| |
| |||||||
Log-Analyse und Auswertung: Lüfter dreht hoch - Ilivid?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.09.2012, 11:11
| #1 |
 |  Lüfter dreht hoch - Ilivid? Lüfter dreht hoch - Ilivid? Der Lüfter von meinem Nootbook (HP Pavilion dv7-6101eg, mit Windows 7) schaltet hoch, sobald ich den browser öffne – obwohl keinerlei offensichtliche Anwendung läuft. Das finde ich erst einmal verdächtig: was arbeitet da? Dann habe ich gestern auf kinox.to einen Film ansehen wollen und bin bei den verschiedenen host-plattformen immer wieder zu einem ilivid download gekommen. Den habe ich beim ersten Mal auch gestartet, aber nach einiger Zeit abgebrochen und im Internet nach „ilivid“ gesucht. Nachdem ich einige postings dazu gelesen hatte, führte ich mit „ Malwarebytes Anti-Malware “ einen Suchlauf aus, bei dem einige verdächtige Elemente gefunden und gelöst wurden. Gleichzeitig meldete Antivir das Auffinden von fünf verdächtigen Objekten, die ich ebenfalls gelöscht habe. Schließlich habe ich, wie in diesem board beschrieben, noch einen Scan mit OTL durchgeführt. Die beiden Log-Files poste ich hier. Ich habe darüber hinaus noch mit dem RegCleaner von Antivir einen scan durchgeführt – wenn ich wüsste, wie man hier einen screenshot postet, würde ich auch das tun. Kann mir anhand der Log-Files jemand sagen, ob da etwas im Busch ist? Wie könnte ich der Frage auf den Grund gehen, warum der Lüfter so hoch dreht (und auch die Temperatur: Intel Core5-1: 61 / Core5-2: 61 / HP-3389 THRM: 62) bei derzeit kaum Anwendungen so hoch ist. Danke Martin |
|
03.09.2012, 21:57
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Lüfter dreht hoch - Ilivid?Zitat:
 Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
04.09.2012, 08:59
| #3 |
| | Lüfter dreht hoch - Ilivid? Erstmal danke, dass du dir die Sache ansiehst!
__________________Meinst du diese Infos: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.01.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 superaze :: SUPERAZE-HP [Administrator] Schutz: Aktiviert 01.09.2012 18:36:26 mbam-log-2012-09-01 (18-36-26).txt Art des Suchlaufs: Vollständiger Suchlauf (B:\|C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 462950 Laufzeit: 1 Stunde(n), 35 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\CrossriderApp0005060.BHO (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0005060.FBApi (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0005060.FBApi.1 (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0005060.Sandbox (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0005060.Sandbox.1 (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Daten: Savings Sidekick -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Antivir-Meldungen: Die Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_567\uninstall.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware]. …. Die Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware]. … Die Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_569\uninstall.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware]. … Die Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_342\uninstall.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware]. … Die Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_383\uninstall.exe' enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware]. … In allen Fällen > Durchgeführte Aktion(en): Eine Sicherungskopie wurde unter dem Namen XXX .qua erstellt ( QUARANTÄNE ). Die Datei wurde ins Quarantäneverzeichnis …. verschoben! In der Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_569\uninstall.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware] … In der Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_383\uninstall.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware] gefunden. … In der Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware] … In der Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_567\uninstall.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware] gefunden. … In der Datei 'C:\Program Files (x86)\Uninstall Information\ib_uninst_342\uninstall.exe' wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallBrain.Gen' [adware] gefunden. In allen Fällen > Ausgeführte Aktion: Zugriff verweigern |
|
04.09.2012, 15:42
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid?Zitat:
NICHTS voreilig aus der Quarantäne löschen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.09.2012, 19:17
| #5 |
| | Lüfter dreht hoch - Ilivid? in der Quarantäne, ok! ... aber nicht löschen? |
|
04.09.2012, 19:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid? Führ bitte auch ESET aus, danach sehen wir weiter. Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden. ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
 + R Taste und kopiere folgenden Text in das Ausführen Fenster.Code:
ATTFilter "%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Code:
ATTFilter "%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ --> Lüfter dreht hoch - Ilivid? |
|
05.09.2012, 11:35
| #7 |
| | Lüfter dreht hoch - Ilivid?Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=7a0e45050fd3c8438bbd9101be17a5a2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-05 10:32:19
# local_time=2012-09-05 12:32:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 24704868 24704868 0 0
# compatibility_mode=5893 16776573 100 94 93064 98464221 0 0
# compatibility_mode=8192 67108863 100 0 164 164 0 0
# scanned=273022
# found=7
# cleaned=0
# scan_time=6767
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\superaze\Downloads\FPDownloadManager.exe Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Users\superaze\Downloads\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
C:\Users\superaze\Downloads\SoftonicDownloader_fuer_ibm-spss-statistics-standard.exe a variant of Win32/SoftonicDownloader.D application (unable to clean) 00000000000000000000000000000000 I
C:\Users\superaze\Downloads\SweetImSetup.exe a variant of Win32/SweetIM.B application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Installer\c8681f3.msi a variant of Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
${Memory} a variant of Win32/Toolbar.Widgi application 00000000000000000000000000000000 I
|
|
05.09.2012, 15:00
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid?Code:
ATTFilter C:\Users\superaze\Downloads\SoftonicDownloader_fuer_ibm-spss-statistics-standard.exe
 Finger weg von Softonic!!  Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 15:37
| #9 |
| | Lüfter dreht hoch - Ilivid?Code:
ATTFilter # AdwCleaner v1.801 - Logfile created 09/05/2012 at 16:34:56
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : superaze - SUPERAZE-HP
# Boot Mode : Normal
# Running from : C:\Users\superaze\Downloads\adwCleaner1801.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\superaze\AppData\Local\AskToolbar
Folder Found : C:\Users\superaze\AppData\Local\Conduit
Folder Found : C:\Users\superaze\AppData\LocalLow\appbario8
Folder Found : C:\Users\superaze\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\superaze\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\superaze\AppData\LocalLow\Conduit
Folder Found : C:\Users\superaze\AppData\LocalLow\pdfforge
Folder Found : C:\Users\superaze\AppData\LocalLow\PriceGong
Folder Found : C:\Users\superaze\AppData\LocalLow\Search Settings
Folder Found : C:\Users\superaze\AppData\Roaming\pdfforge
Folder Found : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\ConduitCommon
Folder Found : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\CT3227982
Folder Found : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\extensions\{0cc09160-108c-4759-bab1-5c12c216e005}
Folder Found : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\pc performer manager
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Folder Found : C:\Program Files (x86)\appbario8
Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Crawler
Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Found : C:\Program Files (x86)\PriceGong
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Found : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\searchplugins\Conduit.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\bProtector
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\pdfforge
Key Found : HKCU\Software\Search Settings
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\appbario8
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Found : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Found : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\CToolbar
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\appbario8 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Found : HKLM\SOFTWARE\pdfforge
Key Found : HKLM\SOFTWARE\Search Settings
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[x64] Key Found : HKCU\Software\APN
[x64] Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\Ask.com
[x64] Key Found : HKCU\Software\Ask.com.tmp
[x64] Key Found : HKCU\Software\AskToolbar
[x64] Key Found : HKCU\Software\bProtector
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\Cr_Installer
[x64] Key Found : HKCU\Software\CToolbar
[x64] Key Found : HKCU\Software\DataMngr
[x64] Key Found : HKCU\Software\DataMngr_Toolbar
[x64] Key Found : HKCU\Software\InstalledBrowserExtensions
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[x64] Key Found : HKCU\Software\pdfforge
[x64] Key Found : HKCU\Software\Search Settings
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[x64] Key Found : HKLM\SOFTWARE\Classes\ctbr.R404Pro
[x64] Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[x64] Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[x64] Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[x64] Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[x64] Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
[x64] Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
[x64] Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
[x64] Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
[x64] Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC09160-108C-4759-BAB1-5C12C216E005}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88C52ECB-DE9F-4F9D-B1DE-304527565B23}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4577701A-D06B-4C1C-BA46-FFADC94D7494}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CC09160-108C-4759-BAB1-5C12C216E005}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CC09160-108C-4759-BAB1-5C12C216E005}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CC09160-108C-4759-BAB1-5C12C216E005}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CC09160-108C-4759-BAB1-5C12C216E005}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CC09160-108C-4759-BAB1-5C12C216E005}
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0CC09160-108C-4759-BAB1-5C12C216E005}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227982
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60747
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3227980
-\\ Mozilla Firefox v16.0 (de)
Profile name : default
File : C:\Users\superaze\AppData\Roaming\Mozilla\Firefox\Profiles\zbd7w197.default\prefs.js
Found : user_pref("CT3227982..clientLogIsEnabled", false);
Found : user_pref("CT3227982..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3227982..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3227982.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT3227982.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3227982.BrowserCompStateIsOpen_1000515", true);
Found : user_pref("CT3227982.BrowserCompStateIsOpen_9221552460232570768", true);
Found : user_pref("CT3227982.CT3227982", "CT3227982");
Found : user_pref("CT3227982.CurrentServerDate", "5-9-2012");
Found : user_pref("CT3227982.DSChangedManually", true);
Found : user_pref("CT3227982.DSInstall", true);
Found : user_pref("CT3227982.DialogsAlignMode", "LTR");
Found : user_pref("CT3227982.DialogsGetterLastCheckTime", "Wed Sep 05 2012 11:57:02 GMT+0200");
Found : user_pref("CT3227982.DownloadReferralCookieData", "");
Found : user_pref("CT3227982.EMailNotifierPollDate", "Thu Aug 23 2012 19:39:17 GMT+0200");
Found : user_pref("CT3227982.FirstServerDate", "22-8-2012");
Found : user_pref("CT3227982.FirstTime", true);
Found : user_pref("CT3227982.FirstTimeFF3", true);
Found : user_pref("CT3227982.FirstTimeHiddenVer", true);
Found : user_pref("CT3227982.FixPageNotFoundErrors", true);
Found : user_pref("CT3227982.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3227982.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3227982.HPInstall", true);
Found : user_pref("CT3227982.HasUserGlobalKeys", true);
Found : user_pref("CT3227982.HomePageProtectorEnabled", true);
Found : user_pref("CT3227982.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=[...]
Found : user_pref("CT3227982.Initialize", true);
Found : user_pref("CT3227982.InitializeCommonPrefs", true);
Found : user_pref("CT3227982.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT3227982.InstallationType", "Unknown");
Found : user_pref("CT3227982.InstalledDate", "Wed Aug 22 2012 20:40:55 GMT+0200");
Found : user_pref("CT3227982.InvalidateCache", false);
Found : user_pref("CT3227982.IsAlertDBUpdated", true);
Found : user_pref("CT3227982.IsGrouping", false);
Found : user_pref("CT3227982.IsInitSetupIni", true);
Found : user_pref("CT3227982.IsMulticommunity", false);
Found : user_pref("CT3227982.IsOpenThankYouPage", true);
Found : user_pref("CT3227982.IsOpenUninstallPage", true);
Found : user_pref("CT3227982.IsProtectorsInit", true);
Found : user_pref("CT3227982.LanguagePackLastCheckTime", "Tue Sep 04 2012 19:44:00 GMT+0200");
Found : user_pref("CT3227982.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3227982.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3227982.LastLogin_3.15.1.0", "Wed Sep 05 2012 09:16:38 GMT+0200");
Found : user_pref("CT3227982.LatestVersion", "3.15.1.0");
Found : user_pref("CT3227982.Locale", "en");
Found : user_pref("CT3227982.MCDetectTooltipHeight", "83");
Found : user_pref("CT3227982.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3227982.MCDetectTooltipWidth", "295");
Found : user_pref("CT3227982.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3227982.OriginalFirstVersion", "3.15.1.0");
Found : user_pref("CT3227982.RadioIsPodcast", false);
Found : user_pref("CT3227982.RadioLastCheckTime", "Thu Aug 23 2012 19:39:23 GMT+0200");
Found : user_pref("CT3227982.RadioLastUpdateIPServer", "3");
Found : user_pref("CT3227982.RadioLastUpdateServer", "3");
Found : user_pref("CT3227982.RadioMediaID", "9962");
Found : user_pref("CT3227982.RadioMediaType", "Media Player");
Found : user_pref("CT3227982.RadioMenuSelectedID", "EBRadioMenu_CT32279829962");
Found : user_pref("CT3227982.RadioShrinkedFromSetup", false);
Found : user_pref("CT3227982.RadioStationName", "California%20Rock");
Found : user_pref("CT3227982.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT3227982.SavedHomepage", "about:home");
Found : user_pref("CT3227982.SearchCaption", "appbario8 Customized Web Search");
Found : user_pref("CT3227982.SearchEngineBeforeUnload", "Google");
Found : user_pref("CT3227982.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3227982.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]
Found : user_pref("CT3227982.SearchInNewTabEnabled", true);
Found : user_pref("CT3227982.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3227982.SearchInNewTabLastCheckTime", "Wed Sep 05 2012 09:36:20 GMT+0200");
Found : user_pref("CT3227982.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3227982.SearchProtectorEnabled", false);
Found : user_pref("CT3227982.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT3227982.SendProtectorDataViaLogin", true);
Found : user_pref("CT3227982.ServiceMapLastCheckTime", "Wed Sep 05 2012 09:36:22 GMT+0200");
Found : user_pref("CT3227982.SettingsLastCheckTime", "Wed Sep 05 2012 09:36:20 GMT+0200");
Found : user_pref("CT3227982.SettingsLastUpdate", "1346671355");
Found : user_pref("CT3227982.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13");
Found : user_pref("CT3227982.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3227982.ThirdPartyComponentsLastCheck", "Wed Aug 22 2012 15:03:10 GMT+0200");
Found : user_pref("CT3227982.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT3227982.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3227982.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3227982");
Found : user_pref("CT3227982.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3227982.UserID", "UN05558750173541349");
Found : user_pref("CT3227982.WeatherNetwork", "");
Found : user_pref("CT3227982.WeatherPollDate", "Thu Aug 23 2012 19:39:24 GMT+0200");
Found : user_pref("CT3227982.WeatherUnit", "C");
Found : user_pref("CT3227982.alertChannelId", "1663751");
Found : user_pref("CT3227982.autoDisableScopes", -1);
Found : user_pref("CT3227982.backendstorage.bday_installdate", "32332D37");
Found : user_pref("CT3227982.backendstorage.bday_installfromtoolbar", "796573");
Found : user_pref("CT3227982.backendstorage.ct3227982ads1", "25374225323261647325323225334125354225374225323[...]
Found : user_pref("CT3227982.backendstorage.ct3227982current_term", "74656C65666F6E627563682E6465");
Found : user_pref("CT3227982.backendstorage.ct3227982sdate", "3233");
Found : user_pref("CT3227982.components.1000034", true);
Found : user_pref("CT3227982.components.1000234", true);
Found : user_pref("CT3227982.components.1000515", true);
Found : user_pref("CT3227982.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3227982.globalFirstTimeInfoLastCheckTime", "Wed Aug 22 2012 15:03:11 GMT+0200");
Found : user_pref("CT3227982.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3227982.initDone", true);
Found : user_pref("CT3227982.isAppTrackingManagerOn", false);
Found : user_pref("CT3227982.isFirstRadioInstallation", false);
Found : user_pref("CT3227982.myStuffEnabled", true);
Found : user_pref("CT3227982.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3227982.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3227982.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3227982.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3227982.navigateToUrlOnSearch", false);
Found : user_pref("CT3227982.revertSettingsEnabled", true);
Found : user_pref("CT3227982.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3227982.searchProtectorEnableByLogin", true);
Found : user_pref("CT3227982.testingCtid", "");
Found : user_pref("CT3227982.toolbarAppMetaDataLastCheckTime", "Wed Sep 05 2012 09:36:23 GMT+0200");
Found : user_pref("CT3227982.toolbarContextMenuLastCheckTime", "Wed Aug 22 2012 15:03:12 GMT+0200");
Found : user_pref("CT3227982.usagesFlag", 1);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3227982&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "appbario8 Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3227982/CT3227982[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1663751/1656277/AT", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3227982", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3227982",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5f3[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\superaze\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.asp[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT3227982");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3227982");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3227982");
Found : user_pref("CommunityToolbar.globalUserId", "3c14d022-e635-4cf0-bf1e-6824773db8a3");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3227982");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 22 2012 15:03:1[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Aug 23 2012 19:39:35 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Aug 23 2012 19:39:26 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "805bad1b-84f0-4970-a6a6-ffbc3eb34220");
Found : user_pref("CommunityToolbar.originalHomepage", "about:home");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("browser.search.defaultenginename", "appbario8 Customized Web Search");
Found : user_pref("browser.search.defaultthis.engineName", "appbario8 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&Sea[...]
Found : user_pref("browser.search.order.1", "appbario8 Customized Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13");
Found : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Found : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1344716376);
Found : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false[...]
Found : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Found : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Found : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Found : user_pref("extensions.crossriderapp5060.5060.active", true);
Found : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Found : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG&&appA[...]
Found : user_pref("extensions.crossriderapp5060.5060.backgroundver", 5);
Found : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Found : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1344716376");
Found : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1344716376");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Wed Sep 05 2012 13:[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%5B%22nonexistantdomain.[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Mon Sep 10 2012 [...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22AT%22");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1346843194");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1346219133545");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2266354%22");
Found : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1346047899383");
Found : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Found : user_pref("extensions.crossriderapp5060.5060.domain", "");
Found : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Found : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp5060.5060.group", 0);
Found : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Found : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "28");
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Wed Sep 05[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...]
Found : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Found : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Found : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Found : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Found : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Found : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 4);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 2);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 3);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Found : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Found : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 10);
Found : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Found : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Found : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Found : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Found : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Found : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Found : user_pref("extensions.crossriderapp5060.5060.ver", 28);
Found : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Found : user_pref("extensions.crossriderapp5060.apps", "5060");
Found : user_pref("extensions.crossriderapp5060.bic", "13917586ec4693a548be35d47b1da244");
Found : user_pref("extensions.crossriderapp5060.cid", 5060);
Found : user_pref("extensions.crossriderapp5060.firstrun", false);
Found : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp5060.installationdate", 1344716435);
Found : user_pref("extensions.crossriderapp5060.lastcheck", 22447167);
Found : user_pref("extensions.crossriderapp5060.lastcheckitem", 22447387);
Found : user_pref("extensions.crossriderapp5060.modetype", "production");
Found : user_pref("extensions.enabledAddons", "{0cc09160-108c-4759-bab1-5c12c216e005}:3.15.1.0,crossriderapp[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=2&q=[...]
-\\ Google Chrome v21.0.1180.89
File : C:\Users\superaze\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [44759 octets] - [05/09/2012 16:34:56]
########## EOF - C:\AdwCleaner[R1].txt - [44888 octets] ##########
|
|
05.09.2012, 15:41
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid? Ich hab extra einen Downloadlink zum adwCleaner mitgegeben aber dennoch hast du eine alte von irgenwo anders benutzt!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 15:54
| #11 |
| | Lüfter dreht hoch - Ilivid? … weil im Explorer, in dem ich diese Forum-Seite geöffnet habe, ein SmartScreen-Filter die Ausführung blockiert hat. Im FireFox ging es, dafür habe ich dann eben selbst nach dem Programm gesucht. |
|
06.09.2012, 10:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid? Und nun willst du kein neues Log mit der aktuellen Version machen? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 11:05
| #13 |
| | Lüfter dreht hoch - Ilivid? Wie meinst du das? Womit will ich kein kein neues Log machen? Meinst du einen Scan mit AdwCleaner? Die Log-Datei habe ich jedenfalls im Beitrag #9 geposted. |
|
06.09.2012, 15:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lüfter dreht hoch - Ilivid? Liest du eigentlich meine Beiträge?  Natürlich sollst du ein neues Log mit der aktuellen Version machen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 15:39
| #15 |
| | Lüfter dreht hoch - Ilivid? wenn du nicht die Die Log-Datei meinst die ich im Beitrag #9 geposted habe, dann weiß ich tatsächlich nicht, was du meinst. Das ist die Log-Datei, die ich mit der aktuellen AdwCleaner-Version gemacht habe: „Logfile created 09/05/2012 at 16:34:56“. Wenn ich die jetzt nochmal poste, wird sie auch nicht aktueller. Wenn du eine Log-Datei von einem anderen Programm meinst, da sag' es mir bitte. |
|
| Themen zu Lüfter dreht hoch - Ilivid? |
| abgebrochen, antivir, anwendung, anwendungen, arbeitet, board, browser, download, ebenfalls, film, frage, gelöscht, gleichzeitig, intel, internet, lüfter, regcleaner, scan, schaltet, screenshot, temperatur, verdächtige, verschiedene, warum, windows, windows 7 |
Button.
Linear-Darstellung
