProgramData\Temp:51F17BB8 deleted successfully.
ADS C:\ProgramData\Temp:32FFF2D1 deleted successfully.
ADS C:\ProgramData\Temp:FC2E567F deleted successfully.
ADS C:\ProgramData\Temp:CC7738DB deleted successfully.
ADS C:\ProgramData\Temp:9E3E060F deleted successfully.
ADS C:\ProgramData\Temp:7C4DF735 deleted successfully.
ADS C:\ProgramData\Temp:69FD6BF0 deleted successfully.
ADS C:\ProgramData\Temp:2B82C0BB deleted successfully.
ADS C:\ProgramData\Temp:EF4FB3C5 deleted successfully.
ADS C:\ProgramData\Temp8DB81DC deleted successfully.
ADS C:\ProgramData\Temp:BABA07C2 deleted successfully.
ADS C:\ProgramData\Temp:5A437AC3 deleted successfully.
ADS C:\ProgramData\Temp:537E6E55 deleted successfully.
ADS C:\ProgramData\Temp:3C282BEA deleted successfully.
ADS C:\ProgramData\Temp:3BAD65EA deleted successfully.
ADS C:\ProgramData\Temp:0F0A5896 deleted successfully.
ADS C:\ProgramData\Temp:C8AC644A deleted successfully.
ADS C:\ProgramData\Temp:B83F1B83 deleted successfully.
ADS C:\ProgramData\Temp:8BA6C9F8 deleted successfully.
ADS C:\ProgramData\Temp:0C5AF2AA deleted successfully.
ADS C:\ProgramData\Temp:EF794BCD deleted successfully.
ADS C:\ProgramData\Temp2A66480 deleted successfully.
ADS C:\ProgramData\Temp:9E4F05ED deleted successfully.
ADS C:\ProgramData\Temp:5CE2502D deleted successfully.
ADS C:\ProgramData\Temp:55F44B88 deleted successfully.
ADS C:\ProgramData\Temp:FC4EA67C deleted successfully.
ADS C:\ProgramData\Temp:A3251D01 deleted successfully.
ADS C:\ProgramData\Temp:961B4D58 deleted successfully.
ADS C:\ProgramData\Temp:10D98D98 deleted successfully.
ADS C:\ProgramData\Temp:F42B5B0E deleted successfully.
ADS C:\ProgramData\Temp:9547F1DB deleted successfully.
ADS C:\ProgramData\Temp:667565EE deleted successfully.
ADS C:\ProgramData\Temp:538A9F02 deleted successfully.
ADS C:\ProgramData\Temp:4AD2C54D deleted successfully.
ADS C:\ProgramData\Temp:43D34EF3 deleted successfully.
ADS C:\ProgramData\Temp:1CB3187E deleted successfully.
ADS C:\ProgramData\Temp:1037D53D deleted successfully.
ADS C:\ProgramData\Temp:0E636D62 deleted successfully.
ADS C:\ProgramData\Temp:090FB735 deleted successfully.
ADS C:\ProgramData\Temp:ECC979BD deleted successfully.
ADS C:\ProgramData\Temp1713795 deleted successfully.
ADS C:\ProgramData\Temp:B268A25C deleted successfully.
ADS C:\ProgramData\Temp:90D89144 deleted successfully.
ADS C:\ProgramData\Temp:4F96D8E6 deleted successfully.
ADS C:\ProgramData\Temp:4C7A7DE9 deleted successfully.
ADS C:\ProgramData\Temp:4A0829E0 deleted successfully.
ADS C:\ProgramData\Temp:E2C9E369 deleted successfully.
ADS C:\ProgramData\Temp:C74009E5 deleted successfully.
ADS C:\ProgramData\Temp:80B291A7 deleted successfully.
ADS C:\ProgramData\Temp:5BC73C48 deleted successfully.
ADS C:\ProgramData\Temp:07241935 deleted successfully.
ADS C:\ProgramData\Temp2C57161 deleted successfully.
ADS C:\ProgramData\Temp:A4F0E644 deleted successfully.
ADS C:\ProgramData\Temp:8DA9DB01 deleted successfully.
ADS C:\ProgramData\Temp:5AE41FFB deleted successfully.
ADS C:\ProgramData\Temp:453190EC deleted successfully.
ADS C:\ProgramData\Temp:43301D1D deleted successfully.
ADS C:\ProgramData\Temp:3E988A0F deleted successfully.
ADS C:\ProgramData\Temp:0778CBF2 deleted successfully.
ADS C:\ProgramData\Temp:E66FFABE deleted successfully.
ADS C:\ProgramData\Temp:E32966C0 deleted successfully.
ADS C:\ProgramData\Temp507B5A8 deleted successfully.
ADS C:\ProgramData\Temp:C7B98566 deleted successfully.
ADS C:\ProgramData\Temp:B1381B34 deleted successfully.
ADS C:\ProgramData\Temp:6BD304B9 deleted successfully.
ADS C:\ProgramData\Temp:126591AF deleted successfully.
ADS C:\ProgramData\Temp31BE97C deleted successfully.
ADS C:\ProgramData\Temp:BDCD8531 deleted successfully.
ADS C:\ProgramData\Temp:A296A63F deleted successfully.
ADS C:\ProgramData\Temp:8247A199 deleted successfully.
ADS C:\ProgramData\Temp:81A3F151 deleted successfully.
ADS C:\ProgramData\Temp:490BCC52 deleted successfully.
ADS C:\ProgramData\Temp:270A3983 deleted successfully.
ADS C:\ProgramData\Temp:A56D6987 deleted successfully.
ADS C:\ProgramData\Temp:8B51CAAE deleted successfully.
ADS C:\ProgramData\Temp:70E897B5 deleted successfully.
ADS C:\ProgramData\Temp:614F17D3 deleted successfully.
ADS C:\ProgramData\Temp:52E1DB1D deleted successfully.
ADS C:\ProgramData\Temp:31F2397C deleted successfully.
ADS C:\ProgramData\Temp:B9F8237A deleted successfully.
ADS C:\ProgramData\Temp:70B3C619 deleted successfully.
========== FILES ==========
File\Folder C:\Users\Standard\AppData\Local\{*} not found.
File\Folder C:\ProgramData\*.exe not found.
C:\ProgramData\TEMP folder moved successfully.
C:\Users\Standard\AppData\Local\Temp\DataCard_Setup.exe moved successfully.
C:\Users\Standard\AppData\Local\Temp\First15.exe moved successfully.
C:\Users\Standard\AppData\Local\Temp\ResetDevice.exe moved successfully.
C:\Users\Standard\AppData\Local\Temp\SearchWithGoogleUpdate.exe moved successfully.
C:\Users\Standard\AppData\Local\Temp\VP6Install.exe moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6baea4fe-4f7dc2cb-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\252441bb-41f9ac96-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\35fdae37-653918c1-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\1a209876-61cf197e-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\1a209876-4012b27b-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5e8cbb75-71dfff2f-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\5b902232-602fd55c-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\759e98ee-3b65ce29-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\4f710eed-55d8006a-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\39ba6e6-5f278a55-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\3976f065-3026fbe9-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\2c4a0065-32f3adc2-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\258cea61-42318627-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\6d0ad391-291009bd-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\4e09eacf-58da2165-n folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File/Folder C:\Users\Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File/Folder C:\Windows\System32\*.tmp not found.
File/Folder C:\Windows\SysWOW64\*.tmp not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Standard\Desktop\cmd.bat deleted successfully.
C:\Users\Standard\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 804 bytes
->Java cache emptied: 1289343 bytes
->Flash cache emptied: 2672 bytes

User: Public

User: Standard
->Temp folder emptied: 343567008 bytes
->Temporary Internet Files folder emptied: 2480360653 bytes
->FireFox cache emptied: 74605637 bytes
->Google Chrome cache emptied: 17427990 bytes
->Apple Safari cache emptied: 155286528 bytes
->Flash cache emptied: 353922 bytes

User: Theo
->Temp folder emptied: 3537514 bytes
->Temporary Internet Files folder emptied: 143143 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 761769 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 507874512 bytes
RecycleBin emptied: 2632372 bytes

Total Files Cleaned = 3.422,00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 09012012_162824

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Alt 01.09.2012, 18:02   #6
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Sehr gut!

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
--> GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!

Alt 02.09.2012, 12:27   #7
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Im abgesicherten Modus geht alles wunderbar... ;-)
Ich warte allerdings darauf, dass alles bereinigt ist, bis ich wieder im normalen Modus starte.

So, und hier nun der Inhalt des AdwCleaner-log-files:



# AdwCleaner v2.000 - Datei am 09/02/2012 um 13:24:08 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Standard - CONSTANZE
# Normaler Modus : Abgesicherter Modus mit Netzwerkunterstützung
# Ausgeführt unter : C:\Users\Standard\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SweetIm.xml
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\ConduitEngine
Ordner Gefunden : C:\Program Files\DVDVideoSoftTB
Ordner Gefunden : C:\Program Files\Ilivid
Ordner Gefunden : C:\Program Files\softonic-de3
Ordner Gefunden : C:\Program Files\Windows iLivid Toolbar
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\Users\Standard\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\Local\Ilivid Player
Ordner Gefunden : C:\Users\Standard\AppData\Local\softonic-de3
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\softonic-de3
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\ConduitCommon
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\CT2269050
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\softonic-de3 Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\softonic-de3
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKCU\Software\SweetIm
Schlüssel Gefunden : HKCU\Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C79A83E-EC26-4F18-8C7A-B60076C2F068}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F08D873-E9B2-4F7B-A8B7-D4851B2B1CBA}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2CBCDB4-0A55-4AEC-84D4-2A1600787FC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF830BE8-3A84-44D6-9EA4-730B81EAB2A1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gefunden : HKLM\Software\softonic-de3
Schlüssel Gefunden : HKLM\Software\SweetIm

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\prefs.js

Gefunden : user_pref("CT2269050..clientLogIsEnabled", true);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Gefunden : user_pref("CT2269050.CT2269050", "CT2269050");
Gefunden : user_pref("CT2269050.CurrentServerDate", "26-6-2011");
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gefunden : user_pref("CT2269050.FirstServerDate", "30-4-2011");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.HomePageProtectorEnabled", true);
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstallationId", "StubInstaller");
Gefunden : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsInitSetupIni", true);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2269050.IsProtectorsInit", true);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.5.0.12", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.LatestVersion", "3.3.3.2");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Sun Jun 26 2011 22:08:47 GMT+0200");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Gefunden : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2269050.SearchProtectorEnabled", true);
Gefunden : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1307989396");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246786978");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gefunden : user_pref("CT2269050.UserID", "UN65709601222051420");
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.components.1000515", true);
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gefunden : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2269050.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2431245.CTID", "CT2431245");
Gefunden : user_pref("CT2431245.CurrentServerDate", "25-4-2010");
Gefunden : user_pref("CT2431245.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2431245.EMailNotifierPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedLastCount129009402595187825", 1096);
Gefunden : user_pref("CT2431245.FeedPollDate7470634014180506963", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014269327586", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014329599698", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014537505092", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014970726540", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015410831318", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015483395460", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015636754705", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015768347545", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015855543602", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016030710453", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016114705611", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016129205152", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016143724791", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016271239162", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016568520719", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016726993788", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017109031809", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017132743740", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017299547668", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017302327846", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017344111490", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017478360748", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017732797593", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017821686064", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634018090228721", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Gefunden : user_pref("CT2431245.FirstServerDate", "8-4-2010");
Gefunden : user_pref("CT2431245.FirstTime", true);
Gefunden : user_pref("CT2431245.FirstTimeFF3", true);
Gefunden : user_pref("CT2431245.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2431245.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2431245.Initialize", true);
Gefunden : user_pref("CT2431245.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2431245.InstalledDate", "Wed Apr 07 2010 23:38:37 GMT+0200");
Gefunden : user_pref("CT2431245.InvalidateCache", false);
Gefunden : user_pref("CT2431245.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2431245.IsGrouping", false);
Gefunden : user_pref("CT2431245.IsMulticommunity", false);
Gefunden : user_pref("CT2431245.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2431245.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2431245.LanguagePackLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gefunden : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2431245.LastLogin_2.5.8.6", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.LatestVersion", "2.1.0.18");
Gefunden : user_pref("CT2431245.Locale", "de-de");
Gefunden : user_pref("CT2431245.LoginCache", 4);
Gefunden : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2431245.RadioIsPodcast", false);
Gefunden : user_pref("CT2431245.RadioLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gefunden : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2431245.RadioLastUpdateServer", "3");
Gefunden : user_pref("CT2431245.RadioMediaID", "9962");
Gefunden : user_pref("CT2431245.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT24312459962");
Gefunden : user_pref("CT2431245.RadioStationName", "California%20Rock");
Gefunden : user_pref("CT2431245.RadioStationURL", "hxxp://feedlive.net/california.asx");
Gefunden : user_pref("CT2431245.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2431245.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gefunden : user_pref("CT2431245.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Sat Apr 24 2010 17:43:58 GMT+0200");
Gefunden : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2431245.ServiceMapLastCheckTime", "Tue Nov 01 2011 14:47:59 GMT+0100");
Gefunden : user_pref("CT2431245.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2431245.SettingsLastCheckTime", "Sun Apr 25 2010 00:54:58 GMT+0200");
Gefunden : user_pref("CT2431245.SettingsLastUpdate", "1271839082");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Tue Nov 01 2011 14:48:01 GMT+0100");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1265977679");
Gefunden : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2431245.UserID", "UN54546481184426710");
Gefunden : user_pref("CT2431245.ValidationData_Search", 0);
Gefunden : user_pref("CT2431245.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2431245.WeatherNetwork", "");
Gefunden : user_pref("CT2431245.WeatherPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.WeatherUnit", "C");
Gefunden : user_pref("CT2431245.alertChannelId", "825452");
Gefunden : user_pref("CT2431245.clientLogIsEnabled", true);
Gefunden : user_pref("CT2431245.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2431245.myStuffEnabled", true);
Gefunden : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2431245.testingCtid", "");
Gefunden : user_pref("CT2431245.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gefunden : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Gefunden : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Gefunden : user_pref("CommunityToolbar.IsEngineShown", false);
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Standard\\AppData\\Roaming\\Mozilla[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gefunden : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+02[...]
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 19:58:28 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 11:57:05 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "03524339-a7e0-4fd1-94c5-de4588ebc1cc");
Gefunden : user_pref("CommunityToolbar.globalUserId", "c1c2350f-8e55-4b6d-9a77-c83829e759c9");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Gefunden : user_pref("CommunityToolbar.killedEngine", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Nov 01 2011 14:48:0[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Nov 01 2011 14:48:02 GMT+0100");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "ff009e10-4526-47a2-98a9-4c5af1492bab");
Gefunden : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 16 2011 21:34:15 GMT+0200");
Gefunden : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.FirstServerDate", "04/30/2011 23");
Gefunden : user_pref("ConduitEngine.FirstTime", true);
Gefunden : user_pref("ConduitEngine.FirstTimeFF3", true);
Gefunden : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gefunden : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Gefunden : user_pref("ConduitEngine.Initialize", true);
Gefunden : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gefunden : user_pref("ConduitEngine.InstalledDate", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gefunden : user_pref("ConduitEngine.IsMulticommunity", false);
Gefunden : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gefunden : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gefunden : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gefunden : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Gefunden : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 30 2011 22:02:16 GMT+0200");
Gefunden : user_pref("ConduitEngine.UserID", "UN95938806458819544");
Gefunden : user_pref("ConduitEngine.engineLocale", "de");
Gefunden : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 30 2011 22:02:20 GMT+0200");
Gefunden : user_pref("ConduitEngine.initDone", true);
Gefunden : user_pref("ConduitEngine.isAppTrackingManagerOn", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Standard\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [33414 octets] - [02/09/2012 13:24:08]

########## EOF - C:\AdwCleaner[R1].txt - [33475 octets] ##########

Alt 03.09.2012, 18:36   #8
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Bitte das Malwarebytes Logfile posten!
(Reiter Logberichte)


Alles im normalen Modus durchfuehren, sonst ist es sinnlos!
__________________
Mfg, t'john
Das TB unterstützen

Alt 04.09.2012, 12:27   #9
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Im normalen Modus kam (bis zur Durchführung des OTL) immer diese Meldung.
Seither funktioniert scheinbar wieder alles.
Ich habe nun die letzten beiden Scans im normalen Modus durchgeführt, hier nun die Files:

mbam-log:

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.04.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Standard :: CONSTANZE [Administrator]

Schutz: Aktiviert

04.09.2012 10:54:21
mbam-log-2012-09-04 (10-54-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 432888
Laufzeit: 2 Stunde(n), 14 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


AdwCleaner:

# AdwCleaner v2.000 - Datei am 09/04/2012 um 13:24:02 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Standard - CONSTANZE
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Standard\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SweetIm.xml
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\ConduitEngine
Ordner Gefunden : C:\Program Files\DVDVideoSoftTB
Ordner Gefunden : C:\Program Files\Ilivid
Ordner Gefunden : C:\Program Files\softonic-de3
Ordner Gefunden : C:\Program Files\Windows iLivid Toolbar
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\Users\Standard\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\Local\Ilivid Player
Ordner Gefunden : C:\Users\Standard\AppData\Local\softonic-de3
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\ConduitEngine
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\DVDVideoSoftTB
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Standard\AppData\LocalLow\softonic-de3
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\Conduit
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\ConduitCommon
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\CT2269050
Ordner Gefunden : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\softonic-de3 Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\softonic-de3
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKCU\Software\SweetIm
Schlüssel Gefunden : HKCU\Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\Software\conduitEngine
Schlüssel Gefunden : HKLM\Software\Description
Schlüssel Gefunden : HKLM\Software\DVDVideoSoftTB
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C79A83E-EC26-4F18-8C7A-B60076C2F068}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F08D873-E9B2-4F7B-A8B7-D4851B2B1CBA}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2CBCDB4-0A55-4AEC-84D4-2A1600787FC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF830BE8-3A84-44D6-9EA4-730B81EAB2A1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gefunden : HKLM\Software\softonic-de3
Schlüssel Gefunden : HKLM\Software\SweetIm

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\prefs.js

Gefunden : user_pref("CT2269050..clientLogIsEnabled", true);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Gefunden : user_pref("CT2269050.CT2269050", "CT2269050");
Gefunden : user_pref("CT2269050.CurrentServerDate", "26-6-2011");
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gefunden : user_pref("CT2269050.FirstServerDate", "30-4-2011");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.HomePageProtectorEnabled", true);
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstallationId", "StubInstaller");
Gefunden : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsInitSetupIni", true);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2269050.IsProtectorsInit", true);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.5.0.12", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.LatestVersion", "3.3.3.2");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Sun Jun 26 2011 22:08:47 GMT+0200");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Gefunden : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2269050.SearchProtectorEnabled", true);
Gefunden : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1307989396");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246786978");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gefunden : user_pref("CT2269050.UserID", "UN65709601222051420");
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.components.1000515", true);
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gefunden : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2269050.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2431245.CTID", "CT2431245");
Gefunden : user_pref("CT2431245.CurrentServerDate", "25-4-2010");
Gefunden : user_pref("CT2431245.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2431245.EMailNotifierPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedLastCount129009402595187825", 1096);
Gefunden : user_pref("CT2431245.FeedPollDate7470634014180506963", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014269327586", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014329599698", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014537505092", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014970726540", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015410831318", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015483395460", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015636754705", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015768347545", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015855543602", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016030710453", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016114705611", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016129205152", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016143724791", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016271239162", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016568520719", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016726993788", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017109031809", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017132743740", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017299547668", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017302327846", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017344111490", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017478360748", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017732797593", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017821686064", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634018090228721", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Gefunden : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Gefunden : user_pref("CT2431245.FirstServerDate", "8-4-2010");
Gefunden : user_pref("CT2431245.FirstTime", true);
Gefunden : user_pref("CT2431245.FirstTimeFF3", true);
Gefunden : user_pref("CT2431245.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2431245.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2431245.Initialize", true);
Gefunden : user_pref("CT2431245.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2431245.InstalledDate", "Wed Apr 07 2010 23:38:37 GMT+0200");
Gefunden : user_pref("CT2431245.InvalidateCache", false);
Gefunden : user_pref("CT2431245.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2431245.IsGrouping", false);
Gefunden : user_pref("CT2431245.IsMulticommunity", false);
Gefunden : user_pref("CT2431245.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2431245.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2431245.LanguagePackLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gefunden : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2431245.LastLogin_2.5.8.6", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gefunden : user_pref("CT2431245.LatestVersion", "2.1.0.18");
Gefunden : user_pref("CT2431245.Locale", "de-de");
Gefunden : user_pref("CT2431245.LoginCache", 4);
Gefunden : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2431245.RadioIsPodcast", false);
Gefunden : user_pref("CT2431245.RadioLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gefunden : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2431245.RadioLastUpdateServer", "3");
Gefunden : user_pref("CT2431245.RadioMediaID", "9962");
Gefunden : user_pref("CT2431245.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT24312459962");
Gefunden : user_pref("CT2431245.RadioStationName", "California%20Rock");
Gefunden : user_pref("CT2431245.RadioStationURL", "hxxp://feedlive.net/california.asx");
Gefunden : user_pref("CT2431245.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2431245.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gefunden : user_pref("CT2431245.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Sat Apr 24 2010 17:43:58 GMT+0200");
Gefunden : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2431245.ServiceMapLastCheckTime", "Tue Nov 01 2011 14:47:59 GMT+0100");
Gefunden : user_pref("CT2431245.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2431245.SettingsLastCheckTime", "Sun Apr 25 2010 00:54:58 GMT+0200");
Gefunden : user_pref("CT2431245.SettingsLastUpdate", "1271839082");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Tue Nov 01 2011 14:48:01 GMT+0100");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1265977679");
Gefunden : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2431245.UserID", "UN54546481184426710");
Gefunden : user_pref("CT2431245.ValidationData_Search", 0);
Gefunden : user_pref("CT2431245.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2431245.WeatherNetwork", "");
Gefunden : user_pref("CT2431245.WeatherPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gefunden : user_pref("CT2431245.WeatherUnit", "C");
Gefunden : user_pref("CT2431245.alertChannelId", "825452");
Gefunden : user_pref("CT2431245.clientLogIsEnabled", true);
Gefunden : user_pref("CT2431245.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2431245.myStuffEnabled", true);
Gefunden : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2431245.testingCtid", "");
Gefunden : user_pref("CT2431245.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gefunden : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Gefunden : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Gefunden : user_pref("CommunityToolbar.IsEngineShown", false);
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Standard\\AppData\\Roaming\\Mozilla[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gefunden : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+02[...]
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 19:58:28 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 11:57:05 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "03524339-a7e0-4fd1-94c5-de4588ebc1cc");
Gefunden : user_pref("CommunityToolbar.globalUserId", "c1c2350f-8e55-4b6d-9a77-c83829e759c9");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Gefunden : user_pref("CommunityToolbar.killedEngine", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Nov 01 2011 14:48:0[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Nov 01 2011 14:48:02 GMT+0100");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "ff009e10-4526-47a2-98a9-4c5af1492bab");
Gefunden : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 16 2011 21:34:15 GMT+0200");
Gefunden : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.FirstServerDate", "04/30/2011 23");
Gefunden : user_pref("ConduitEngine.FirstTime", true);
Gefunden : user_pref("ConduitEngine.FirstTimeFF3", true);
Gefunden : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gefunden : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Gefunden : user_pref("ConduitEngine.Initialize", true);
Gefunden : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gefunden : user_pref("ConduitEngine.InstalledDate", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gefunden : user_pref("ConduitEngine.IsMulticommunity", false);
Gefunden : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gefunden : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gefunden : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gefunden : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Gefunden : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 30 2011 22:02:16 GMT+0200");
Gefunden : user_pref("ConduitEngine.UserID", "UN95938806458819544");
Gefunden : user_pref("ConduitEngine.engineLocale", "de");
Gefunden : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gefunden : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 30 2011 22:02:20 GMT+0200");
Gefunden : user_pref("ConduitEngine.initDone", true);
Gefunden : user_pref("ConduitEngine.isAppTrackingManagerOn", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Standard\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [33545 octets] - [02/09/2012 13:24:08]
AdwCleaner[R2].txt - [33484 octets] - [04/09/2012 13:24:02]

########## EOF - C:\AdwCleaner[R2].txt - [33545 octets] ##########

Alt 04.09.2012, 18:34   #10
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Sehr gut!


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 08.09.2012, 16:28   #11
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



# AdwCleaner v2.000 - Datei am 09/08/2012 um 14:25:51 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Standard - CONSTANZE
# Normaler Modus : Normal
# Ausgeführt unter : F:\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Datei Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\searchplugins\SweetIm.xml
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\ConduitEngine
Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files\Ilivid
Ordner Gelöscht : C:\Program Files\softonic-de3
Ordner Gelöscht : C:\Program Files\Windows iLivid Toolbar
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Standard\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Standard\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Standard\AppData\Local\softonic-de3
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Standard\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\Conduit
Ordner Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\ConduitCommon
Ordner Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\CT2269050
Ordner Gelöscht : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\softonic-de3 Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\softonic-de3
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\SweetIm
Schlüssel Gelöscht : HKCU\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E16FB133-3009-4B94-8405-89790145B924}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\Description
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C79A83E-EC26-4F18-8C7A-B60076C2F068}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F08D873-E9B2-4F7B-A8B7-D4851B2B1CBA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2CBCDB4-0A55-4AEC-84D4-2A1600787FC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF830BE8-3A84-44D6-9EA4-730B81EAB2A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{74EF43C4-5C07-4F9C-A5B5-67C211B694B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1F9877E-1DC5-4F75-9AC3-13EE32516EC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gelöscht : HKLM\Software\softonic-de3
Schlüssel Gelöscht : HKLM\Software\SweetIm

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\Standard\AppData\Roaming\Mozilla\Firefox\Profiles\ha5vzwsg.default\prefs.js

Gelöscht : user_pref("CT2269050..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true);
Gelöscht : user_pref("CT2269050.CT2269050", "CT2269050");
Gelöscht : user_pref("CT2269050.CurrentServerDate", "26-6-2011");
Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2269050.DialogsGetterLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gelöscht : user_pref("CT2269050.FirstServerDate", "30-4-2011");
Gelöscht : user_pref("CT2269050.FirstTime", true);
Gelöscht : user_pref("CT2269050.FirstTimeFF3", true);
Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2269050.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2269050.HomePageProtectorEnabled", true);
Gelöscht : user_pref("CT2269050.Initialize", true);
Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2269050.InstallationId", "StubInstaller");
Gelöscht : user_pref("CT2269050.InstallationType", "ConduitIntegration");
Gelöscht : user_pref("CT2269050.InstalledDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gelöscht : user_pref("CT2269050.InvalidateCache", false);
Gelöscht : user_pref("CT2269050.IsGrouping", false);
Gelöscht : user_pref("CT2269050.IsInitSetupIni", true);
Gelöscht : user_pref("CT2269050.IsMulticommunity", false);
Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2269050.IsProtectorsInit", true);
Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2269050.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gelöscht : user_pref("CT2269050.LastLogin_3.5.0.12", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gelöscht : user_pref("CT2269050.LatestVersion", "3.3.3.2");
Gelöscht : user_pref("CT2269050.Locale", "en");
Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2269050.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2269050.RadioIsPodcast", false);
Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Sun Jun 26 2011 22:08:47 GMT+0200");
Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383");
Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gelöscht : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gelöscht : user_pref("CT2269050.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Gelöscht : user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2269050.SearchProtectorEnabled", true);
Gelöscht : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2269050.ServiceMapLastCheckTime", "Sun Jun 26 2011 22:08:46 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1307989396");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Jun 26 2011 22:08:43 GMT+0200");
Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246786978");
Gelöscht : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gelöscht : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gelöscht : user_pref("CT2269050.UserID", "UN65709601222051420");
Gelöscht : user_pref("CT2269050.WeatherNetwork", "");
Gelöscht : user_pref("CT2269050.WeatherPollDate", "Sun Jun 26 2011 22:08:48 GMT+0200");
Gelöscht : user_pref("CT2269050.WeatherUnit", "C");
Gelöscht : user_pref("CT2269050.alertChannelId", "666138");
Gelöscht : user_pref("CT2269050.components.1000515", true);
Gelöscht : user_pref("CT2269050.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gelöscht : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.initDone", true);
Gelöscht : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2269050.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2269050.myStuffEnabled", true);
Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2269050.testingCtid", "");
Gelöscht : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gelöscht : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sun Jun 26 2011 22:08:49 GMT+0200");
Gelöscht : user_pref("CT2269050.usagesFlag", 2);
Gelöscht : user_pref("CT2431245.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2431245.CTID", "CT2431245");
Gelöscht : user_pref("CT2431245.CurrentServerDate", "25-4-2010");
Gelöscht : user_pref("CT2431245.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2431245.EMailNotifierPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedLastCount129009402595187825", 1096);
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014180506963", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014269327586", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014329599698", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014537505092", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014970726540", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015410831318", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015483395460", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015636754705", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015768347545", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015855543602", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016030710453", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016114705611", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016129205152", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016143724791", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016271239162", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016568520719", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016726993788", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017109031809", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017132743740", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017299547668", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017302327846", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017344111490", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017478360748", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017732797593", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017821686064", "Sun Apr 25 2010 00:55:01 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634018090228721", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedTTL7470634014269327586", 5);
Gelöscht : user_pref("CT2431245.FeedTTL7470634014537505092", 5);
Gelöscht : user_pref("CT2431245.FeedTTL7470634015636754705", 5);
Gelöscht : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Gelöscht : user_pref("CT2431245.FirstServerDate", "8-4-2010");
Gelöscht : user_pref("CT2431245.FirstTime", true);
Gelöscht : user_pref("CT2431245.FirstTimeFF3", true);
Gelöscht : user_pref("CT2431245.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2431245.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2431245.Initialize", true);
Gelöscht : user_pref("CT2431245.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2431245.InstalledDate", "Wed Apr 07 2010 23:38:37 GMT+0200");
Gelöscht : user_pref("CT2431245.InvalidateCache", false);
Gelöscht : user_pref("CT2431245.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2431245.IsGrouping", false);
Gelöscht : user_pref("CT2431245.IsMulticommunity", false);
Gelöscht : user_pref("CT2431245.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2431245.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2431245.LanguagePackLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gelöscht : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2431245.LastLogin_2.5.8.6", "Sun Apr 25 2010 00:54:59 GMT+0200");
Gelöscht : user_pref("CT2431245.LatestVersion", "2.1.0.18");
Gelöscht : user_pref("CT2431245.Locale", "de-de");
Gelöscht : user_pref("CT2431245.LoginCache", 4);
Gelöscht : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2431245.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2431245.RadioIsPodcast", false);
Gelöscht : user_pref("CT2431245.RadioLastCheckTime", "Sat Apr 24 2010 17:44:07 GMT+0200");
Gelöscht : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2431245.RadioLastUpdateServer", "3");
Gelöscht : user_pref("CT2431245.RadioMediaID", "9962");
Gelöscht : user_pref("CT2431245.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT24312459962");
Gelöscht : user_pref("CT2431245.RadioStationName", "California%20Rock");
Gelöscht : user_pref("CT2431245.RadioStationURL", "hxxp://feedlive.net/california.asx");
Gelöscht : user_pref("CT2431245.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2431245.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2431245.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Sat Apr 24 2010 17:43:58 GMT+0200");
Gelöscht : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2431245.ServiceMapLastCheckTime", "Tue Nov 01 2011 14:47:59 GMT+0100");
Gelöscht : user_pref("CT2431245.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2431245.SettingsLastCheckTime", "Sun Apr 25 2010 00:54:58 GMT+0200");
Gelöscht : user_pref("CT2431245.SettingsLastUpdate", "1271839082");
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Tue Nov 01 2011 14:48:01 GMT+0100");
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1265977679");
Gelöscht : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2431245.UserID", "UN54546481184426710");
Gelöscht : user_pref("CT2431245.ValidationData_Search", 0);
Gelöscht : user_pref("CT2431245.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2431245.WeatherNetwork", "");
Gelöscht : user_pref("CT2431245.WeatherPollDate", "Sun Apr 25 2010 00:55:00 GMT+0200");
Gelöscht : user_pref("CT2431245.WeatherUnit", "C");
Gelöscht : user_pref("CT2431245.alertChannelId", "825452");
Gelöscht : user_pref("CT2431245.clientLogIsEnabled", true);
Gelöscht : user_pref("CT2431245.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2431245.myStuffEnabled", true);
Gelöscht : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2431245.testingCtid", "");
Gelöscht : user_pref("CT2431245.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", false);
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "dvdvideosofttb");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Standard\\AppData\\Roaming\\Mozilla[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{872b5b88-9db5-4310-bdd0-ac189557e5f5}");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "dvdvideosofttb");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,CT2269050");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245,CT2269050");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+02[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 19:58:28 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 23 2011 11:57:05 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "03524339-a7e0-4fd1-94c5-de4588ebc1cc");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "c1c2350f-8e55-4b6d-9a77-c83829e759c9");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050");
Gelöscht : user_pref("CommunityToolbar.killedEngine", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Nov 01 2011 14:48:0[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Nov 01 2011 14:48:02 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "ff009e10-4526-47a2-98a9-4c5af1492bab");
Gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 16 2011 21:34:15 GMT+0200");
Gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "04/30/2011 23");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 30 2011 22:02:19 GMT+0200");
Gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 30 2011 22:02:16 GMT+0200");
Gelöscht : user_pref("ConduitEngine.UserID", "UN95938806458819544");
Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 30 2011 22:02:18 GMT+0200");
Gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 30 2011 22:02:20 GMT+0200");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Standard\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [33545 octets] - [02/09/2012 13:24:08]
AdwCleaner[R2].txt - [33615 octets] - [04/09/2012 13:24:02]
AdwCleaner[S1].txt - [33408 octets] - [08/09/2012 14:25:51]

########## EOF - C:\AdwCleaner[S1].txt - [33469 octets] ##########


Emsisoft Anti-Malware - Version 6.6
Letztes Update: 08.09.2012 14:50:45

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 08.09.2012 14:51:20

Value: hkey_current_user\software\jollybear\big city adventure san francisco --> fullscreen gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco --> hardwareacceleration gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> 3diniterror gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> 3dinitwarning gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco --> widescreen gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> driver gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> driverdate gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> directxversion gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco --> musicvolume gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco --> soundsvolume gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> driverdescription gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> lasttestversion gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> lastresolution gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> lasttestbitcount gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> freevideoblocks gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1
Value: hkey_current_user\software\jollybear\big city adventure san francisco\3dsettings --> useddtm gefunden: Trace.Registry.gamefiesta big city adventure san francisco!E1

Gescannt 643988
Gefunden 16

Scan Ende: 08.09.2012 17:12:20
Scan Zeit: 2:21:00

Alt 08.09.2012, 20:41   #12
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Sehr gut!

Lasse die Funde in Quarantaene verschieben, dann:

Deinstalliere:
Emsisoft Anti-Malware


ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
__________________
Mfg, t'john
Das TB unterstützen

Alt 10.09.2012, 08:57   #13
seraphin516
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a2de301f61201046b36c48e93102cc55
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-09 11:19:15
# local_time=2012-09-10 01:19:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1026 16777214 0 2 117689477 117689477 0 0
# compatibility_mode=4096 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776637 100 100 1166 184756061 0 0
# compatibility_mode=8192 67108863 100 0 107 107 0 0
# scanned=211600
# found=1
# cleaned=1
# scan_time=9421
C:\_OTL\MovedFiles\09012012_162824\C_Users\Standard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1193aeb1-7003582d multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

Alt 10.09.2012, 21:01   #14
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 7 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck



Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck
__________________
Mfg, t'john
Das TB unterstützen

Alt 28.10.2012, 20:19   #15
t'john
/// Helfer-Team
 
GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Standard

GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!
administrator, appdata, autostart, avast, avira, dateien, dateisystem, explorer, forum, gelöscht, gvu-virus, heuristiks/extra, heuristiks/shuriken, java, kaspersky, malwarebytes, microsoft, roaming, scan, schutz, software, start, start menu, starten, suche, temp, virenschutz, vista, webcam



Ähnliche Themen: GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!


  1. Virus blockt Malwarebytes und Malwarebytes Chameleon
    Log-Analyse und Auswertung - 23.08.2014 (19)
  2. BKA Virus/WIN XP/ OTL.txt dabei
    Plagegeister aller Art und deren Bekämpfung - 21.12.2012 (30)
  3. GVU Virus mit WebCam
    Log-Analyse und Auswertung - 16.07.2012 (7)
  4. GVU-Virus mit Webcam
    Log-Analyse und Auswertung - 09.07.2012 (1)
  5. GVU Virus mit Webcam!
    Log-Analyse und Auswertung - 06.07.2012 (11)
  6. Malwarebytes Antimalware findet "Trojan.Agent", MBAM/OTL Logs mit dabei
    Log-Analyse und Auswertung - 24.06.2011 (1)
  7. 15 infizierte Objekte bei Malwarebytes! Ist was bedrohliches dabei?
    Log-Analyse und Auswertung - 28.04.2011 (7)
  8. Verdacht auf Virus! Kann sich mal einer diesen HijackThis Protokoll ansehen?
    Mülltonne - 15.12.2009 (1)
  9. Erneut ein Virus-Logfile ist dabei?
    Log-Analyse und Auswertung - 12.12.2009 (2)
  10. 3 Trojaner eingefangen Namen sind dabei hijackthis dabei kleine Problemmeldung..
    Log-Analyse und Auswertung - 08.09.2009 (18)
  11. Ich habe einen Virus!Hjacklog dabei
    Log-Analyse und Auswertung - 08.05.2009 (0)
  12. Virus Veracht; HiJackThis Log-File dabei
    Log-Analyse und Auswertung - 15.06.2007 (3)
  13. ist noch ein Virus dabei?
    Log-Analyse und Auswertung - 16.01.2006 (3)
  14. IEXPLORER.EXE - Virus oder Trojaner? (Link zu Infos über Problematik ist dabei)
    Log-Analyse und Auswertung - 31.12.2005 (8)
  15. Tr/dldr.Krepper.3 Virus gefunden. Was mache ich jetzt (Logfile mit dabei)
    Log-Analyse und Auswertung - 15.05.2005 (1)
  16. exe-Datei - Protokoll
    Alles rund um Windows - 14.06.2004 (1)

Zum Thema GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! - Hallo zusammen! Mich hat er auch erwischt: der GVU-Virus. Ich bräuchte deshalb einen guten Rat. Zur Geschichte des Problems: Mittwochabend (29.08.) tauchte die "Erpresser-Seite" zum ersten Mal auf. Nach einem - GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei!...
Archiv
Du betrachtest: GVU-Virus mit Webcam (2.7) - Malwarebytes Protokoll ist dabei! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.