Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: In Firefox öffnet sich neues Fenster ( mit Wikipedia )

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 03.02.2013, 20:10   #1
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Hi und guten Abend !

Nach den vorliegenden Anweisungen habe ich "gmer" laufen lassen und poste den Log-file.
Das Problem ist, dass ( vermutlich nach einer Aktualisierung von Adobe Flash Player ) sich ein neues Browserfenster öffnet ( firefox ) und immer eine Wikipedia-Seite angezeigt wird.
Vermutlich wird es nicht genügen den Flash Player zu deinstallieren, daher meine Bitte um Hilfe. Ich habe hier Windows 7 - 32 bit. Vielen Dnak natürlich im Voraus !!
Hier der Log-File:
GMER Logfile:
Code:
ATTFilter
GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-03 19:54:43
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000075 TOSHIBA_ rev.AX00 931,51GB
Running: neu_gmer.com.exe; Driver: C:\Users\ALF\AppData\Local\Temp\uwldrpow.sys


---- System - GMER 2.0 ----

SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwAlpcConnectPort [0x92C3306E]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwAlpcCreatePort [0x92C33936]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwAssignProcessToJobObject [0x913A30DA]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwConnectPort [0x92C32AC4]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwCreateFile [0x913A3CA6]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwCreateKey [0x92C4E1C6]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwCreatePort [0x92C335CE]
SSDT   923691B6                                                                                                                                ZwCreateSection
SSDT   \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys                                        ZwCreateThreadEx [0x912646C0]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwCreateWaitablePort [0x92C3372C]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwDeleteFile [0x913A3EB8]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwDeleteKey [0x913A7714]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwDeleteValueKey [0x913A7756]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwLoadKey [0x913A78FA]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwLoadKey2 [0x92C5098A]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwLoadKeyEx [0x92C50E3C]
SSDT   \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)                          ZwMapViewOfSection [0x92C52D18]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwOpenFile [0x913A3DCA]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwOpenProcess [0x913A3282]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwOpenThread [0x913A3482]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwProtectVirtualMemory [0x913A35C2]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwQueryValueKey [0x913A785E]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwRenameKey [0x913A77A8]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwReplaceKey [0x913A77EA]
SSDT   923691C0                                                                                                                                ZwRequestWaitReplyPort
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwRestoreKey [0x913A7824]
SSDT   923691BB                                                                                                                                ZwSetContextThread
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwSetInformationFile [0x913A3F6A]
SSDT   923691C5                                                                                                                                ZwSetSecurityObject
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwSetValueKey [0x913A769C]
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwSuspendThread [0x913A2FE6]
SSDT   923691CA                                                                                                                                ZwSystemDebugControl
SSDT   92369157                                                                                                                                ZwTerminateProcess
SSDT   \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys                                                                                 ZwTerminateThread [0x913A2F46]

---- Kernel code sections - GMER 2.0 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                                                                84274A49 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                                  842AE4D2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10FF                                                                                                     842B5534 8 Bytes  [6E, 30, C3, 92, 36, 39, C3, ...] {OUTS DX, BYTE [ESI]; XOR BL, AL; XCHG EDX, EAX; CMP EBX, EAX; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1153                                                                                                     842B5588 4 Bytes  [DA, 30, 3A, 91]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1193                                                                                                     842B55C8 4 Bytes  [C4, 2A, C3, 92] {LES EBP, [EDX]; RET ; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11AF                                                                                                     842B55E4 4 Bytes  [A6, 3C, 3A, 91] {CMPSB ; CMP AL, 0x3a; XCHG ECX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11BF                                                                                                     842B55F4 4 Bytes  [C6, E1, C4, 92]
.text  ...                                                                                                                                     
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                                section is writeable [0x93835000, 0x3617E0, 0xE8000020]
PAGE   peauth.sys                                                                                                                              A8F5E02C 102 Bytes  JMP 8577158A 

---- User code sections - GMER 2.0 ----

.text  C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[976] ntdll.dll!KiUserApcDispatcher                                         76EC6F38 5 Bytes  JMP 00414FF0 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)
.text  C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[976] WS2_32.dll!getaddrinfo                                                76474296 5 Bytes  JMP 71A50022 
.text  C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[976] WS2_32.dll!gethostbyname                                              76487673 5 Bytes  JMP 71AE0022 
.text  C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1948] USER32.dll!GetUpdateRect + CF                                                 7670A644 5 Bytes  JMP 20CB9266 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text  C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2172] ntdll.dll!KiUserApcDispatcher                                            76EC6F38 5 Bytes  JMP 0043A7C0 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (RapportService/Trusteer Ltd.)
.text  C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2172] WS2_32.dll!getaddrinfo                                                   76474296 5 Bytes  JMP 71A50022 
.text  C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2172] WS2_32.dll!gethostbyname                                                 76487673 5 Bytes  JMP 71AE0022 

---- Kernel IAT/EAT - GMER 2.0 ----

IAT    \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                                                     [92C38592] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                                                      [92C37DA0] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                                               [92C364F6] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                                                 [92C37F4A] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                                                [92C37F4A] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                                                    [92C38592] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                                                     [92C37DA0] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                                                              [92C364F6] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                                                 [92C37F4A] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                                               [92C364F6] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                                                     [92C38592] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT    \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                                                      [92C37DA0] \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

---- User IAT/EAT - GMER 2.0 ----

IAT    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!RegisterWaitForSingleObject]  [6F731F20] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]               [6F7320F0] C:\Program Files\CheckPoint\ZoneAlarm\vsinit.dll (TrueVector Service/Check Point Software Technologies LTD)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                         [712D24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                    [712B562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                   [712B56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                          [712D2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                [712C85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                  [712C4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                 [712C5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                [712C51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                                       [712C6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                 [712C8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                            [712C8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                          [712C90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                [712CE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2092] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                    [712C4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\System32\rundll32.exe[3620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                                   [74F0FFF6] C:\Windows\system32\apphelp.dll (Biblioteca de compatibilidad de aplicaciones cliente/Microsoft Corporation)
IAT    C:\Windows\System32\rundll32.exe[3620] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                                    [74F0FFF6] C:\Windows\system32\apphelp.dll (Biblioteca de compatibilidad de aplicaciones cliente/Microsoft Corporation)
IAT    C:\Windows\System32\rundll32.exe[3620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                                 [74F0FFF6] C:\Windows\system32\apphelp.dll (Biblioteca de compatibilidad de aplicaciones cliente/Microsoft Corporation)
IAT    C:\Windows\System32\rundll32.exe[3620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                                  [74F0FFF6] C:\Windows\system32\apphelp.dll (Biblioteca de compatibilidad de aplicaciones cliente/Microsoft Corporation)
IAT    C:\Windows\System32\rundll32.exe[3620] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                                  [74F0FFF6] C:\Windows\system32\apphelp.dll (Biblioteca de compatibilidad de aplicaciones cliente/Microsoft Corporation)

---- Registry - GMER 2.0 ----

Reg    HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\000272199da2 (not active ControlSet)                                         
Reg    HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\000272199da2@347e39598841                                                    0xE2 0x25 0xAA 0x9D ...
Reg    HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\000272199da2@02bdada3574b                                                    0xD2 0x44 0x63 0x3A ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272199da2                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272199da2@347e39598841                                                0x32 0x7E 0x20 0x4E ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272199da2@e8e5d6a2163e                                                0x98 0x54 0x37 0x7D ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000272199da2@6ca780e4fd55                                                0x14 0x5D 0xA3 0x4C ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\222222222222                                                             
Reg    HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\000272199da2 (not active ControlSet)                                         
Reg    HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\000272199da2@347e39598841                                                    0x32 0x7E 0x20 0x4E ...
Reg    HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\000272199da2@e8e5d6a2163e                                                    0x98 0x54 0x37 0x7D ...
Reg    HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\000272199da2@6ca780e4fd55                                                    0x14 0x5D 0xA3 0x4C ...
Reg    HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\222222222222 (not active ControlSet)                                         

---- EOF - GMER 2.0 ----
         
--- --- ---

Alt 04.02.2013, 01:45   #2
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )





1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 04.02.2013, 16:10   #3
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Hi t'John,

Vielen Dank für Deine Antwort !
Hier schon 'mal der "Malware-log":

Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.04.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
ALF :: ALF-PC [Administrator]

Schutz: Aktiviert

04/02/2013 8:18:00
mbam-log-2013-02-04 (08-18-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 700557
Laufzeit: 7 Stunde(n), 48 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Und noch einmal "Hallo" t'John !

Hier nun der OTL-log:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04/02/2013 16:16:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ALF\Desktop\Data In
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2,97 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 20,17% Memory free
5,93 Gb Paging File | 3,27 Gb Available in Paging File | 55,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 381,75 Gb Total Space | 287,31 Gb Free Space | 75,26% Space Free | Partition Type: NTFS
Drive D: | 304,48 Gb Total Space | 279,62 Gb Free Space | 91,84% Space Free | Partition Type: NTFS
Drive G: | 244,43 Gb Total Space | 170,31 Gb Free Space | 69,67% Space Free | Partition Type: NTFS
 
Computer Name: ALF-PC | User Name: ALF | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ALF\Desktop\Data In\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Archivos de programa\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
PRC - C:\Archivos de programa\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Archivos de programa\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Archivos de programa\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Archivos de programa\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Archivos de programa\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Archivos de programa\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Archivos de programa\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Archivos de programa\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Archivos de programa\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - c:\Archivos de programa\Ocster Backup\bin\backupService-ox.exe ()
PRC - c:\Archivos de programa\Ocster Backup\bin\oxHelper.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Archivos de programa\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\snuvcdsm.exe ()
PRC - C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Archivos de programa\Mozilla Firefox\mozjs.dll ()
MOD - C:\Archivos de programa\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Archivos de programa\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Archivos de programa\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Archivos de programa\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll ()
MOD - C:\Archivos de programa\FileZilla FTP Client\fzshellext.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\oxHelper.exe ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxmsw28u_xrc_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxbase28u_xml_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxmsw28u_html_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxmsw28u_adv_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxmsw28u_core_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxbase28u_net_vc_ox.dll ()
MOD - c:\Archivos de programa\Ocster Backup\bin\wxbase28u_vc_ox.dll ()
MOD - C:\Archivos de programa\OpenOffice.org 3\program\libxslt.dll ()
MOD - C:\Archivos de programa\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\_socket.pyd ()
MOD - C:\Archivos de programa\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\snuvcdsm.exe ()
MOD - C:\Archivos de programa\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (RoxLiveShare9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Archivos de programa\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NitroReaderDriverReadSpool3) -- C:\Archivos de programa\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
SRV - (SkypeUpdate) -- C:\Archivos de programa\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RapportMgmtService) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (AdobeARMservice) -- C:\Archivos de programa\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Archivos de programa\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Archivos de programa\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (vsmon) -- C:\Archivos de programa\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Archivos de programa\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (TeamViewer7) -- C:\Archivos de programa\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SolutoService) -- C:\Archivos de programa\Soluto\SolutoService.exe (Soluto)
SRV - (ocster_backup) -- c:\Archivos de programa\Ocster Backup\bin\backupService-ox.exe ()
SRV - (ServiceLayer) -- C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WMPNetworkSvc) -- C:\Archivos de programa\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WefiEngSvc) -- D:\Program Files\WeFi\WeFi\WefiEngSvc.exe (WeFi)
SRV - (TomTomHOMEService) -- C:\Archivos de programa\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.)
SRV - (EPSON_EB_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Archivos de programa\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (DfSdkS) -- C:\Archivos de programa\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe (mst software GmbH, Germany)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Archivos de programa\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (ZTEusbwwan) -- system32\DRIVERS\ZTEusbwwan.sys File not found
DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (ZTEusbMB) -- system32\DRIVERS\ZTEusbnmeaext2.sys File not found
DRV - (USBZTECCID) -- system32\DRIVERS\ZTEusbccid.sys File not found
DRV - (StarOpen) --  File not found
DRV - (massfilter_hs) -- system32\drivers\massfilter_hs.sys File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found
DRV - (connctfyMP) -- system32\DRIVERS\connctfy.sys File not found
DRV - (connctfy) -- system32\DRIVERS\connctfy.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (RapportEI) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Archivos de programa\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ISWKL) -- C:\Archivos de programa\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (RapportCerberus_43926) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RapportIaso) -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportIaso.sys (Trusteer Ltd.)
DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)
DRV - (PfFilter) -- D:\Program Files\Protected Folder\pffilter.sys (IObit Information Technology)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (SndTAudio) -- C:\Windows\System32\drivers\SndTAudio.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (MxEFUF) -- C:\Windows\System32\drivers\MxEFUF32.sys (Matrox Graphics Inc.)
DRV - (nusb3xhc) -- C:\Windows\System32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\Windows\System32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.)
DRV - (GTUHSNDISIPXP) -- C:\Windows\System32\drivers\gtuhs51.sys (Option N.V.)
DRV - (GTUHSBUS) -- C:\Windows\System32\drivers\gtuhsbus.sys (Option N.V.)
DRV - (GTUHSSER) -- C:\Windows\System32\drivers\gtuhsser.sys (Option N.V.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (BTHprint) -- C:\Windows\System32\drivers\BTHPRINT.SYS (Microsoft Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (LMouFlt2) -- C:\Windows\System32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\Windows\System32\drivers\L8042pr2.Sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\Windows\System32\drivers\LHidFlt2.Sys (Logitech, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.generali.es/
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - No CLSID value found
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes,DefaultScope = {D869B938-C7F1-4C79-ADC3-38B3E3BC65F5}
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=111304&babsrc=SP_ss&mntrId=7a93f7d200000000000022234d6aafb3
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{3D82539A-C356-4F03-8E2D-53518777EFE9}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=kw&q={searchTerms}&locale=&apn_ptnrs=6F&apn_dtid=YYYYYYYYES&apn_uid=4ba848d7-eaca-443a-98a2-f3711779ac95&apn_sauid=D69D4D23-51CF-48BB-B6BE-50A44B1A3F6F
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\SearchScopes\{D869B938-C7F1-4C79-ADC3-38B3E3BC65F5}: "URL" = hxxp://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - prefs.js..extensions.enabledAddons: amin.eft_bmnotes%40gmail.com:2.7.9
FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: simpletimer%40grbradt.org:1.13
FF - prefs.js..extensions.enabledAddons: spam%40trashmail.net:2.6.2
FF - prefs.js..extensions.enabledAddons: stopwatch%40mercille.org:0.8.4
FF - prefs.js..extensions.enabledAddons: webmaster%40whoisdomain.net:3.0
FF - prefs.js..extensions.enabledAddons: %7B5546F97E-11A5-46b0-9082-32AD74AAA920%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: bossknb%40ttt-jl.blogspot.com:3.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.5.3
FF - prefs.js..extensions.enabledItems: {AA052FD6-366A-4771-A591-0D8DC551585D}:1.1.21
FF - prefs.js..extensions.enabledItems: spam@trashmail.net:2.5.4
FF - prefs.js..extensions.enabledItems: stopwatch@mercille.org:0.8.4
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {FBFB7597-9E32-46b4-A500-8B6B0412777F}:0.9
FF - prefs.js..extensions.enabledItems: {5546F97E-11A5-46b0-9082-32AD74AAA920}:0.5.5.9
FF - prefs.js..extensions.enabledItems: simpletimer@grbradt.org:1.10
FF - prefs.js..extensions.enabledItems: firedownload@mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {db131c55-60c8-4adc-84dc-9e76ab06e2dc}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: amin.eft_bmnotes@gmail.com:2.5B
FF - prefs.js..extensions.enabledItems: {9c905b42-976e-43c1-bc30-fc5937017909}:3.3.3.2
FF - prefs.js..extensions.enabledItems: support@free-hideip.com:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {0002ee26-8c11-49eb-9cdf-56eeffef664f}:3.3.3.2
FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: D:\Program Files\Nueva carpeta\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@sun.com/npsopluginmi;version=1.0: C:\Program Files\OpenOffice.org 3\program [2010/07/21 17:58:38 | 000,000,000 | ---D | M]
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ALF\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ALF\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/26 13:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/26 13:39:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/01/06 17:30:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2013/01/11 09:02:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013/01/23 16:07:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Developer Preview 3.7a4webm\extensions\\Components: C:\Program Files\Mozilla Developer Preview\components [2012/11/09 19:26:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Developer Preview 3.7a4webm\extensions\\Plugins: C:\Program Files\Mozilla Developer Preview\plugins [2013/01/30 19:00:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/25 14:29:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/30 19:00:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/25 14:29:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/30 19:00:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 15:01:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011/09/28 19:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Extensions
[2011/09/28 19:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/06 18:57:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010/08/22 18:22:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/02/03 10:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions
[2010/03/26 19:34:58 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2013/01/11 21:18:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/01/25 08:56:08 | 000,000,000 | ---D | M] (QuickFox Notes) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions\amin.eft_bmnotes@gmail.com
[2013/01/09 20:14:56 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions\firefox@ghostery.com
[2010/02/23 16:23:43 | 000,000,000 | ---D | M] (Stopwatch) -- C:\Users\ALF\AppData\Roaming\mozilla\Firefox\Profiles\3xr45n3g.default\extensions\stopwatch@mercille.org
[2010/12/28 18:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\Sunbird\Profiles\bhxhqc22.default\extensions
[2010/11/26 20:17:14 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\ALF\AppData\Roaming\mozilla\Sunbird\Profiles\bhxhqc22.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2013/02/03 10:21:46 | 000,011,503 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\bossknb@ttt-jl.blogspot.com.xpi
[2011/07/07 15:36:31 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\browserprotect@browserprotect.com.xpi
[2012/11/02 19:54:06 | 000,156,725 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\simpletimer@grbradt.org.xpi
[2012/08/04 13:51:48 | 000,217,069 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\spam@trashmail.net.xpi
[2011/09/16 09:10:29 | 000,010,642 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\webmaster@whoisdomain.net.xpi
[2011/09/24 08:19:46 | 000,046,721 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}.xpi
[2012/12/26 16:00:51 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2012/06/03 01:03:45 | 000,202,062 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\{AA052FD6-366A-4771-A591-0D8DC551585D}.xpi
[2012/12/11 20:53:58 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2011/08/19 18:24:34 | 000,002,689 | ---- | M] () -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\searchplugins\askcom.xml
[2012/08/10 10:46:52 | 000,005,406 | ---- | M] () -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\searchplugins\googlecom-in-english.xml
[2010/02/25 20:33:30 | 000,002,149 | ---- | M] () -- C:\Users\ALF\AppData\Roaming\mozilla\firefox\profiles\3xr45n3g.default\searchplugins\MyStart Search.xml
[2012/11/06 11:31:14 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2013/01/25 14:29:01 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013/01/25 14:28:56 | 000,001,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/08/10 10:46:52 | 000,002,134 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2013/01/25 14:28:56 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/01/25 14:28:56 | 000,001,148 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2013/01/25 14:28:56 | 000,001,379 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2013/01/25 14:28:56 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2013/01/25 14:28:56 | 000,001,334 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2011/02/03 20:37:29 | 000,000,822 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Archivos de programa\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Archivos de programa\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Archivos de programa\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\Toolbar\WebBrowser: (no name) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No CLSID value found.
O3 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\Toolbar\WebBrowser: (no name) - {9C905B42-976E-43C1-BC30-FC5937017909} - No CLSID value found.
O3 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Archivos de programa\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (Sonix Technology Co., Ltd.)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (Sonix Technology Co., Ltd.)
O4 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1009..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\ALF\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ALF\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: desk.com ([otixo] http in Sitios de confianza)
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: gob.es ([agenciatributaria] https in Sitios de confianza)
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: nne.es ([intraneting] https in Sitios de confianza)
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: nne.es ([recomendador] https in Sitios de confianza)
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: nne.es ([servicios1] https in Sitios de confianza)
O15 - HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\..Trusted Domains: nne.es ([serviciost1] https in Sitios de confianza)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Between%20the%20Worlds/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} https://www5.aeat.es/es13/h/tgvicab.cab (CtlTGVI Class)
O16 - DPF: {7CBD657F-F647-40EE-BE7A-094704C1379D} https://serviciost1.nne.es/gic_esn/21215/applets/SiebelAx_HI_Client.cab (Siebel High Interactivity Framework)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {947B00D2-962D-4A35-9E48-98EE6A442B41} https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab (OAdedinet Class)
O16 - DPF: {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab (AeatCtl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D78BEFF9-82FF-494D-8D9C-2814D9EB465C} https://serviciost1.nne.es/gic_esn/21215/applets/SiebelAx_Calendar.cab (Siebel Calendar)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE10B7F9-912B-4B55-BABC-8DAE4498517D}: DhcpNameServer = 80.58.61.250 80.58.61.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/03/20 16:42:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9d7c9365-eac9-11e0-bf8a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9d7c9365-eac9-11e0-bf8a-806e6f6e6963}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe
O33 - MountPoints2\{ffe19bc7-8afd-11e1-9bbc-001eeccb697c}\Shell - "" = AutoRun
O33 - MountPoints2\{ffe19bc7-8afd-11e1-9bbc-001eeccb697c}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/04 08:17:22 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/02/03 18:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/03 18:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/03 18:28:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/02/03 14:44:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/02/03 14:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/03 14:03:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/02/03 14:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/02 15:06:31 | 000,000,000 | ---D | C] -- C:\Users\ALF\Documents\The Lonely Hearts Murders CE
[2013/02/01 12:31:07 | 000,000,000 | ---D | C] -- C:\Program Files\Novel Games
[2013/01/23 18:02:17 | 000,000,000 | ---D | C] -- C:\Users\ALF\Desktop\Tintin
[2013/01/23 16:14:07 | 000,000,000 | ---D | C] -- C:\Users\ALF\Desktop\El Cambio
[2013/01/23 16:10:56 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/01/23 16:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/01/23 16:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013/01/23 16:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013/01/22 12:22:47 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\northern_tale_bfg_en
[2013/01/19 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\SoulseekQt
[2013/01/18 09:20:05 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\Nitro
[2013/01/18 09:20:05 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\FileOpen
[2013/01/18 09:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2013/01/18 09:19:41 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2013/01/18 09:19:41 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2013/01/18 09:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2013/01/18 09:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro
[2013/01/18 09:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013/01/18 09:18:05 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\Downloaded Installations
[2013/01/17 13:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoner
[2013/01/17 13:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Phoner
[2013/01/15 18:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2013/01/15 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Free PDF to Word Doc Converter
[2013/01/15 18:35:16 | 000,000,000 | ---D | C] -- C:\Users\ALF\AppData\Roaming\GrandMA Studios
[2013/01/14 12:09:47 | 000,000,000 | ---D | C] -- C:\Users\ALF\Documents\Skype Voice Records
[2013/01/14 12:09:47 | 000,000,000 | ---D | C] -- C:\Users\ALF\Documents\Clownfish Avatars
[2013/01/14 12:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Clownfish
[2013/01/14 12:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2013/01/11 09:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/01/09 20:27:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/09 20:27:15 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/09 20:26:20 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013/01/09 20:26:20 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013/01/09 20:26:20 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013/01/09 20:26:20 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013/01/09 20:26:20 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013/01/09 20:26:19 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013/01/09 20:26:19 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013/01/09 20:26:19 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/01/09 20:26:19 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013/01/09 20:26:18 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/01/09 20:26:18 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/01/09 20:26:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013/01/09 20:26:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013/01/09 20:26:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/01/09 20:26:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013/01/09 20:26:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013/01/09 20:25:21 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013/01/09 20:25:21 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/01/09 20:25:20 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 20:25:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 20:25:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 20:25:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 20:25:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 20:25:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 20:25:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 20:25:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 20:25:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 20:25:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 20:25:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 20:25:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 20:25:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 20:19:33 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013/01/09 15:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/04 15:52:04 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/04 08:17:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/02/04 08:02:15 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/04 08:02:15 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/04 07:53:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/04 07:53:18 | 2389,512,192 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/31 21:52:28 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/31 21:52:28 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/31 13:45:23 | 000,521,376 | ---- | M] () -- C:\Users\ALF\Desktop\CIF y co....pdf
[2013/01/27 20:55:34 | 000,753,812 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2013/01/27 20:55:34 | 000,660,474 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/27 20:55:34 | 000,161,344 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2013/01/27 20:55:34 | 000,124,470 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/25 11:41:49 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/15 22:32:20 | 000,125,897 | ---- | M] () -- C:\Users\ALF\Desktop\manual_empregador_espa.pdf
[2013/01/14 22:39:34 | 000,027,152 | ---- | M] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll
[2013/01/14 22:39:34 | 000,018,448 | ---- | M] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll
[2013/01/11 09:04:59 | 000,415,933 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2013/01/09 20:57:27 | 000,432,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/07 07:32:12 | 000,336,896 | ---- | M] () -- C:\Windows\System32\ZSHP2600.EXE
[3 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/03 14:59:25 | 000,125,952 | ---- | C] () -- C:\Windows\System32\ZLhp2600.DLL
[2013/01/31 21:05:11 | 000,000,838 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/31 13:45:23 | 000,521,376 | ---- | C] () -- C:\Users\ALF\Desktop\CIF y co....pdf
[2013/01/18 09:19:29 | 000,002,517 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013/01/15 22:32:20 | 000,125,897 | ---- | C] () -- C:\Users\ALF\Desktop\manual_empregador_espa.pdf
[2013/01/07 07:32:12 | 000,336,896 | ---- | C] () -- C:\Windows\System32\ZSHP2600.EXE
[2012/08/02 14:57:25 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012/05/20 11:22:33 | 000,021,125 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012/01/15 14:21:01 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2012/01/05 19:47:57 | 000,000,084 | ---- | C] () -- C:\Windows\winamp.ini
[2011/09/21 16:10:07 | 001,766,784 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011/09/21 16:10:07 | 000,034,048 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011/09/21 16:10:07 | 000,030,080 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011/09/21 16:10:06 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011/08/03 18:44:10 | 003,119,571 | ---- | C] () -- C:\Program Files\lightning-1.0b5-sm_tb-windows.xpi
[2011/08/02 16:43:41 | 000,000,041 | ---- | C] () -- C:\Users\ALF\AppData\Roaming\TheHunterSettings_local.cfg
[2011/07/25 14:16:53 | 000,000,292 | ---- | C] () -- C:\Users\ALF\AppData\Local\HamsterBookConverter.cfg
[2011/07/09 23:29:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011/07/08 10:41:32 | 000,571,824 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2011/06/29 10:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\adedinet.dll
[2011/06/14 16:05:01 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/06/13 06:41:06 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/06/13 06:41:01 | 000,224,001 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/06/08 16:48:12 | 000,258,506 | ---- | C] () -- C:\Windows\hpwins19.dat
[2011/06/08 16:48:12 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
[2011/06/03 12:05:04 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/06/03 12:05:04 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/06/03 12:05:04 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/06/03 12:05:04 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/06/03 12:05:04 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/06/03 12:05:04 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/06/03 12:05:04 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/06/03 12:05:04 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/06/03 12:05:04 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/06/03 12:05:04 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011/06/03 12:05:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/06/03 12:05:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/06/03 12:05:04 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/06/03 12:05:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/06/03 12:05:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/06/03 12:05:04 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011/06/03 12:05:04 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011/06/03 12:05:04 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/06/03 12:05:04 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/05/24 06:41:17 | 000,000,279 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2011/05/19 18:20:49 | 000,000,032 | ---- | C] () -- C:\Windows\CDEBX300DEFGIPS.ini
[2011/05/17 16:41:14 | 000,488,448 | ---- | C] () -- C:\Windows\System32\apdfprintmon.dll
[2011/05/04 10:34:51 | 000,037,256 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2011/04/09 22:10:20 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini
[2011/03/29 12:46:10 | 000,000,218 | ---- | C] () -- C:\Users\ALF\.recently-used.xbel
[2011/03/25 11:23:47 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2011/03/15 14:09:43 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/03/12 11:39:02 | 000,063,978 | ---- | C] () -- C:\Users\ALF\.cxpg63spc.dat
[2011/03/07 09:25:30 | 000,114,688 | R--- | C] () -- C:\Windows\System32\vshp2600.dll
[2011/02/10 07:58:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/10/01 11:36:38 | 000,008,336 | ---- | C] () -- C:\Users\ALF\AppData\Roaming\605op5.xml
[2010/10/01 11:33:23 | 000,000,779 | ---- | C] () -- C:\Users\ALF\AppData\Roaming\users.xml
[2010/09/22 10:24:05 | 000,151,552 | ---- | C] () -- C:\Users\ALF\AppData\Roaming\SharedSettings.ccs
[2010/08/28 17:11:15 | 000,007,609 | ---- | C] () -- C:\Users\ALF\AppData\Local\Resmon.ResmonCfg
[2010/08/08 16:51:32 | 000,000,656 | RHS- | C] () -- C:\Users\ALF\ntuser.pol
[2010/05/19 19:38:59 | 000,001,374 | ---- | C] () -- C:\Users\ALF\AppData\Roaming\fastcopy.ini
[2010/03/18 19:42:30 | 000,000,042 | ---- | C] () -- C:\ProgramData\.SimImages
[2010/03/03 15:59:09 | 000,013,824 | ---- | C] () -- C:\Users\ALF\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/21 11:38:35 | 003,618,869 | ---- | C] () -- C:\Program Files\xpage6se.jar
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/08/21 14:34:24 | 000,351,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:B1381B34
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:581C05D1
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:A63C157F
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:78E0DF72
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:B47F9D81
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:07241935
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:B1CD2545
@Alternate Data Stream - 17 bytes -> C:\Users\ALF\ALFRED:zylomtr{000HQ7FF-AD7A-3FG5-FGLT-28R1BF9D2VUL}
@Alternate Data Stream - 17 bytes -> C:\Users\ALF\ALFRED:zylomtr{000HQ7FF-AD7A-3FG5-EG1B-25KGP2UCCVUF}
@Alternate Data Stream - 16 bytes -> C:\Users\ALF\ALFRED:zylomtr{000HQ7FF-AD7A-3FG4-0ANJ-25JQU97JCVVO}
@Alternate Data Stream - 16 bytes -> C:\Users\ALF\ALFRED:zylomtr{00013KEU-UKQE-K6V0-OT7U-252VEQ1T6VVN}
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:5C5F2761
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:53F09A92
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:F7FFE8AF
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:319D783D
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:0410A323
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:E6B95E40
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E87AB4E3
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:B65E763D
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:2F474C84
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:F7BF538D
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:F5E8CAE0
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:E6BEADB7
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:9BB8C675
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:7BE5BAAB
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:737160C1
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:012BC84F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:F610C203
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:7BFFC6A9
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:43F5FA9D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:40EE25BB
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:164561C8
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:FD7DCDA6
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:ED2D63E4
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:E690114B
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:DB76C881
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:C76CFF82
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:B0A727D1
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:AED4A2B7
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:A8DFD30C
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:A819A132
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:3EC5BC08
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:140AD176
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:12D21A9A
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:C48A983C
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:B54E4B5A
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:6CF828C2
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:3D6B89CE
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:244E4E3A
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:12D9D48F
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0168CC60
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:00D99749
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:C7F08EA3
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:BD0A043E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8AED9359
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:84C34762
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:774C075A
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:4E79C4F8
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:4244811A
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:3F266659
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:2F70C0B4
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0EC7A545
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:025DF3DE
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:A05F750A
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:94B46CA2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3E8A3E87
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:FFC3922F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:DC0B1070
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:BE6B5FC3
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:6294B369
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:5FC043A8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:44B25519
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:2495D97A
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:12383CAE
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:000D6A25
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:F9689B72
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:9FD757A9
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:8DD20B4A
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:5ECEFF17
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:474022C7
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:46283136
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:2636DE16
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0696EC8E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:FC70A22A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:9195103F
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:89CF6F9C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:7DC5D762
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:79875988
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:609CAC7C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:56EE2CAF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4D8FCBEF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4C8FA829
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:2AC146B9
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:16F4BC64
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:13019F4B
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:E894A3ED
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D7D0B4AF
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D6D084A5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:91DEEE71
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:8855A119
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:7D04F8E2
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:795F6DEC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:689AB7E9
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:32289BE8
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:041C0562
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:BCFEA004
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:A798AA1A
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:7BB584AA
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:6E2D80C8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:627153F1
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:4C3D5A8B
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:4B1195DD
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3AF262FC
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:3969ACF7
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:26A148EB
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:F41E22A9
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:C6104C4F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:BF6A2C54
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:B8EB1B99
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A6F30843
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:9A7BF72D
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:8BE7A048
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:512E1728
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:4AC7B5C1
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:18B5F839
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:17EB5BAE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:EFBD4447
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:EC855C73
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E7B4296D
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:B6D84F71
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:6212DF7A
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:5D10C56A
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:5A9F1AE5
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:553056F1
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3E200C29
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:25249477
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:F13867C6
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E6C6EB3B
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:CCB49694
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:C49A5AD1
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:C3A047E3
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:B3196E8D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A0921B2C
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:99B20AD0
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:80F63EC3
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:54403233
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:120B3AFD
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:F8F070C2
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:EE198B1F
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C37283B5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C178954A
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:BECA50FF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:A4241298
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:89C28CF6
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:80EA2EA3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:7E8EE1D0
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:6247E766
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:42A3BDD7
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3AD6342E
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:2C86E2AD
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:2AD33723
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:E895790F
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:C36B1175
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:C2F24DB5
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B6E58523
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B36361EE
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A7CC0E50
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:A76A1B1B
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:9A88B65D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:9720EBEF
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:905BCB57
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4A448DB2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:386B39C3
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2C84CA43
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:1FA4C06F
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:18A6D2CC
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:14B2E0BD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0E22C5DB
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:E86124A0
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:DC7EDF41
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:D9656460
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C0893153
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:BBCB4421
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:B3A5945E
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:6ED8B881
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:68A41423
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:55E1514E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F89F2593
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F52DB269
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:DE875C30
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A5584049
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:9F3CEEE6
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:7ADB695A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4F7FE589
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:378824DE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2C678471
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2AE74FF9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1D6B18F1
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:1C201DEB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:F8DE80DB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E4E83517
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:D8D58038
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:C82CA1C0
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:9FF06C79
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:9F81E94D
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:997DA6D7
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:96372A73
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:943971F5
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:7BB20DE8
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:6ECE93A8
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:697DDE2B
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:52C24010
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:2E3F04BC
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:1604D047
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:008586AE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:FD6D11C9
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CA0CE093
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:9B721CFF
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:90C320E1
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5E73E1C2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:53DF4438
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5080697C
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:31C9BA96
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:302ECBD6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:10CB85CA
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07D9FF25
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:02172F27
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB4262DE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E40D7F76
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:D3A89E47
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C0BCE04B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AED33A42
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A9056F42
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A88BE334
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:9F38BF31
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:98982C88
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:85E06CCA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:71612023
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:71112705
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:2B885D7E
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:067F588D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:DE6EED8B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:D999FFD5
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C5E2BAEE
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C0A9B815
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:BD34FFC5
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B845F669
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B30D9A49
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9EE6560D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:700B9342
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5FFC2819
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5FA4CB99
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:2E636DD9
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:1A5207FA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:EBF0842B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DD04902E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:DBC3D477
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D621CFB8
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C7973317
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B8791731
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:9E00596C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:927EC486
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:70BDB805
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4CD3F344
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:3DB6F365
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1B7E2022
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0E684AC9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:EE2DD6CC
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E51234A9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E2CFA9CD
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CA23BCFD
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B1786630
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:AA0017FD
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:95079543
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:71AEFFEB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:678C1866
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4B3648ED
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:19474103
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:084612C9
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:02CC0035
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:BF2E2F0E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:B4258C5D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:710768C7
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2871B698
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:1CDEDE11
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:12258D63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D4558A0B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AFC732F7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:AECF4772
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A57500CB
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8924043A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8318A814
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:67CF910D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5133A494
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:F26F5952
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:ED51D3ED
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:E3615992
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C30487EE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9D06FB9C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:981456CB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:73AFBB96
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:6AF6BB0E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:65AB2A58
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5539129F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:4D551822
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:397D67BA
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3086B95F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:268BA8AB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1B389835
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:070D9534
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E29063FF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9C3AAD57
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:72A1B66A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6F0B6A5A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:56FBA78D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:2B9555D8
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:2211E7A0
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:14A1BBE3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:ED0B32CA
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:AAA06E15
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:AA0BC725
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:A60D0FA6
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:63210866
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5EF1AD34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:405D842B
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:1ECED34B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:F5B51004
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:F1C8B957
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:EF0C5444
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E3B5F2D1
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CDCDE97C
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:BF6C81B2
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:B190BE3A
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:ADE2C1A6
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:709E81D4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:35501BA4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:2F360FB3
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:20EB6823
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:1CB4A530
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:1416AAA6
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:05321270
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CD9109D4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:CC4C59B4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:A774141A
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:7FCB9D0D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:65137F0D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5ACE199E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:48862C37
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:46CBC45C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:371060CE
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:370E4EFB
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:2B40A7DB
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:041ED421
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F6A0889A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F57D2F43
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E5496666
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:C78DADEA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:C368C9EA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A8185163
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8075370B
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:78AFAE94
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:774A0E14
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:75798D9A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:6BFA43EB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2F1D743F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2AF322BF
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2979C892
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:26499772
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:11590865
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:92806EDF
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E5B07840
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B0456F0C
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:65B8AF94
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:FC2D0F32
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:961B84C5
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9491C9C7
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:834585BE
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:71F04C26
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:55E3C0E0
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:3B454A5C
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:26EDB636
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:53B8C5D2
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:DD6F157A
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:C5DC2B0C
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:91A12471
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4EFA2FC7
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:2B1EA607
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:F568DD7B
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:C48905F4
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:75CC0165
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:50636E35
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:1F67CD26
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:3595B780
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:124B94C0
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:E32966C0
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:90D89144
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D8C96088
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:090FB735
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:ABC43604
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:109734F6
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:CFF21EA7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:A19A9C88
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:F55478C5
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:12C2EF8D
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DBEF355E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A91EC54E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:95198126
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:22D48BE5
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:F076D78C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:047D0F14
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:D853F961
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:38BFF11F
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:27D1368B

< End of report >
         
--- --- ---


Soweit ich das gesehen habe, ist da nix...
__________________

Alt 04.02.2013, 16:52   #4
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Und der OTL-log 2...OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04/02/2013 16:16:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ALF\Desktop\Data In
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c0a | Country: España | Language: ESN | Date Format: dd/MM/yyyy
 
2,97 Gb Total Physical Memory | 0,60 Gb Available Physical Memory | 20,17% Memory free
5,93 Gb Paging File | 3,27 Gb Available in Paging File | 55,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 381,75 Gb Total Space | 287,31 Gb Free Space | 75,26% Space Free | Partition Type: NTFS
Drive D: | 304,48 Gb Total Space | 279,62 Gb Free Space | 91,84% Space Free | Partition Type: NTFS
Drive G: | 244,43 Gb Total Space | 170,31 Gb Free Space | 69,67% Space Free | Partition Type: NTFS
 
Computer Name: ALF-PC | User Name: ALF | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = JSFile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- Reg Error: Value error.
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- Reg Error: Value error.
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18F15FD6-0DB9-4AB4-BC6F-0310A6B81B74}" = lport=137 | protocol=17 | dir=in | app=system | 
"{1A3CD42F-0ABA-4540-AFEF-705B50861633}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2B6F0270-F95C-4A9F-B588-4AE6D9CD0EB3}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2DC8253C-A411-4AC4-82E0-A96BDD9E6EC9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{32843417-98B0-46B6-8F0C-524EA494B072}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{41C58813-7CE7-4F45-A036-415464EB3819}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4507448F-65BD-40C2-92F4-F33987170F00}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{491FADEA-776B-4D66-8ABF-47FD81156CE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4C8E7E5A-8AC1-4CFB-8702-369B56A26DB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5D2410BC-E153-41F8-83D4-D0F0EB95CAEC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6315DC09-37F4-4577-9117-18B735921AF5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{680321CA-5CC6-4A32-BCC9-796A651DC174}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{685ABD01-4E33-45A0-8D8D-A1335EC85EFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{73949364-4459-4C45-A975-C75C93A4ADF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{87DDF16D-A17B-4C20-9ECC-A06511E84380}" = rport=138 | protocol=17 | dir=out | app=system | 
"{89F7BEDC-7048-4A86-9260-59EC8356DEC6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{9199036D-1DE6-4D1D-A1FF-9E8840AEFCF3}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{95771878-9508-408D-907D-4B23BA5575D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{97E54136-7399-4DE4-801F-5450A2CF441B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9D7878DD-3E32-446B-BA53-582563136A56}" = rport=137 | protocol=17 | dir=out | app=system | 
"{9F10301C-5899-4E19-A7F2-060F5256A56A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A5C5191E-FDF4-47F5-89A5-D6965119B350}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B0C1C279-F1F7-4178-BFA7-22480BAC073B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C80472F9-F03D-401E-B54C-092E8F028EC4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CBB32FD0-EC2D-44D8-9309-26539B1FE2E2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{CD5CD9D9-5DEB-4441-ABA0-4A0A11D80330}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D17C15EE-D7E3-4D32-923E-764F5C9DE6D8}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D4CCB699-EE35-401A-B282-95C4099C8EE8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F30C3431-789A-4E6D-AE04-27E91B50D421}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F3A7BCC2-F561-4E57-8BB0-26022E0AB990}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F8AF11A7-400C-423D-9F53-B2E2A7BB1AE4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{FC25292E-D336-43C5-A426-6FB8A0D02D61}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050014BC-42F7-410F-AEC5-628614B92FD7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{0A4C9A14-588E-402B-A480-FC342497BFFA}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{0A5101E5-4FF0-4177-BD06-B290760E3181}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{0DAF0353-0D17-416D-8FD9-DC8F441394E9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{12FCCFCE-E9B7-4A40-BBA2-65D304ECED23}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{2B5B6147-2970-4EDD-BC2D-337EADD25375}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{2DB39A89-EF46-4EBF-B1E7-881588A62615}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 
"{445B4418-ADD7-4036-AC52-906B894C83E0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{47EC70D2-31FD-4C62-99DD-95D7173A5F83}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5E26DFD0-210B-4A28-8CEB-CD59B2B379BB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{5E7FFC78-C1BB-4E38-9166-87C435B206A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{65EA8FC5-8A59-47C0-92CF-62BB4B8368C5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{747F9B80-09F3-4118-98D9-376EB683E445}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{76AC80F7-C876-4F4C-A3D1-6F27D714B0A8}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{7B3559D5-85BF-496D-9BC6-50791A5608BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8D14FBA3-2A32-41EE-9208-B4A69C4AE976}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 
"{8D849996-B62F-4B16-AF92-5367DF915C51}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8F564957-E1E2-4C11-BD18-7E5088A6E1EB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{908D25B1-D35D-493E-BBB0-CCE0E7ACED02}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{94E2BE31-1AAF-418C-A3FE-E7BC555C0EC1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{97E54719-39DF-4F91-BA23-C6ED831BF609}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9811F6F1-61E8-465B-8AEB-5357DC9F06A2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | 
"{9C20FC28-6D4A-4255-A56A-560A14AEBF3A}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
"{9EE04066-40B4-4B86-9E31-BB7D7FBD0DA4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A45F9B51-5B6A-457F-A3B0-84FBD6C979B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A7A1DC42-B9C0-4655-8B40-EFEF1934A02A}" = protocol=6 | dir=in | app=d:\program files\the hunter\launcher\launcher.exe | 
"{B4933E0A-6FB8-4392-A615-EDE2CE599B41}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe | 
"{B85AD340-BE25-4002-B1B6-F55D6506A5DC}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
"{B90082A6-6B4C-47D0-B7E1-9F455F70BD8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{B92A19C1-DE78-4CE0-BC10-AB3A9FA5E974}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe | 
"{BD9A0F70-6764-46F3-ADC0-300364DFE97B}" = protocol=17 | dir=in | app=d:\program files\the hunter\launcher\launcher.exe | 
"{C38241B1-5B2B-4F4A-95B3-B96AF872E374}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{C4AEDE52-BBB4-441A-BEA5-17F07A4B9BFB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{C7C0A79E-71A3-4288-8369-1778E72A027A}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
"{CFE5A19F-04E7-47BD-800E-6FFD3DC86A28}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D6B31D99-73D3-4E73-9AA3-E4073B9DB803}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DB0F3DC0-9F94-4011-8D6E-18804456F7E2}" = protocol=6 | dir=out | app=system | 
"{DB60FDE0-6750-44FC-8652-516EA8F969D1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{DC53C1A6-6699-4372-B763-E3FC321A1E58}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E52F1902-2166-4121-90DA-20FDFC942AAB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EA4250B4-15EC-4BE2-BB99-07995B21F718}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EBE8399D-C7F7-4562-A0EE-4688F21CD3A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EE2A80BB-C8F2-4CC5-B82F-D3EDEAF06513}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe | 
"{EF9CB869-5322-4BED-95DA-472E322EB085}" = dir=in | app=d:\program files\itunes\itunes.exe | 
"{F681E8A8-FCF4-45AE-9B60-7F26FD2121C9}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{F7622E45-55B4-4E7F-9A00-323BCB54BEB8}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe | 
"{F7A76BA3-7486-4296-A8AD-DEE5DC243BD1}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe | 
"{FC2FDA33-3CE6-4588-8A02-9F69C26CF593}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{08F895F6-6713-4BDD-9714-3CA3BF931685}C:\program files\comicrack\comicrack.exe" = protocol=6 | dir=in | app=c:\program files\comicrack\comicrack.exe | 
"TCP Query User{12864C7B-983E-4EF2-B13E-3F5B3B3332F0}D:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=d:\program files\shareaza\shareaza.exe | 
"TCP Query User{202CB055-7F05-41CE-93F9-367AC3774963}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{259D81E7-A0F4-44CC-B908-F0272C2D901C}D:\program files\nueva carpeta\mediago.exe" = protocol=6 | dir=in | app=d:\program files\nueva carpeta\mediago.exe | 
"TCP Query User{29291EEE-D71D-4133-BDA4-BBBA1DDD07B8}C:\program files\comicrack\comicrack.exe" = protocol=6 | dir=in | app=c:\program files\comicrack\comicrack.exe | 
"TCP Query User{36639666-8684-44CD-A49E-95BF491A490F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{3AA8B70B-91DF-4E3C-B641-CB53DFFED6E6}E:\setup.exe" = protocol=6 | dir=in | app=e:\setup.exe | 
"TCP Query User{572F96DA-5311-4C89-A013-E57A536CAAEB}C:\users\alf\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\alf\appdata\local\mediaget2\mediaget.exe | 
"TCP Query User{8D4D7F4E-A4FF-4586-8A01-83464E437418}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{9D9902FC-B06D-481D-A0FD-F8E51CFAE11C}C:\users\alf\desktop\slsk.exe" = protocol=6 | dir=in | app=c:\users\alf\desktop\slsk.exe | 
"TCP Query User{A7A32C06-C32B-4D2B-878F-D1B3AA191A8A}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"TCP Query User{B2290224-DA1F-4681-8289-FB7F0E9DC0CF}C:\program files\klebezettel ng\klebez.exe" = protocol=6 | dir=in | app=c:\program files\klebezettel ng\klebez.exe | 
"TCP Query User{B308335A-E191-4F63-A5A1-52E654DF2FE7}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{C81362D4-DE93-4A5B-9C05-7847737BA5E7}C:\users\alf\desktop\slsk.exe" = protocol=6 | dir=in | app=c:\users\alf\desktop\slsk.exe | 
"TCP Query User{C9895B4D-76B8-4108-958F-A789063FE449}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{D2636161-4D01-4383-A7EB-669DF776BA1A}C:\program files\freeciv-2.2.5-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files\freeciv-2.2.5-gtk2\freeciv-server.exe | 
"TCP Query User{DB9E11F1-97A4-4EA6-895A-DE3EE89F56CE}C:\program files\pcscan\remotescan.exe" = protocol=6 | dir=in | app=c:\program files\pcscan\remotescan.exe | 
"TCP Query User{DCF13530-2A14-4808-8BAC-35057A27AF95}C:\program files\klebezettel ng\klebez.exe" = protocol=6 | dir=in | app=c:\program files\klebezettel ng\klebez.exe | 
"UDP Query User{0F111E0E-643D-4B54-8049-D53E96F2991A}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{1C5C0354-9CE0-404B-9F60-489ABF3806C0}C:\program files\freeciv-2.2.5-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files\freeciv-2.2.5-gtk2\freeciv-server.exe | 
"UDP Query User{3A1237C2-4B1C-4534-9E77-A020618E162C}C:\users\alf\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\alf\appdata\local\mediaget2\mediaget.exe | 
"UDP Query User{4952B4E4-F715-4323-BCA7-298165AEFFE7}C:\program files\klebezettel ng\klebez.exe" = protocol=17 | dir=in | app=c:\program files\klebezettel ng\klebez.exe | 
"UDP Query User{54894E30-5668-44CE-B5A6-A4273E655449}C:\program files\pcscan\remotescan.exe" = protocol=17 | dir=in | app=c:\program files\pcscan\remotescan.exe | 
"UDP Query User{7FC1FAB1-2A81-4A3D-9F41-DB8BE76B7EB9}C:\program files\comicrack\comicrack.exe" = protocol=17 | dir=in | app=c:\program files\comicrack\comicrack.exe | 
"UDP Query User{844B8F81-4C03-4239-848E-0B83C24028A7}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | 
"UDP Query User{86763A4F-17EA-4D96-9B04-597790145989}C:\program files\klebezettel ng\klebez.exe" = protocol=17 | dir=in | app=c:\program files\klebezettel ng\klebez.exe | 
"UDP Query User{91394187-C481-467F-BC00-147D526DA576}D:\program files\nueva carpeta\mediago.exe" = protocol=17 | dir=in | app=d:\program files\nueva carpeta\mediago.exe | 
"UDP Query User{A19728FD-2AAE-4745-8F36-03E754D1D8AD}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{B78B9F57-FF57-47DF-8C2B-572AB2BF2B6F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{B86D4655-9751-4EBA-8184-5A5A3F3E49D5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{BB515B62-BA0C-40F8-8630-D8E807C1E594}D:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=d:\program files\shareaza\shareaza.exe | 
"UDP Query User{D2227104-59F3-4CFE-87EF-A092CED3DE24}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{DB8AFA86-E41D-467D-96E2-F6852F15CD0C}C:\users\alf\desktop\slsk.exe" = protocol=17 | dir=in | app=c:\users\alf\desktop\slsk.exe | 
"UDP Query User{ED66CDBF-87D0-4AE6-BE08-532357129252}C:\users\alf\desktop\slsk.exe" = protocol=17 | dir=in | app=c:\users\alf\desktop\slsk.exe | 
"UDP Query User{F2650B25-A28D-429B-B2DE-5128C06C6011}C:\program files\comicrack\comicrack.exe" = protocol=17 | dir=in | app=c:\program files\comicrack\comicrack.exe | 
"UDP Query User{FFA0041E-6C45-49E4-90FE-47A0594A9A0F}E:\setup.exe" = protocol=17 | dir=in | app=e:\setup.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1857AAB1-77E0-40FF-91C5-9E415F248F36}" = MartView
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D122AF9-1E02-4035-8003-334D378C1B62}_is1" = PDF OCR 4.0
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{441AC599-200D-4E04-B274-C6B7B50C281D}_is1" = Hamster Free EbookConverter
"{45212F71-750F-4B98-8931-2F35DBE6B661}" = Paint.NET v3.5.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F81901F-3655-4340-8227-F687F69A3C79}}_is1" = Klebezettel NG (Version 2.9.12)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.9
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AD4488A-4E1F-417A-970A-F7C3D4C15086}_is1" = Skype Recorder
"{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}" = Media Go Video Playback Engine 1.88.114.12060
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87DE00A9-EA45-4A6E-A7BC-3CA04A77D8EF}" = OpenOffice.org 3.2 Language Pack (German)
"{88617473-6EA7-4939-85FE-E31F9BF3980F}" = Nitro Reader 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4B64A1-27B6-11E0-BB60-005056C00008}" = Paragon Drive Copy™ 11 Compact
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB562530-921D-11DE-A208-005056C00008}" = Paragon Backup & Recovery™ 10.2 Free Edition
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.05.26
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD32654E-90CF-42F2-8CB3-88DA6F1AA11A}" = ZoneAlarm Security
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B433B7D6-0A97-4ED4-BE64-863A0B3A0776}_is1" = YouFreeTV Version 0.02
"{B4B6D789-EF42-39D5-B36B-A1282951E0D5}" = Microsoft .NET Framework 4 Extended ESN Language Pack
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.44
"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron 4.0.280
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E11448F2-0B44-4239-B04E-D88FE743E929}" = Officejet J4500 Series
"{E25ED28D-3F3F-4707-8DFA-66CA75FB9329}" = ZoneAlarm Firewall
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}" = eReader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6DC2328-1FA4-4F7A-954C-C733363266EE}" = Soluto
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Paquete de controladores de Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Paquete de controladores de Windows - Nokia Modem  (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AllDup_is1" = AllDup 3.2.10
"Artensoft Photo Mosaic Wizard_is1" = Artensoft Photo Mosaic Wizard
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BFG-Mystery Case Files - Huntsville - Detective Training" = Mystery Case Files: Huntsville - Detective Training
"Blocks 5_is1" = Blocks 5
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ComicRack" = ComicRack v0.9.134
"Defraggler" = Defraggler
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DMX5_is1" = DriverMax 6
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Paquete de controladores de Windows - Nokia Modem  (02/25/2011 4.7)
"EPSON BX300F Series" = EPSON BX300F Series Printer Uninstall
"EPSON BX305 Series" = EPSON BX305 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Office BX300F_TX300F Manual de usuario" = EPSON Stylus Office BX300F_TX300F Manual
"FileZilla Client" = FileZilla Client 3.5.3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free Studio_is1" = Free Studio version 5.9.0.1212
"Glary Undelete_is1" = Glary Undelete 1.8.0.468
"Horlands PCScan_is1" = Horland's PCScan
"HP Document Manager" = HP Document Manager 2.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP-Color LaserJet 2600n" = Color LaserJet 2600n
"HPOCR" = OCR Software by I.R.I.S. 13.0
"iCare Card Recovery Pro_is1" = iCare Card Recovery Pro 2.0
"iCare Format Recovery_is1" = iCare Format Recovery 4.6.3.3
"Inca Ball_is1" = Inca Ball
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"IrfanView" = IrfanView (remove only)
"JPG2PDF_is1" = JPG2PDF 2.2
"Last Conundrum of Da Vinci_is1" = Last Conundrum of Da Vinci
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MartView" = MartView
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Extended ESN
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Developer Preview (3.7a4webm)" = Mozilla Developer Preview (3.7a4webm)
"Mozilla Firefox 18.0.1 (x86 en-GB)" = Mozilla Firefox 18.0.1 (x86 en-GB)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"Nokia PC Suite" = Nokia PC Suite
"Ocster Backup" = Ocster Backup Pro
"OpenAL" = OpenAL
"PDF Protector Splitter and Merger v1.0" = PDF Protector Splitter and Merger v1.0
"Phoner_is1" = Phoner 2.80
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoMail" = PhotoMail Maker
"PhotoStitch" = Canon Utilities PhotoStitch
"Pingus" = Pingus
"Protected Folder_is1" = Protected Folder
"Rapport_msi" = Rapport
"RealPlayer 15.0" = RealPlayer
"Recovery Toolbox for CD Free_is1" = Recovery Toolbox for CD Free 1.0
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Revo Uninstaller" = Revo Uninstaller 1.92
"Software Informer_is1" = Software Informer 1.1
"Soulseek2" = SoulSeek 157 NS 13e
"SoulseekQt" = SoulseekQt
"TeamViewer 7" = TeamViewer 7
"Tom's eTextReader" = Tom's eTextReader
"TomTom HOME" = TomTom HOME 2.7.5.2014
"VLC media player" = VLC media player 1.1.9
"WeFi" = WeFi 4.0.1.0
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.4
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2694443895-2394037030-1619875523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MusicManager" = Music Manager
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 29/01/2013 19:33:11 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\ia64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 30/01/2013 19:33:43 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\amd64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 30/01/2013 19:33:43 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\ia64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 31/01/2013 19:34:13 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\amd64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 31/01/2013 19:34:13 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\ia64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 01/02/2013 13:40:51 | Computer Name = ALF-PC | Source = Application Hang | ID = 1002
Description = El programa firefox.exe, versión 18.0.1.4764, dejó de interactuar 
con Windows y se cerró. Para ver si hay más información disponible acerca del problema,
 compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador
 de proceso: bc4    Hora de inicio: 01cdffeed1939956    Hora de finalización: 196    Ruta de
 acceso de la aplicación: C:\Program Files\Mozilla Firefox\firefox.exe    Identificador
 de informe: 824bf27d-6c96-11e2-9bcb-001eeccb697c  
 
Error - 01/02/2013 19:32:53 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\amd64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 01/02/2013 19:32:53 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\ia64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 03/02/2013 7:34:17 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\amd64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
Error - 03/02/2013 7:34:17 | Computer Name = ALF-PC | Source = SideBySide | ID = 16842785
Description = Error al generar el contexto de activación para "c:\program files\innovative
 solutions\drivermax\DPInst\ia64\dpinst.exe".  No se encontró el ensamblado dependiente
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Use
 sxstrace.exe para obtener un diagnóstico detallado.
 
[ System Events ]
Error - 04/02/2013 2:56:13 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:56:14 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:56:16 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:56:16 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:56:17 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:57:14 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 2:57:15 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 4:29:04 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 4:29:04 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
Error - 04/02/2013 4:29:04 | Computer Name = ALF-PC | Source = Service Control Manager | ID = 7001
Description = El servicio Administrador de conexión de acceso remoto depende del
 servicio Telefonía, el cual no pudo iniciarse debido al siguiente error:   %%1058
 
 
< End of report >
         
--- --- ---

Alt 05.02.2013, 03:09   #5
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.


danach:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



danach:

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

__________________
Mfg, t'john
Das TB unterstützen

Alt 05.02.2013, 11:34   #6
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Guten Tag t'John,

Hier der asw-log:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 10:08:54
-----------------------------
10:08:54.474 OS Version: Windows 6.1.7601 Service Pack 1
10:08:54.474 Number of processors: 2 586 0x301
10:08:54.474 ComputerName: ALF-PC UserName: ALF
10:09:01.955 Initialize success
10:10:49.657 AVAST engine defs: 13020401
10:11:52.100 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000075
10:11:52.100 Disk 0 Vendor: TOSHIBA_ AX00 Size: 953869MB BusType: 11
10:11:52.132 Disk 0 MBR read successfully
10:11:52.147 Disk 0 MBR scan
10:11:52.210 Disk 0 Windows 7 default MBR code
10:11:52.225 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 868 MB offset 2048
10:11:52.272 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 311785 MB offset 1779712
10:11:52.335 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 390914 MB offset 640315392
10:11:52.382 Disk 0 Partition - 00 0F Extended LBA 250299 MB offset 1440909312
10:11:52.413 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 250298 MB offset 1440911360
10:11:52.476 Disk 0 scanning sectors +1953521664
10:11:52.601 Disk 0 scanning C:\Windows\system32\drivers
10:12:25.002 Service scanning
10:13:27.016 Modules scanning
10:13:45.287 Disk 0 trace - called modules:
10:13:45.349 ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys ACPI.sys halmacpi.dll storport.sys amdsata.sys
10:13:45.365 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87895030]
10:13:45.381 3 CLASSPNP.SYS[8c7dc59e] -> nt!IofCallDriver -> [0x869b67f0]
10:13:45.396 5 amdxata.sys[8c59e7f3] -> nt!IofCallDriver -> [0x87622140]
10:13:45.412 7 ACPI.sys[8c3b43d4] -> nt!IofCallDriver -> \Device\00000075[0x87791030]
10:13:47.568 AVAST engine scan C:\Windows
10:13:53.907 AVAST engine scan C:\Windows\system32
10:21:43.223 AVAST engine scan C:\Windows\system32\drivers
10:22:22.575 AVAST engine scan C:\Users\ALF
11:21:57.085 AVAST engine scan C:\ProgramData
11:27:52.733 Scan finished successfully
11:28:37.694 Disk 0 MBR has been saved successfully to "C:\Users\ALF\Desktop\MBR.dat"
11:28:37.710 The log file has been saved successfully to "C:\Users\ALF\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 10:08:54
-----------------------------
10:08:54.474 OS Version: Windows 6.1.7601 Service Pack 1
10:08:54.474 Number of processors: 2 586 0x301
10:08:54.474 ComputerName: ALF-PC UserName: ALF
10:09:01.955 Initialize success
10:10:49.657 AVAST engine defs: 13020401
10:11:52.100 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000075
10:11:52.100 Disk 0 Vendor: TOSHIBA_ AX00 Size: 953869MB BusType: 11
10:11:52.132 Disk 0 MBR read successfully
10:11:52.147 Disk 0 MBR scan
10:11:52.210 Disk 0 Windows 7 default MBR code
10:11:52.225 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 868 MB offset 2048
10:11:52.272 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 311785 MB offset 1779712
10:11:52.335 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 390914 MB offset 640315392
10:11:52.382 Disk 0 Partition - 00 0F Extended LBA 250299 MB offset 1440909312
10:11:52.413 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 250298 MB offset 1440911360
10:11:52.476 Disk 0 scanning sectors +1953521664
10:11:52.601 Disk 0 scanning C:\Windows\system32\drivers
10:12:25.002 Service scanning
10:13:27.016 Modules scanning
10:13:45.287 Disk 0 trace - called modules:
10:13:45.349 ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys ACPI.sys halmacpi.dll storport.sys amdsata.sys
10:13:45.365 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87895030]
10:13:45.381 3 CLASSPNP.SYS[8c7dc59e] -> nt!IofCallDriver -> [0x869b67f0]
10:13:45.396 5 amdxata.sys[8c59e7f3] -> nt!IofCallDriver -> [0x87622140]
10:13:45.412 7 ACPI.sys[8c3b43d4] -> nt!IofCallDriver -> \Device\00000075[0x87791030]
10:13:47.568 AVAST engine scan C:\Windows
10:13:53.907 AVAST engine scan C:\Windows\system32
10:21:43.223 AVAST engine scan C:\Windows\system32\drivers
10:22:22.575 AVAST engine scan C:\Users\ALF
11:21:57.085 AVAST engine scan C:\ProgramData
11:27:52.733 Scan finished successfully
11:28:37.694 Disk 0 MBR has been saved successfully to "C:\Users\ALF\Desktop\MBR.dat"
11:28:37.710 The log file has been saved successfully to "C:\Users\ALF\Desktop\aswMBR.txt"
11:29:09.199 Disk 0 MBR has been saved successfully to "C:\Users\ALF\Desktop\MBR.dat"
11:29:09.214 The log file has been saved successfully to "C:\Users\ALF\Desktop\aswMBR.txt"


Die weiteren Hausaufgaben sind in Arbeit !
Danke weiterhin !

Und noch einmal "Hallo"!

Hier der checkup-log:


Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.70.0.1100
CCleaner
Wise Registry Cleaner 5.9.4
Java(TM) 6 Update 26
Java version out of Date!
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox (18.0.1)
Mozilla Thunderbird (17.0.2)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Und das war's jetzt ? Also DAS ist ja ein Spektakel... wenigstens gibt's Leute wie Dich, die sich richtig gut auskennen und helfen !!

Alt 05.02.2013, 19:31   #7
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Wo ist das adwCleaner Log (schritt 2) ?

Aktualisiere:
Adobe Reader: Adobe Reader - Download - Filepony (Alternativen: PDF Tools)

Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die .exe-Datei
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 13 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck



Java deaktivieren

Aufgrund derezeitigen Sicherheitsluecke:

http://www.trojaner-board.de/122961-...ktivieren.html

Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck


Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall Wise Registry Cleaner 5.9.4, CCleaner.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.
__________________
Mfg, t'john
Das TB unterstützen

Alt 05.02.2013, 20:20   #8
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Guten Abend t'John,

Vielen Dank zunächst für Deine Tips - werden morgen in Angriff genommen !!

Hier der "vergessene Log 2":AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.110 - Fichero creado el 05/02/2013 a 11:43:49
# Actualizado el 03/02/2013 por Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuario : ALF - ALF-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\ALF\Desktop\Data In\adwcleaner.exe
# Opción [Búsqueda]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****

Carpeta Presente : C:\Program Files\Babylon
Carpeta Presente : C:\Program Files\Conduit
Carpeta Presente : C:\Program Files\Hotspot_Shield
Carpeta Presente : C:\Program Files\SweetIM
Carpeta Presente : C:\Program Files\Widestream6
Carpeta Presente : C:\ProgramData\Babylon
Carpeta Presente : C:\ProgramData\boost_interprocess
Carpeta Presente : C:\ProgramData\FreeRIP
Carpeta Presente : C:\ProgramData\iWin
Carpeta Presente : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3
Carpeta Presente : C:\ProgramData\Trymedia
Carpeta Presente : C:\Users\ALF\AppData\Local\Babylon
Carpeta Presente : C:\Users\ALF\AppData\Local\Conduit
Carpeta Presente : C:\Users\ALF\AppData\Local\ConduitEngine
Carpeta Presente : C:\Users\ALF\AppData\Local\OpenCandy
Carpeta Presente : C:\Users\ALF\AppData\Local\TempDir
Carpeta Presente : C:\Users\ALF\AppData\LocalLow\AskToolbar
Carpeta Presente : C:\Users\ALF\AppData\LocalLow\boost_interprocess
Carpeta Presente : C:\Users\ALF\AppData\LocalLow\Conduit
Carpeta Presente : C:\Users\ALF\AppData\LocalLow\IncrediMail_MediaBar_2
Carpeta Presente : C:\Users\ALF\AppData\LocalLow\PriceGong
Carpeta Presente : C:\Users\ALF\AppData\Roaming\Babylon
Carpeta Presente : C:\Users\ALF\AppData\Roaming\iWin
Carpeta Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\Conduit
Carpeta Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\ConduitCommon
Carpeta Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\ConduitEngine
Carpeta Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\extensions\browserprotect@browserprotect.com.xpi
Carpeta Presente : C:\Users\ALF\AppData\Roaming\OfferBox
Carpeta Presente : C:\Users\ALF\AppData\Roaming\pdfforge
Carpeta Presente : C:\Users\ALF\AppData\Roaming\widestream
Carpeta Presente : C:\Users\ALF\Documents\widestream
Carpeta Presente : C:\Windows\Installer\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
Fichero Presente : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichero Presente : C:\user.js
Fichero Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\searchplugins\Askcom.xml
Fichero Presente : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\searchplugins\MyStart Search.xml

***** [Registro] *****

Clave Presente : HKCU\Software\AppDataLow\Software\Conduit
Clave Presente : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clave Presente : HKCU\Software\AppDataLow\Software\Hotspot_Shield
Clave Presente : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Clave Presente : HKCU\Software\AppDataLow\Software\PriceGong
Clave Presente : HKCU\Software\AppDataLow\Software\SmartBar
Clave Presente : HKCU\Software\AppDataLow\Software\Toolbar
Clave Presente : HKCU\Software\Ask&Record
Clave Presente : HKCU\Software\Conduit
Clave Presente : HKCU\Software\Headlight
Clave Presente : HKCU\Software\IM
Clave Presente : HKCU\Software\ImInstaller
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Clave Presente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Clave Presente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Clave Presente : HKCU\Software\Offerbox
Clave Presente : HKCU\Software\Softonic
Clave Presente : HKCU\Software\WideStream
Clave Presente : HKCU\Toolbar
Clave Presente : HKLM\Software\Babylon
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clave Presente : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Clave Presente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clave Presente : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Clave Presente : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Clave Presente : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clave Presente : HKLM\SOFTWARE\Classes\Conduit.Engine
Clave Presente : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Clave Presente : HKLM\SOFTWARE\Classes\Prod.cap
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT1854633
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Clave Presente : HKLM\SOFTWARE\Classes\Toolbar.CT2765711
Clave Presente : HKLM\Software\Conduit
Clave Presente : HKLM\Software\eRightSoft\OpenCandy
Clave Presente : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clave Presente : HKLM\Software\ImInstaller
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Clave Presente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Clave Presente : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Clave Presente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Clave Presente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Clave Presente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clave Presente : HKLM\Software\Offerbox
Clave Presente : HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clave Presente : HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clave Presente : HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Clave Presente : HKU\S-1-5-21-2694443895-2394037030-1619875523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Valor Presente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Presente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.7601.17514

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?af=111304&babsrc=nt_ss&mntrid=7a93f7d200000000000022234d6aafb3

-\\ Mozilla Firefox v18.0.1 (en-GB)

Fichero : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\prefs.js

Presente : user_pref("CT127144..clientLogIsEnabled", false);
Presente : user_pref("CT127144..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Presente : user_pref("CT127144..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Presente : user_pref("CT127144.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT127144.CTID", "CT127144");
Presente : user_pref("CT127144.CurrentServerDate", "15-10-2010");
Presente : user_pref("CT127144.DialogsAlignMode", "LTR");
Presente : user_pref("CT127144.DownloadReferralCookieData", "");
Presente : user_pref("CT127144.FirstServerDate", "15-10-2010");
Presente : user_pref("CT127144.FirstTime", true);
Presente : user_pref("CT127144.FirstTimeFF3", true);
Presente : user_pref("CT127144.FixPageNotFoundErrors", true);
Presente : user_pref("CT127144.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT127144.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT127144.HasUserGlobalKeys", true);
Presente : user_pref("CT127144.Initialize", true);
Presente : user_pref("CT127144.InitializeCommonPrefs", true);
Presente : user_pref("CT127144.InstallationAndCookieDataSentCount", 1);
Presente : user_pref("CT127144.InstalledDate", "Fri Oct 15 2010 16:23:38 GMT+0200 (Hora de verano romance)");
Presente : user_pref("CT127144.InvalidateCache", false);
Presente : user_pref("CT127144.IsGrouping", false);
Presente : user_pref("CT127144.IsMulticommunity", false);
Presente : user_pref("CT127144.IsOpenThankYouPage", true);
Presente : user_pref("CT127144.IsOpenUninstallPage", true);
Presente : user_pref("CT127144.LanguagePackLastCheckTime", "Fri Oct 15 2010 16:23:38 GMT+0200 (Hora de verano r[...]
Presente : user_pref("CT127144.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT127144.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"[...]
Presente : user_pref("CT127144.LastLogin_3.2.1.3", "Fri Oct 15 2010 16:23:36 GMT+0200 (Hora de verano romance)"[...]
Presente : user_pref("CT127144.LatestVersion", "2.7.2.0");
Presente : user_pref("CT127144.Locale", "de");
Presente : user_pref("CT127144.MCDetectTooltipHeight", "83");
Presente : user_pref("CT127144.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT127144.MCDetectTooltipWidth", "295");
Presente : user_pref("CT127144.RadioIsPodcast", false);
Presente : user_pref("CT127144.RadioLastCheckTime", "Fri Oct 15 2010 16:23:40 GMT+0200 (Hora de verano romance)[...]
Presente : user_pref("CT127144.RadioLastUpdateIPServer", "0");
Presente : user_pref("CT127144.RadioLastUpdateServer", "129068614018830000");
Presente : user_pref("CT127144.RadioMediaID", "10288793");
Presente : user_pref("CT127144.RadioMediaType", "Media Player");
Presente : user_pref("CT127144.RadioMenuSelectedID", "EBRadioMenu_CT12714410288793");
Presente : user_pref("CT127144.RadioStationName", "Liveab1.de");
Presente : user_pref("CT127144.RadioStationURL", "hxxp://www.liveab1.de/listen/Liveab1-Radiostream.asx");
Presente : user_pref("CT127144.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT127144.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1271[...]
Presente : user_pref("CT127144.SearchInNewTabEnabled", true);
Presente : user_pref("CT127144.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT127144.SearchInNewTabLastCheckTime", "Fri Oct 15 2010 16:23:37 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT127144.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TO[...]
Presente : user_pref("CT127144.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService[...]
Presente : user_pref("CT127144.ServiceMapLastCheckTime", "Fri Oct 15 2010 16:23:34 GMT+0200 (Hora de verano rom[...]
Presente : user_pref("CT127144.SettingsLastCheckTime", "Fri Oct 15 2010 16:23:34 GMT+0200 (Hora de verano roman[...]
Presente : user_pref("CT127144.SettingsLastUpdate", "1285580322");
Presente : user_pref("CT127144.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT127144.ThirdPartyComponentsLastCheck", "Fri Oct 15 2010 16:23:34 GMT+0200 (Hora de vera[...]
Presente : user_pref("CT127144.ThirdPartyComponentsLastUpdate", "1255348257");
Presente : user_pref("CT127144.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=1[...]
Presente : user_pref("CT127144.Uninstall", true);
Presente : user_pref("CT127144.UserID", "UN45342420089751106");
Presente : user_pref("CT127144.ValidationData_Search", 0);
Presente : user_pref("CT127144.ValidationData_Toolbar", 2);
Presente : user_pref("CT127144.alertChannelId", "45380");
Presente : user_pref("CT127144.components.1000034", false);
Presente : user_pref("CT127144.components.1000234", false);
Presente : user_pref("CT127144.myStuffEnabled", true);
Presente : user_pref("CT127144.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT127144.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOri[...]
Presente : user_pref("CT127144.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT127144.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Com[...]
Presente : user_pref("CT127144.testingCtid", "");
Presente : user_pref("CT127144.toolbarAppMetaDataLastCheckTime", "Fri Oct 15 2010 16:23:36 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT127144.toolbarContextMenuLastCheckTime", "Fri Oct 15 2010 16:23:39 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT127144.usagesFlag", 2);
Presente : user_pref("CT1854633..clientLogIsEnabled", true);
Presente : user_pref("CT1854633..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT1854633..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT1854633.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT1854633.AppTrackingLastCheckTime", "Fri May 06 2011 09:30:59 GMT+0200 (Hora de verano r[...]
Presente : user_pref("CT1854633.CTID", "CT1854633");
Presente : user_pref("CT1854633.CurrentServerDate", "7-7-2011");
Presente : user_pref("CT1854633.DialogsAlignMode", "LTR");
Presente : user_pref("CT1854633.DialogsGetterLastCheckTime", "Thu Jul 07 2011 17:25:30 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT1854633.DownloadReferralCookieData", "");
Presente : user_pref("CT1854633.EMailNotifierPollDate", "Wed Feb 09 2011 14:21:19 GMT+0100");
Presente : user_pref("CT1854633.FirstServerDate", "9-2-2011");
Presente : user_pref("CT1854633.FirstTime", true);
Presente : user_pref("CT1854633.FirstTimeFF3", true);
Presente : user_pref("CT1854633.FixPageNotFoundErrors", true);
Presente : user_pref("CT1854633.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT1854633.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT1854633.HasUserGlobalKeys", true);
Presente : user_pref("CT1854633.HomePageProtectorEnabled", false);
Presente : user_pref("CT1854633.Initialize", true);
Presente : user_pref("CT1854633.InitializeCommonPrefs", true);
Presente : user_pref("CT1854633.InstallationAndCookieDataSentCount", 3);
Presente : user_pref("CT1854633.InstallationId", "Shares_AB_12");
Presente : user_pref("CT1854633.InstallationType", "ConduitIntegration");
Presente : user_pref("CT1854633.InstalledDate", "Wed Feb 09 2011 14:20:43 GMT+0100");
Presente : user_pref("CT1854633.InvalidateCache", false);
Presente : user_pref("CT1854633.IsGrouping", false);
Presente : user_pref("CT1854633.IsMulticommunity", false);
Presente : user_pref("CT1854633.IsOpenThankYouPage", true);
Presente : user_pref("CT1854633.IsOpenUninstallPage", true);
Presente : user_pref("CT1854633.LanguagePackLastCheckTime", "Thu Jul 07 2011 17:25:30 GMT+0200 (Hora de verano [...]
Presente : user_pref("CT1854633.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT1854633.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT1854633.LastLogin_3.2.5.2", "Sun Mar 27 2011 07:53:37 GMT+0200 (Hora de verano romance)[...]
Presente : user_pref("CT1854633.LastLogin_3.3.3.2", "Tue May 17 2011 11:11:50 GMT+0200 (Hora de verano romance)[...]
Presente : user_pref("CT1854633.LastLogin_3.5.0.12", "Thu Jul 07 2011 17:25:31 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT1854633.LatestVersion", "3.3.3.2");
Presente : user_pref("CT1854633.Locale", "es");
Presente : user_pref("CT1854633.MCDetectTooltipHeight", "83");
Presente : user_pref("CT1854633.MCDetectTooltipShow", false);
Presente : user_pref("CT1854633.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT1854633.MCDetectTooltipWidth", "295");
Presente : user_pref("CT1854633.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT1854633.RadioIsPodcast", false);
Presente : user_pref("CT1854633.RadioLastCheckTime", "Tue May 17 2011 09:22:35 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT1854633.RadioLastUpdateIPServer", "3");
Presente : user_pref("CT1854633.RadioLastUpdateServer", "129025125668530000");
Presente : user_pref("CT1854633.RadioMediaID", "5139083");
Presente : user_pref("CT1854633.RadioMediaType", "Media Player");
Presente : user_pref("CT1854633.RadioMenuSelectedID", "EBRadioMenu_CT1854633_RECENT5139083");
Presente : user_pref("CT1854633.RadioShrinked", "expanded");
Presente : user_pref("CT1854633.RadioStationName", "CLASSIC%20COUNTRY%20%20(%20128%20KBPS%20)%20");
Presente : user_pref("CT1854633.RadioStationURL", "hxxp://130.166.72.1:8006/");
Presente : user_pref("CT1854633.RadioVolume", "70");
Presente : user_pref("CT1854633.SHRINK_TOOLBAR", 1);
Presente : user_pref("CT1854633.SearchBoxWidth", 217);
Presente : user_pref("CT1854633.SearchEngine", "Buscar%20en%20este%20sitio||hxxp://search.conduit.com/Results.a[...]
Presente : user_pref("CT1854633.SearchEngineBeforeUnload", "Google");
Presente : user_pref("CT1854633.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT1854633.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT185[...]
Presente : user_pref("CT1854633.SearchInNewTabEnabled", true);
Presente : user_pref("CT1854633.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT1854633.SearchInNewTabLastCheckTime", "Thu Jul 07 2011 17:25:30 GMT+0200 (Hora de veran[...]
Presente : user_pref("CT1854633.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT1854633.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Presente : user_pref("CT1854633.SearchInNewTabUserEnabled", false);
Presente : user_pref("CT1854633.SearchProtectorEnabled", false);
Presente : user_pref("CT1854633.SearchProtectorToolbarDisabled", false);
Presente : user_pref("CT1854633.ServiceMapLastCheckTime", "Thu Jul 07 2011 17:25:29 GMT+0200 (Hora de verano ro[...]
Presente : user_pref("CT1854633.SettingsLastCheckTime", "Thu Jul 07 2011 17:25:28 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT1854633.SettingsLastUpdate", "1310031892");
Presente : user_pref("CT1854633.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT1854633.ThirdPartyComponentsLastCheck", "Thu Jul 07 2011 17:25:28 GMT+0200 (Hora de ver[...]
Presente : user_pref("CT1854633.ThirdPartyComponentsLastUpdate", "1255523270");
Presente : user_pref("CT1854633.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1854633");
Presente : user_pref("CT1854633.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Presente : user_pref("CT1854633.Uninstall", true);
Presente : user_pref("CT1854633.UserID", "UN69590979192959650");
Presente : user_pref("CT1854633.ValidationData_Search", 2);
Presente : user_pref("CT1854633.ValidationData_Toolbar", 2);
Presente : user_pref("CT1854633.WeatherNetwork", "");
Presente : user_pref("CT1854633.WeatherPollDate", "Wed Feb 09 2011 14:20:43 GMT+0100");
Presente : user_pref("CT1854633.WeatherUnit", "C");
Presente : user_pref("CT1854633.alertChannelId", "130890");
Presente : user_pref("CT1854633.backendstorage._fb_dailyactivity", "31323937323537363438353235");
Presente : user_pref("CT1854633.backendstorage._fb_lifetimesent", "54525545");
Presente : user_pref("CT1854633.backendstorage.ct1854633ads1", "25374225323261647325323225334125354225374225323[...]
Presente : user_pref("CT1854633.backendstorage.ct1854633current_term", "");
Presente : user_pref("CT1854633.backendstorage.ct1854633sdate", "39");
Presente : user_pref("CT1854633.components.1000034", false);
Presente : user_pref("CT1854633.components.1000080", false);
Presente : user_pref("CT1854633.components.1000082", false);
Presente : user_pref("CT1854633.components.1000234", false);
Presente : user_pref("CT1854633.components.1001", true);
Presente : user_pref("CT1854633.components.129107087243744588", false);
Presente : user_pref("CT1854633.components.129181527558318076", false);
Presente : user_pref("CT1854633.components.129301432010756280", false);
Presente : user_pref("CT1854633.components.129448439164456512", false);
Presente : user_pref("CT1854633.components.129451136329613185", false);
Presente : user_pref("CT1854633.components.129456888904469219", false);
Presente : user_pref("CT1854633.components.129456888905562978", false);
Presente : user_pref("CT1854633.components.129456888906656756", false);
Presente : user_pref("CT1854633.components.129456888907281758", false);
Presente : user_pref("CT1854633.components.129456888907750510", false);
Presente : user_pref("CT1854633.components.129456888908219262", false);
Presente : user_pref("CT1854633.components.2542483407393376056", false);
Presente : user_pref("CT1854633.components.4081690864504103342", false);
Presente : user_pref("CT1854633.components.4464672689774197049", false);
Presente : user_pref("CT1854633.components.4591137843504161730", false);
Presente : user_pref("CT1854633.components.5975298113143957762", false);
Presente : user_pref("CT1854633.components.6082858481320279007", false);
Presente : user_pref("CT1854633.components.6170162153979063636", false);
Presente : user_pref("CT1854633.components.6476189749481397479", false);
Presente : user_pref("CT1854633.components.7312646463516254830", false);
Presente : user_pref("CT1854633.components.871061083581199312", false);
Presente : user_pref("CT1854633.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Presente : user_pref("CT1854633.globalFirstTimeInfoLastCheckTime", "Thu Jul 07 2011 17:25:31 GMT+0200 (Hora de [...]
Presente : user_pref("CT1854633.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT1854633.initDone", true);
Presente : user_pref("CT1854633.isAppTrackingManagerOn", true);
Presente : user_pref("CT1854633.myStuffEnabled", true);
Presente : user_pref("CT1854633.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT1854633.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT1854633.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT1854633.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT1854633.oldAppsList", "128349991502893893,128551960243400687,111,129301432010756280,100[...]
Presente : user_pref("CT1854633.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT1854633.searchProtectorEnableByLogin", true);
Presente : user_pref("CT1854633.testingCtid", "");
Presente : user_pref("CT1854633.toolbarAppMetaDataLastCheckTime", "Thu Jul 07 2011 17:25:30 GMT+0200 (Hora de v[...]
Presente : user_pref("CT1854633.toolbarContextMenuLastCheckTime", "Thu Jul 07 2011 17:25:30 GMT+0200 (Hora de v[...]
Presente : user_pref("CT1854633.usageEnabled", false);
Presente : user_pref("CT1854633.usagesFlag", 2);
Presente : user_pref("CT2604146..clientLogIsEnabled", true);
Presente : user_pref("CT2604146..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT2604146..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT2604146.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT2604146.CTID", "CT2604146");
Presente : user_pref("CT2604146.Chat.Meebo.ServerLastCheckTime", "Thu Jul 07 2011 20:35:08 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2604146.Chat.Meebo.ServerLastResponseTime", "Thu Jul 07 2011 20:35:09 GMT+0200 (Hora de[...]
Presente : user_pref("CT2604146.Chat.Meebo.rooms.2030dff2c5edb1", 12);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.30plusa87dca4f", 14);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.communitychat09d14109", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.entertainmentc0ed09fb", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.health3693b665", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.musicj375cf270", 2);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.newsxu117b840d", 14);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.recreationab17d1f9", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.spirituality39155c53", 5);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.sports522528d3", 4);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.technology8bb9fd5b", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.teenagers833b8249", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.travel8c2e48db", 0);
Presente : user_pref("CT2604146.Chat.Meebo.rooms.videogames2fe066e0", 0);
Presente : user_pref("CT2604146.Chat.ServerLastCheckTime", "Thu Jul 07 2011 19:25:08 GMT+0200 (Hora de verano r[...]
Presente : user_pref("CT2604146.CurrentServerDate", "7-7-2011");
Presente : user_pref("CT2604146.DialogsAlignMode", "LTR");
Presente : user_pref("CT2604146.DialogsGetterLastCheckTime", "Thu Jul 07 2011 17:25:11 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT2604146.DownloadReferralCookieData", "");
Presente : user_pref("CT2604146.EMailNotifierPollDate", "Thu Jul 07 2011 20:40:08 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT2604146.FeedLastCount129163062160134584", 40);
Presente : user_pref("CT2604146.FeedLastCount129163062191696694", 0);
Presente : user_pref("CT2604146.FeedLastCount129163062192009197", 50);
Presente : user_pref("CT2604146.FeedPollDate128795077986382124", "Thu Jul 07 2011 19:25:08 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2604146.FeedPollDate128795078397943899", "Thu Jul 07 2011 19:25:08 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2604146.FeedPollDate128981243906575437", "Thu Jul 07 2011 20:05:08 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2604146.FeedPollDate129163062191696694", "Thu Jul 07 2011 20:40:08 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2604146.FeedTTL128795078397943899", 40);
Presente : user_pref("CT2604146.FeedTTL128981243906575437", 40);
Presente : user_pref("CT2604146.FirstServerDate", "17-2-2011");
Presente : user_pref("CT2604146.FirstTime", true);
Presente : user_pref("CT2604146.FirstTimeFF3", true);
Presente : user_pref("CT2604146.FirstTimeSettingsDone", true);
Presente : user_pref("CT2604146.FixPageNotFoundErrors", true);
Presente : user_pref("CT2604146.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT2604146.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT2604146.HasUserGlobalKeys", true);
Presente : user_pref("CT2604146.HomePageProtectorEnabled", false);
Presente : user_pref("CT2604146.Initialize", true);
Presente : user_pref("CT2604146.InitializeCommonPrefs", true);
Presente : user_pref("CT2604146.InstallationAndCookieDataSentCount", 3);
Presente : user_pref("CT2604146.InstalledDate", "Thu Feb 17 2011 19:01:59 GMT+0100");
Presente : user_pref("CT2604146.InvalidateCache", false);
Presente : user_pref("CT2604146.IsGrouping", false);
Presente : user_pref("CT2604146.IsMulticommunity", false);
Presente : user_pref("CT2604146.IsOpenThankYouPage", true);
Presente : user_pref("CT2604146.IsOpenUninstallPage", true);
Presente : user_pref("CT2604146.LanguagePackLastCheckTime", "Thu Jul 07 2011 17:25:11 GMT+0200 (Hora de verano [...]
Presente : user_pref("CT2604146.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT2604146.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT2604146.LastLogin_2.6.0.15", "Thu Feb 17 2011 19:03:17 GMT+0100");
Presente : user_pref("CT2604146.LastLogin_3.2.5.2", "Thu Feb 17 2011 19:01:55 GMT+0100");
Presente : user_pref("CT2604146.LastLogin_3.5.0.12", "Thu Jul 07 2011 17:25:12 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2604146.LatestVersion", "3.3.3.2");
Presente : user_pref("CT2604146.Locale", "en-us");
Presente : user_pref("CT2604146.LoginCache", 4);
Presente : user_pref("CT2604146.MCDetectTooltipHeight", "83");
Presente : user_pref("CT2604146.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT2604146.MCDetectTooltipWidth", "295");
Presente : user_pref("CT2604146.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT2604146.RadioIsPodcast", false);
Presente : user_pref("CT2604146.RadioLastCheckTime", "Thu Jul 07 2011 17:25:08 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2604146.RadioLastUpdateIPServer", "3");
Presente : user_pref("CT2604146.RadioLastUpdateServer", "3");
Presente : user_pref("CT2604146.RadioMediaID", "9962");
Presente : user_pref("CT2604146.RadioMediaType", "Media Player");
Presente : user_pref("CT2604146.RadioMenuSelectedID", "EBRadioMenu_CT26041469962");
Presente : user_pref("CT2604146.RadioShrinkedFromSetup", false);
Presente : user_pref("CT2604146.RadioStationName", "California%20Rock");
Presente : user_pref("CT2604146.RadioStationURL", "hxxp://feedlive.net/california.asx");
Presente : user_pref("CT2604146.SHRINK_TOOLBAR", 1);
Presente : user_pref("CT2604146.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Presente : user_pref("CT2604146.SearchEngineBeforeUnload", "Google");
Presente : user_pref("CT2604146.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT2604146.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT260[...]
Presente : user_pref("CT2604146.SearchInNewTabEnabled", true);
Presente : user_pref("CT2604146.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT2604146.SearchInNewTabLastCheckTime", "Thu Jul 07 2011 17:25:09 GMT+0200 (Hora de veran[...]
Presente : user_pref("CT2604146.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT2604146.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Presente : user_pref("CT2604146.SearchProtectorEnabled", false);
Presente : user_pref("CT2604146.SearchProtectorToolbarDisabled", false);
Presente : user_pref("CT2604146.ServiceMapLastCheckTime", "Thu Jul 07 2011 17:25:08 GMT+0200 (Hora de verano ro[...]
Presente : user_pref("CT2604146.SettingsCheckIntervalMin", 120);
Presente : user_pref("CT2604146.SettingsLastCheckTime", "Thu Jul 07 2011 17:25:07 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT2604146.SettingsLastUpdate", "1309695662");
Presente : user_pref("CT2604146.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT2604146.ThirdPartyComponentsLastCheck", "Thu Jul 07 2011 17:25:07 GMT+0200 (Hora de ver[...]
Presente : user_pref("CT2604146.ThirdPartyComponentsLastUpdate", "1246790578");
Presente : user_pref("CT2604146.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2604146");
Presente : user_pref("CT2604146.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Presente : user_pref("CT2604146.Uninstall", true);
Presente : user_pref("CT2604146.UserID", "UN95994283739539097");
Presente : user_pref("CT2604146.ValidationData_Toolbar", 0);
Presente : user_pref("CT2604146.alertChannelId", "996967");
Presente : user_pref("CT2604146.clientLogIsEnabled", true);
Presente : user_pref("CT2604146.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Presente : user_pref("CT2604146.components.1000234", false);
Presente : user_pref("CT2604146.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Presente : user_pref("CT2604146.globalFirstTimeInfoLastCheckTime", "Thu Jul 07 2011 17:25:12 GMT+0200 (Hora de [...]
Presente : user_pref("CT2604146.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT2604146.initDone", true);
Presente : user_pref("CT2604146.isAppTrackingManagerOn", true);
Presente : user_pref("CT2604146.isFirstRadioInstallation", false);
Presente : user_pref("CT2604146.myStuffEnabled", true);
Presente : user_pref("CT2604146.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT2604146.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT2604146.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT2604146.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT2604146.oldAppsList", "129163062159665829,129163062159822081,111,129163062159978333,129[...]
Presente : user_pref("CT2604146.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT2604146.searchProtectorEnableByLogin", true);
Presente : user_pref("CT2604146.testingCtid", "");
Presente : user_pref("CT2604146.toolbarAppMetaDataLastCheckTime", "Thu Jul 07 2011 17:25:11 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2604146.toolbarContextMenuLastCheckTime", "Thu Jul 07 2011 17:25:11 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2604146.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Presente : user_pref("CT2736476..clientLogIsEnabled", true);
Presente : user_pref("CT2736476..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT2736476..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT2736476.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT2736476.CTID", "ct2736476");
Presente : user_pref("CT2736476.CurrentServerDate", "22-10-2011");
Presente : user_pref("CT2736476.DialogsAlignMode", "LTR");
Presente : user_pref("CT2736476.DialogsGetterLastCheckTime", "Sat Oct 22 2011 20:08:21 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT2736476.DownloadReferralCookieData", "");
Presente : user_pref("CT2736476.FeedPollDate129257621460541612", "Sat Oct 22 2011 20:08:18 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2736476.FeedPollDate129257621968979554", "Sat Oct 22 2011 20:08:18 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2736476.FeedPollDate129258323135539557", "Sat Oct 22 2011 20:08:18 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2736476.FirstServerDate", "26-8-2011");
Presente : user_pref("CT2736476.FirstTime", true);
Presente : user_pref("CT2736476.FirstTimeFF3", true);
Presente : user_pref("CT2736476.FixPageNotFoundErrors", true);
Presente : user_pref("CT2736476.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT2736476.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT2736476.HasUserGlobalKeys", true);
Presente : user_pref("CT2736476.Initialize", true);
Presente : user_pref("CT2736476.InitializeCommonPrefs", true);
Presente : user_pref("CT2736476.InstallationAndCookieDataSentCount", 3);
Presente : user_pref("CT2736476.InstallationId", "ConduitStubGeneric");
Presente : user_pref("CT2736476.InstallationType", "ConduitStubIntegration");
Presente : user_pref("CT2736476.InstalledDate", "Fri Aug 26 2011 14:21:28 GMT+0200 (Hora de verano romance)");
Presente : user_pref("CT2736476.IsAlertDBUpdated", true);
Presente : user_pref("CT2736476.IsGrouping", false);
Presente : user_pref("CT2736476.IsInitSetupIni", true);
Presente : user_pref("CT2736476.IsMulticommunity", false);
Presente : user_pref("CT2736476.IsOpenThankYouPage", false);
Presente : user_pref("CT2736476.IsOpenUninstallPage", true);
Presente : user_pref("CT2736476.LanguagePackLastCheckTime", "Fri Aug 26 2011 14:21:33 GMT+0200 (Hora de verano [...]
Presente : user_pref("CT2736476.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT2736476.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT2736476.LastLogin_3.6.0.10", "Fri Aug 26 2011 22:22:41 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2736476.LastLogin_3.7.0.6", "Sat Oct 22 2011 20:08:20 GMT+0200 (Hora de verano romance)[...]
Presente : user_pref("CT2736476.LatestVersion", "3.7.0.6");
Presente : user_pref("CT2736476.Locale", "de");
Presente : user_pref("CT2736476.MCDetectTooltipHeight", "83");
Presente : user_pref("CT2736476.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT2736476.MCDetectTooltipWidth", "295");
Presente : user_pref("CT2736476.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT2736476.OriginalFirstVersion", "3.6.0.10");
Presente : user_pref("CT2736476.RadioIsPodcast", false);
Presente : user_pref("CT2736476.RadioMediaID", "21930450");
Presente : user_pref("CT2736476.RadioMediaType", "Media Player");
Presente : user_pref("CT2736476.RadioMenuSelectedID", "EBRadioMenu_CT273647621930450");
Presente : user_pref("CT2736476.RadioShrinkedFromSetup", false);
Presente : user_pref("CT2736476.RadioStationName", "California%20Rock%20-%20Rock");
Presente : user_pref("CT2736476.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Presente : user_pref("CT2736476.SavedHomepage", "hxxp://www.1234sol.com/");
Presente : user_pref("CT2736476.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT2736476.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT273[...]
Presente : user_pref("CT2736476.SearchInNewTabEnabled", true);
Presente : user_pref("CT2736476.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT2736476.SearchInNewTabLastCheckTime", "Fri Aug 26 2011 14:21:31 GMT+0200 (Hora de veran[...]
Presente : user_pref("CT2736476.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT2736476.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Presente : user_pref("CT2736476.SearchProtectorToolbarDisabled", true);
Presente : user_pref("CT2736476.ServiceMapLastCheckTime", "Sat Oct 22 2011 20:08:16 GMT+0200 (Hora de verano ro[...]
Presente : user_pref("CT2736476.SettingsLastCheckTime", "Fri Aug 26 2011 14:21:28 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT2736476.SettingsLastUpdate", "1314028894");
Presente : user_pref("CT2736476.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT2736476.ThirdPartyComponentsLastCheck", "Fri Aug 26 2011 14:21:27 GMT+0200 (Hora de ver[...]
Presente : user_pref("CT2736476.ThirdPartyComponentsLastUpdate", "1255344657");
Presente : user_pref("CT2736476.ToolbarDisabled", true);
Presente : user_pref("CT2736476.ToolbarShrinkedFromSetup", false);
Presente : user_pref("CT2736476.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2736476");
Presente : user_pref("CT2736476.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Presente : user_pref("CT2736476.UserID", "UN61166362329012572");
Presente : user_pref("CT2736476.alertChannelId", "1128724");
Presente : user_pref("CT2736476.ct2736476.DialogsAlignMode", "LTR");
Presente : user_pref("CT2736476.ct2736476.FeedLastCount129257621460541612", 0);
Presente : user_pref("CT2736476.ct2736476.FeedLastCount129257621968979554", 0);
Presente : user_pref("CT2736476.ct2736476.FeedLastCount129258323135539557", 0);
Presente : user_pref("CT2736476.ct2736476.InvalidateCache", false);
Presente : user_pref("CT2736476.ct2736476.LanguagePackLastCheckTime", "Sat Oct 22 2011 20:08:20 GMT+0200 (Hora [...]
Presente : user_pref("CT2736476.ct2736476.Locale", "de");
Presente : user_pref("CT2736476.ct2736476.RadioLastCheckTime", "Sat Oct 22 2011 20:08:18 GMT+0200 (Hora de vera[...]
Presente : user_pref("CT2736476.ct2736476.RadioLastUpdateIPServer", "3");
Presente : user_pref("CT2736476.ct2736476.RadioLastUpdateServer", "129570411865130000");
Presente : user_pref("CT2736476.ct2736476.SearchInNewTabLastCheckTime", "Sat Oct 22 2011 20:08:20 GMT+0200 (Hor[...]
Presente : user_pref("CT2736476.ct2736476.SettingsLastCheckTime", "Sat Oct 22 2011 20:08:17 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2736476.ct2736476.SettingsLastUpdate", "1314704766");
Presente : user_pref("CT2736476.ct2736476.ThirdPartyComponentsLastCheck", "Sat Oct 22 2011 20:08:16 GMT+0200 (H[...]
Presente : user_pref("CT2736476.ct2736476.ThirdPartyComponentsLastUpdate", "1255344657");
Presente : user_pref("CT2736476.ct2736476.globalFirstTimeInfoLastCheckTime", "Sat Oct 22 2011 20:08:21 GMT+0200[...]
Presente : user_pref("CT2736476.ct2736476.toolbarAppMetaDataLastCheckTime", "Sat Oct 22 2011 20:08:20 GMT+0200 [...]
Presente : user_pref("CT2736476.ct2736476.toolbarContextMenuLastCheckTime", "Sat Oct 22 2011 20:08:20 GMT+0200 [...]
Presente : user_pref("CT2736476.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Presente : user_pref("CT2736476.globalFirstTimeInfoLastCheckTime", "Fri Aug 26 2011 22:22:42 GMT+0200 (Hora de [...]
Presente : user_pref("CT2736476.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT2736476.initDone", true);
Presente : user_pref("CT2736476.isAppTrackingManagerOn", true);
Presente : user_pref("CT2736476.isFirstRadioInstallation", false);
Presente : user_pref("CT2736476.myStuffEnabled", true);
Presente : user_pref("CT2736476.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT2736476.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT2736476.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT2736476.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT2736476.oldAppsList", "129257551953509225,129257551953665476,111,129257617514448028,129[...]
Presente : user_pref("CT2736476.revertSettingsEnabled", true);
Presente : user_pref("CT2736476.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT2736476.searchProtectorEnableByLogin", true);
Presente : user_pref("CT2736476.testingCtid", "");
Presente : user_pref("CT2736476.toolbarAppMetaDataLastCheckTime", "Fri Aug 26 2011 14:21:31 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2736476.toolbarContextMenuLastCheckTime", "Fri Aug 26 2011 14:21:33 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2736476.undefined", "Fri Aug 26 2011 14:21:35 GMT+0200 (Hora de verano romance)");
Presente : user_pref("CT2765711..clientLogIsEnabled", false);
Presente : user_pref("CT2765711..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT2765711..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT2765711.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Presente : user_pref("CT2765711.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT2765711.BrowserCompStateIsOpen_129593631219291263", true);
Presente : user_pref("CT2765711.BrowserCompStateIsOpen_129681714285417717", true);
Presente : user_pref("CT2765711.BrowserCompStateIsOpen_129738909627389163", true);
Presente : user_pref("CT2765711.BrowserCompStateIsOpen_5247764004679560773", true);
Presente : user_pref("CT2765711.CT2765711", "CT2765711");
Presente : user_pref("CT2765711.Chat.Meebo.ServerLastCheckTime", "Fri Aug 12 2011 15:00:33 GMT+0200 (Hora de ve[...]
Presente : user_pref("CT2765711.Chat.Meebo.ServerLastResponseTime", "Fri Aug 12 2011 15:00:34 GMT+0200 (Hora de[...]
Presente : user_pref("CT2765711.Chat.Meebo.rooms.2030dff2c5edb1", 5);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.30plusa87dca4f", 2);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.communitychat7d6a306c", 0);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.entertainmentc0ed09fb", 2);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.health3693b665", 0);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.musicj375cf270", 7);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.newsxu117b840d", 2);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.recreationab17d1f9", 0);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.spirituality39155c53", 1);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.sports522528d3", 5);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.technology8bb9fd5b", 1);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.teenagers833b8249", 0);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.travel8c2e48db", 0);
Presente : user_pref("CT2765711.Chat.Meebo.rooms.videogames2fe066e0", 2);
Presente : user_pref("CT2765711.Chat.ServerLastCheckTime", "Fri Aug 12 2011 15:00:31 GMT+0200 (Hora de verano r[...]
Presente : user_pref("CT2765711.CurrentServerDate", "27-4-2012");
Presente : user_pref("CT2765711.DialogsAlignMode", "LTR");
Presente : user_pref("CT2765711.DialogsGetterLastCheckTime", "Fri Apr 27 2012 16:20:40 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT2765711.DownloadReferralCookieData", "");
Presente : user_pref("CT2765711.FirstServerDate", "12-8-2011");
Presente : user_pref("CT2765711.FirstTime", true);
Presente : user_pref("CT2765711.FirstTimeFF3", true);
Presente : user_pref("CT2765711.FixPageNotFoundErrors", false);
Presente : user_pref("CT2765711.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT2765711.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT2765711.HasUserGlobalKeys", true);
Presente : user_pref("CT2765711.HomePageProtectorEnabled", false);
Presente : user_pref("CT2765711.Initialize", true);
Presente : user_pref("CT2765711.InitializeCommonPrefs", true);
Presente : user_pref("CT2765711.InstallationAndCookieDataSentCount", 3);
Presente : user_pref("CT2765711.InstallationType", "Unknown");
Presente : user_pref("CT2765711.InstalledDate", "Fri Aug 12 2011 15:00:32 GMT+0200 (Hora de verano romance)");
Presente : user_pref("CT2765711.InvalidateCache", false);
Presente : user_pref("CT2765711.IsAlertDBUpdated", true);
Presente : user_pref("CT2765711.IsGrouping", false);
Presente : user_pref("CT2765711.IsInitSetupIni", true);
Presente : user_pref("CT2765711.IsMulticommunity", false);
Presente : user_pref("CT2765711.IsOpenThankYouPage", true);
Presente : user_pref("CT2765711.IsOpenUninstallPage", true);
Presente : user_pref("CT2765711.IsProtectorsInit", true);
Presente : user_pref("CT2765711.LanguagePackLastCheckTime", "Fri Apr 27 2012 09:27:17 GMT+0200 (Hora de verano [...]
Presente : user_pref("CT2765711.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT2765711.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT2765711.LastLogin_3.12.0.7", "Wed Apr 25 2012 13:24:24 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2765711.LastLogin_3.12.2.3", "Fri Apr 27 2012 16:20:40 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2765711.LastLogin_3.6.0.10", "Tue Sep 20 2011 10:54:06 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2765711.LatestVersion", "3.12.2.3");
Presente : user_pref("CT2765711.Locale", "en-us");
Presente : user_pref("CT2765711.MCDetectTooltipHeight", "83");
Presente : user_pref("CT2765711.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT2765711.MCDetectTooltipWidth", "295");
Presente : user_pref("CT2765711.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT2765711.OriginalFirstVersion", "3.6.0.10");
Presente : user_pref("CT2765711.RadioIsPodcast", false);
Presente : user_pref("CT2765711.RadioLastCheckTime", "Tue Sep 20 2011 10:54:05 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2765711.RadioLastUpdateIPServer", "3");
Presente : user_pref("CT2765711.RadioLastUpdateServer", "3");
Presente : user_pref("CT2765711.RadioMediaID", "9962");
Presente : user_pref("CT2765711.RadioMediaType", "Media Player");
Presente : user_pref("CT2765711.RadioMenuSelectedID", "EBRadioMenu_CT27657119962");
Presente : user_pref("CT2765711.RadioShrinkedFromSetup", false);
Presente : user_pref("CT2765711.RadioStationName", "California%20Rock");
Presente : user_pref("CT2765711.RadioStationURL", "hxxp://feedlive.net/california.asx");
Presente : user_pref("CT2765711.SearchEngineBeforeUnload", "Google");
Presente : user_pref("CT2765711.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT2765711.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT276[...]
Presente : user_pref("CT2765711.SearchInNewTabEnabled", true);
Presente : user_pref("CT2765711.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT2765711.SearchInNewTabLastCheckTime", "Fri Apr 27 2012 09:27:18 GMT+0200 (Hora de veran[...]
Presente : user_pref("CT2765711.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT2765711.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Presente : user_pref("CT2765711.SearchProtectorEnabled", false);
Presente : user_pref("CT2765711.SearchProtectorToolbarDisabled", true);
Presente : user_pref("CT2765711.ServiceMapLastCheckTime", "Fri Apr 27 2012 09:27:17 GMT+0200 (Hora de verano ro[...]
Presente : user_pref("CT2765711.SettingsLastCheckTime", "Fri Apr 27 2012 16:20:34 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT2765711.SettingsLastUpdate", "1332161932");
Presente : user_pref("CT2765711.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT2765711.ThirdPartyComponentsLastCheck", "Tue Sep 20 2011 10:54:03 GMT+0200 (Hora de ver[...]
Presente : user_pref("CT2765711.ThirdPartyComponentsLastUpdate", "1312887586");
Presente : user_pref("CT2765711.ToolbarDisabled", true);
Presente : user_pref("CT2765711.ToolbarShrinkedFromSetup", false);
Presente : user_pref("CT2765711.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2765711");
Presente : user_pref("CT2765711.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Presente : user_pref("CT2765711.UserID", "UN95954063090179165");
Presente : user_pref("CT2765711.alertChannelId", "1157832");
Presente : user_pref("CT2765711.components.1000034", false);
Presente : user_pref("CT2765711.components.1000234", false);
Presente : user_pref("CT2765711.components.1000515", false);
Presente : user_pref("CT2765711.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Presente : user_pref("CT2765711.globalFirstTimeInfoLastCheckTime", "Tue Sep 20 2011 10:54:06 GMT+0200 (Hora de [...]
Presente : user_pref("CT2765711.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT2765711.initDone", true);
Presente : user_pref("CT2765711.isAppTrackingManagerOn", true);
Presente : user_pref("CT2765711.isFirstRadioInstallation", false);
Presente : user_pref("CT2765711.myStuffEnabled", true);
Presente : user_pref("CT2765711.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT2765711.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT2765711.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT2765711.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT2765711.oldAppsList", "129279218435538092,129279218435694344,111,5247764004679560773,12[...]
Presente : user_pref("CT2765711.revertSettingsEnabled", true);
Presente : user_pref("CT2765711.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT2765711.searchProtectorEnableByLogin", true);
Presente : user_pref("CT2765711.testingCtid", "");
Presente : user_pref("CT2765711.toolbarAppMetaDataLastCheckTime", "Fri Apr 27 2012 09:27:17 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2765711.toolbarContextMenuLastCheckTime", "Tue Sep 20 2011 10:54:06 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2851619..clientLogIsEnabled", false);
Presente : user_pref("CT2851619..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Presente : user_pref("CT2851619..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Presente : user_pref("CT2851619.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Presente : user_pref("CT2851619.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Presente : user_pref("CT2851619.CTID", "CT2851619");
Presente : user_pref("CT2851619.CurrentServerDate", "27-4-2012");
Presente : user_pref("CT2851619.DialogsAlignMode", "LTR");
Presente : user_pref("CT2851619.DialogsGetterLastCheckTime", "Fri Apr 27 2012 16:20:35 GMT+0200 (Hora de verano[...]
Presente : user_pref("CT2851619.DownloadReferralCookieData", "");
Presente : user_pref("CT2851619.EMailNotifierPollDate", "Thu Dec 30 2010 18:30:04 GMT+0100");
Presente : user_pref("CT2851619.FeedLastCount7385351973121203554", 183);
Presente : user_pref("CT2851619.FeedPollDate129351507549806741", "Thu Dec 30 2010 18:25:04 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119247", "Thu Dec 30 2010 18:25:04 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119253", "Thu Dec 30 2010 18:25:04 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119259", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119265", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119271", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119277", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119283", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119289", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119295", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedPollDate129351507550119301", "Thu Dec 30 2010 18:25:05 GMT+0100");
Presente : user_pref("CT2851619.FeedTTL129351507549806741", 10);
Presente : user_pref("CT2851619.FeedTTL129351507550119265", 15);
Presente : user_pref("CT2851619.FeedTTL129351507550119277", 5);
Presente : user_pref("CT2851619.FeedTTL129351507550119289", 5);
Presente : user_pref("CT2851619.FirstServerDate", "30-12-2010");
Presente : user_pref("CT2851619.FirstTime", true);
Presente : user_pref("CT2851619.FirstTimeFF3", true);
Presente : user_pref("CT2851619.FixPageNotFoundErrors", false);
Presente : user_pref("CT2851619.GroupingServerCheckInterval", 1440);
Presente : user_pref("CT2851619.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Presente : user_pref("CT2851619.HasUserGlobalKeys", true);
Presente : user_pref("CT2851619.Initialize", true);
Presente : user_pref("CT2851619.InitializeCommonPrefs", true);
Presente : user_pref("CT2851619.InstallationAndCookieDataSentCount", 3);
Presente : user_pref("CT2851619.InstallationType", "UnknownIntegration");
Presente : user_pref("CT2851619.InstalledDate", "Thu Dec 30 2010 18:25:04 GMT+0100");
Presente : user_pref("CT2851619.IsGrouping", false);
Presente : user_pref("CT2851619.IsMulticommunity", false);
Presente : user_pref("CT2851619.IsOpenThankYouPage", true);
Presente : user_pref("CT2851619.IsOpenUninstallPage", false);
Presente : user_pref("CT2851619.LanguagePackLastCheckTime", "Fri Apr 27 2012 09:27:16 GMT+0200 (Hora de verano [...]
Presente : user_pref("CT2851619.LanguagePackReloadIntervalMM", 1440);
Presente : user_pref("CT2851619.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Presente : user_pref("CT2851619.LastLogin_3.12.0.7", "Wed Apr 25 2012 13:24:20 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2851619.LastLogin_3.12.2.3", "Fri Apr 27 2012 16:20:34 GMT+0200 (Hora de verano romance[...]
Presente : user_pref("CT2851619.LastLogin_3.2.5.2", "Fri Dec 31 2010 13:17:47 GMT+0100");
Presente : user_pref("CT2851619.LatestVersion", "3.12.2.3");
Presente : user_pref("CT2851619.Locale", "es");
Presente : user_pref("CT2851619.MCDetectTooltipHeight", "83");
Presente : user_pref("CT2851619.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Presente : user_pref("CT2851619.MCDetectTooltipWidth", "295");
Presente : user_pref("CT2851619.MyStuffEnabledAtInstallation", true);
Presente : user_pref("CT2851619.SHRINK_TOOLBAR", 1);
Presente : user_pref("CT2851619.SearchBoxWidth", 266);
Presente : user_pref("CT2851619.SearchFromAddressBarIsInit", true);
Presente : user_pref("CT2851619.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Presente : user_pref("CT2851619.SearchInNewTabEnabled", true);
Presente : user_pref("CT2851619.SearchInNewTabIntervalMM", 1440);
Presente : user_pref("CT2851619.SearchInNewTabLastCheckTime", "Fri Apr 27 2012 09:27:17 GMT+0200 (Hora de veran[...]
Presente : user_pref("CT2851619.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Presente : user_pref("CT2851619.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Presente : user_pref("CT2851619.SearchProtectorToolbarDisabled", true);
Presente : user_pref("CT2851619.ServiceMapLastCheckTime", "Fri Apr 27 2012 09:27:16 GMT+0200 (Hora de verano ro[...]
Presente : user_pref("CT2851619.SettingsLastCheckTime", "Fri Apr 27 2012 16:20:31 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("CT2851619.SettingsLastUpdate", "1334667407");
Presente : user_pref("CT2851619.ThirdPartyComponentsInterval", 504);
Presente : user_pref("CT2851619.ThirdPartyComponentsLastCheck", "Thu Dec 30 2010 18:25:03 GMT+0100");
Presente : user_pref("CT2851619.ThirdPartyComponentsLastUpdate", "1255523270");
Presente : user_pref("CT2851619.ToolbarDisabled", true);
Presente : user_pref("CT2851619.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851619");
Presente : user_pref("CT2851619.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Presente : user_pref("CT2851619.UserID", "UN35404110299853353");
Presente : user_pref("CT2851619.ValidationData_Toolbar", 2);
Presente : user_pref("CT2851619.WeatherNetwork", "");
Presente : user_pref("CT2851619.WeatherPollDate", "Thu Dec 30 2010 18:25:10 GMT+0100");
Presente : user_pref("CT2851619.WeatherUnit", "C");
Presente : user_pref("CT2851619.alertChannelId", "1243654");
Presente : user_pref("CT2851619.components.1000034", false);
Presente : user_pref("CT2851619.components.1000234", false);
Presente : user_pref("CT2851619.components.129351507536056632", false);
Presente : user_pref("CT2851619.components.129351507536681634", false);
Presente : user_pref("CT2851619.components.129351507536837885", false);
Presente : user_pref("CT2851619.components.129351507538556665", false);
Presente : user_pref("CT2851619.components.129351507538712916", false);
Presente : user_pref("CT2851619.components.7385351973121203554", false);
Presente : user_pref("CT2851619.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Presente : user_pref("CT2851619.homepageProtectorEnableByLogin", true);
Presente : user_pref("CT2851619.initDone", true);
Presente : user_pref("CT2851619.myStuffEnabled", true);
Presente : user_pref("CT2851619.myStuffPublihserMinWidth", 400);
Presente : user_pref("CT2851619.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Presente : user_pref("CT2851619.myStuffServiceIntervalMM", 1440);
Presente : user_pref("CT2851619.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Presente : user_pref("CT2851619.revertSettingsEnabled", true);
Presente : user_pref("CT2851619.searchProtectorDialogDelayInSec", 10);
Presente : user_pref("CT2851619.searchProtectorEnableByLogin", true);
Presente : user_pref("CT2851619.testingCtid", "");
Presente : user_pref("CT2851619.toolbarAppMetaDataLastCheckTime", "Fri Apr 27 2012 09:27:16 GMT+0200 (Hora de v[...]
Presente : user_pref("CT2851619.toolbarContextMenuLastCheckTime", "Thu Dec 30 2010 18:25:07 GMT+0100");
Presente : user_pref("CT2851619.usagesFlag", 2);
Presente : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2851619,CT1854633");
Presente : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2736476&Search[...]
Presente : user_pref("CommunityToolbar.ConduitSearchList", "Freeware.de Customized Web Search");
Presente : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2765711/CT2765711[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851619/CT2851619[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=45380&fid=44857", "\"0\"");
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=909619&fid=905414", "\"0\""[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1157832/1153519/ES", "\"0\"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243654/1239327/ES", "\"0\"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/130890/130100/ES", "\"0\"")[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/ES", "\"0\"");
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/ES", "\"0\"")[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/996967/992686/ES", "\"0\"")[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT127144", "[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1854633", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2604146", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2736476", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2765711", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851619", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2319825", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2724386", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2736476", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.7.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1854633",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2604146",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2736476",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2765711",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851619",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT127144&octid=C[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2319825&octid=[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2736476&octid=[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2765711&octid=[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2319825&octid=[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2736476&octid=[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1854633/CT1854633[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2604146/CT2604146[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2724386/CT2724386[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851619/CT2851619[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2724386/CT2724386[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/pause_min[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/Idle.GIF", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/mini.gif", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/play.gif", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/stop.gif", [...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/volume.gif"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"08b[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=es", "\"9a2[...]
Presente : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16332734.xml", "\"3f9442696718299f16a[...]
Presente : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Presente : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Presente : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Presente : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Presente : user_pref("CommunityToolbar.IsEngineShown", false);
Presente : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Presente : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\ALF\\AppData\\Roaming\\Mozilla\\Fir[...]
Presente : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Presente : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://cap1stg.conduit-apps.com/Apps/Spilgames/[...]
Presente : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1060933");
Presente : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{1392b8d2-5c05-419f-a8f6-b9f15a596612}");
Presente : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "freecorder");
Presente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredimail.com/?loc=ff_a[...]
Presente : user_pref("CommunityToolbar.ToolbarsList", "CT127144,ConduitEngine,CT2851619,CT1854633,CT2604146,CT2[...]
Presente : user_pref("CommunityToolbar.ToolbarsList2", "CT127144,CT2851619,CT1854633,CT2604146,CT2765711,CT2736[...]
Presente : user_pref("CommunityToolbar.ToolbarsList4", "CT2765711,CT2736476");
Presente : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Apr 18 2011 16:50:14 GMT+02[...]
Presente : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Presente : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 19 2011 09:22:05 GMT+0200 (Hora [...]
Presente : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Presente : user_pref("CommunityToolbar.alert.locale", "en");
Presente : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Presente : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jun 25 2011 23:22:42 GMT+0200 (Hora de v[...]
Presente : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Presente : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Presente : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Presente : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Presente : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Presente : user_pref("CommunityToolbar.alert.userId", "6a2b28e6-e13d-460a-b814-2884e32b6d55");
Presente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Sep 17 2011 23:28:07 GMT+0200 (Hor[...]
Presente : user_pref("CommunityToolbar.globalUserId", "6702e9cf-f890-4424-9bb3-b5b031c3f118");
Presente : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Presente : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Presente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1854633");
Presente : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Oct 22 2011 20:08:1[...]
Presente : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Presente : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Presente : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Aug 12 2011 15:00:40 GMT+020[...]
Presente : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Presente : user_pref("CommunityToolbar.notifications.locale", "en");
Presente : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Presente : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Oct 22 2011 20:08:18 GMT+0200 (H[...]
Presente : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Presente : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Presente : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Presente : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Presente : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Presente : user_pref("CommunityToolbar.notifications.userId", "ae5aff8e-2c51-47a2-b25d-d5b4c1073a48");
Presente : user_pref("CommunityToolbar.twitter.user_16332734.LastCheckTime", "Thu Jul 07 2011 20:26:09 GMT+0200[...]
Presente : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Jun 16 2011 22:25:28 GMT+0200 (Hora de vera[...]
Presente : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 23 2011 21:38:26 GMT+0200 (Hora de ve[...]
Presente : user_pref("ConduitEngine.FirstServerDate", "12/27/2010 21");
Presente : user_pref("ConduitEngine.FirstTime", true);
Presente : user_pref("ConduitEngine.FirstTimeFF3", true);
Presente : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Presente : user_pref("ConduitEngine.HideEngineAfterRestart", false);
Presente : user_pref("ConduitEngine.Initialize", true);
Presente : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Presente : user_pref("ConduitEngine.InstalledDate", "Mon Dec 27 2010 19:06:41 GMT+0100");
Presente : user_pref("ConduitEngine.IsMulticommunity", false);
Presente : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Presente : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Presente : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Apr 26 2011 14:03:11 GMT+0200 (Hora de ver[...]
Presente : user_pref("ConduitEngine.LastLogin_3.2.1.3", "Mon Dec 27 2010 19:06:45 GMT+0100");
Presente : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue Apr 26 2011 14:03:11 GMT+0200 (Hora de verano roma[...]
Presente : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Presente : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Presente : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Apr 26 2011 17:20:02 GMT+0200 (Hora de verano [...]
Presente : user_pref("ConduitEngine.UserID", "UN45496198082096042");
Presente : user_pref("ConduitEngine.engineLocale", "en-GB");
Presente : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Apr 26 2011 14:03:11 GMT+0200 (Hora [...]
Presente : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue Apr 26 2011 14:03:11 GMT+0200 (Hora[...]
Presente : user_pref("ConduitEngine.initDone", true);
Presente : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Presente : user_pref("ConduitEngine.usagesFlag", 2);
Presente : user_pref("browser.search.defaultengine", "Ask.com");
Presente : user_pref("browser.search.defaultthis.engineName", "Freeware.de Customized Web Search");
Presente : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&Sea[...]
Presente : user_pref("browser.search.order.1", "Ask.com");
Presente : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Presente : user_pref("extensions.BabylonToolbar_i.babExt", "");
Presente : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111304");
Presente : user_pref("extensions.BabylonToolbar_i.hardId", "7a93f7d200000000000022234d6aafb3");
Presente : user_pref("extensions.BabylonToolbar_i.id", "7a93f7d200000000000022234d6aafb3");
Presente : user_pref("extensions.BabylonToolbar_i.instlDay", "15417");
Presente : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Presente : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Presente : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Presente : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Presente : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Presente : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Presente : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Presente : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1710:27:38");
Presente : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Presente : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Presente : user_pref("extensions.toolbar@ask.com.install-event-fired", true);

-\\ Google Chrome v [Imposible obtener la versión]

Fichero : C:\Users\ALF\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Chromium v: {
        show_on_all_tabs: true
    }

Fichero : C:\Users\ALF\AppData\Local\Chromium\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [82375 octets] - [05/02/2013 11:38:52]
AdwCleaner[R2].txt - [82305 octets] - [05/02/2013 11:43:49]

########## EOF - C:\AdwCleaner[R2].txt - [82366 octets] ##########
         
--- --- ---

Alt 05.02.2013, 20:59   #9
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



adw Cleaner loeschen und neu runterladen und anweisungen folgen!

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
Mfg, t'john
Das TB unterstützen

Alt 06.02.2013, 17:34   #10
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



PluginCheck

Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen.
Überprüft wird: Browser, Flash, Java und Adobe Reader Version.

Firefox 18.0 ist aktuell

Flash (11,5,502,146) ist aktuell.

Java (1,7,0,13) ist aktuell.

undefined



Zurück

Tools:

StartSeite
PluginCheck
Secunia Online Scan

Weiterführendes:

Java Updaten und Einstellen

Secunia Personal Software Inspector (PSI)

Family:

TR/Agent




Plug-In in Firefox istdeaktiviert (das Java-Toolkit nicht ).

Bildschirminhalt nach Deaktivierung von Java:



PluginCheck

Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen.
Überprüft wird: Browser, Flash, Java und Adobe Reader Version.

Firefox 18.0 ist aktuell

Flash (11,5,502,146) ist aktuell.

Java ist Installiert aber nicht aktiviert.

undefined



Zurück

Tools:

StartSeite
PluginCheck
Secunia Online Scan

Weiterführendes:

Java Updaten und Einstellen

Secunia Personal Software Inspector (PSI)


Family:

TR/Agent
Ghostery has found the following on this page:Google Analytics

Die Logs nach AdwCleaner Anwendung:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.111 - Fichero creado el 06/02/2013 a 17:39:08
# Actualizado el 05/02/2013 por Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuario : ALF - ALF-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\ALF\Desktop\Data In\adwcleaner.exe
# Opción [Búsqueda]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****


***** [Navegadores] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Mozilla Firefox v18.0.1 (en-GB)

Fichero : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\prefs.js

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Google Chrome v [Imposible obtener la versión]

Fichero : C:\Users\ALF\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Chromium v: {
        show_on_all_tabs: true
    }

Fichero : C:\Users\ALF\AppData\Local\Chromium\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [82375 octets] - [05/02/2013 11:38:52]
AdwCleaner[R2].txt - [82436 octets] - [05/02/2013 11:43:49]
AdwCleaner[R3].txt - [1276 octets] - [06/02/2013 17:39:08]
AdwCleaner[S1].txt - [83878 octets] - [05/02/2013 11:44:34]

########## EOF - C:\AdwCleaner[R3].txt - [1397 octets] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.111 - Fichero creado el 06/02/2013 a 17:40:44
# Actualizado el 05/02/2013 por Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuario : ALF - ALF-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\ALF\Desktop\Data In\adwcleaner.exe
# Opción [Supresión]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****


***** [Navegadores] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Mozilla Firefox v18.0.1 (en-GB)

Fichero : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\prefs.js

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Google Chrome v [Imposible obtener la versión]

Fichero : C:\Users\ALF\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Chromium v: {
        show_on_all_tabs: true
    }

Fichero : C:\Users\ALF\AppData\Local\Chromium\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [82375 octets] - [05/02/2013 11:38:52]
AdwCleaner[R2].txt - [82436 octets] - [05/02/2013 11:43:49]
AdwCleaner[R3].txt - [1466 octets] - [06/02/2013 17:39:08]
AdwCleaner[S1].txt - [83878 octets] - [05/02/2013 11:44:34]
AdwCleaner[S2].txt - [1398 octets] - [06/02/2013 17:40:44]

########## EOF - C:\AdwCleaner[S2].txt - [1458 octets] ##########
         
--- --- ---

Der sagt "[OK] El fichero no contiene ninguna entrada ilegítima." - Alsomüsste es ja jetzt Ok sein - oder ?

Alt 07.02.2013, 00:52   #11
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Sehr gut!

damit bist Du sauber und entlassen!

adwCleaner entfernen

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Uninstall.
  • Bestätige mit Ja.




Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html


Systemwiederherstellungen leeren

Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein:
Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7
Danach wieder aktivieren.



Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html
http://www.trojaner-board.de/109844-...ren-seite.html
PC wird immer langsamer - was tun?
__________________
Mfg, t'john
Das TB unterstützen

Alt 07.02.2013, 13:51   #12
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Hier isses...AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.111 - Fichero creado el 07/02/2013 a 13:42:07
# Actualizado el 05/02/2013 por Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
# Usuario : ALF - ALF-PC
# Modo de inicio : Normal
# Ejecutado desde : C:\Users\ALF\Desktop\Data In\adwcleaner.exe
# Opción [Supresión]


***** [Servicios] *****


***** [Ficheros / Carpetas] *****


***** [Registro] *****


***** [Navegadores] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] El registro no contiene ninguna entrada ilegítima.

-\\ Mozilla Firefox v18.0.1 (en-GB)

Fichero : C:\Users\ALF\AppData\Roaming\Mozilla\Firefox\Profiles\3xr45n3g.default\prefs.js

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Google Chrome v [Imposible obtener la versión]

Fichero : C:\Users\ALF\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

-\\ Chromium v: {
        show_on_all_tabs: true
    }

Fichero : C:\Users\ALF\AppData\Local\Chromium\User Data\Default\Preferences

[OK] El fichero no contiene ninguna entrada ilegítima.

*************************

AdwCleaner[R1].txt - [82375 octets] - [05/02/2013 11:38:52]
AdwCleaner[R2].txt - [82436 octets] - [05/02/2013 11:43:49]
AdwCleaner[R3].txt - [1466 octets] - [06/02/2013 17:39:08]
AdwCleaner[R4].txt - [1586 octets] - [07/02/2013 13:41:07]
AdwCleaner[S1].txt - [83878 octets] - [05/02/2013 11:44:34]
AdwCleaner[S2].txt - [1527 octets] - [06/02/2013 17:40:44]
AdwCleaner[S3].txt - [1518 octets] - [07/02/2013 13:42:07]

########## EOF - C:\AdwCleaner[S3].txt - [1578 octets] ##########
         
--- --- ---

Nochmals HERZLICHSTEN DANK !!! für Deine Hilfe !!!

Alt 07.02.2013, 18:24   #13
t'john
/// Helfer-Team
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



wir wuenschen eine virenfreie Zeit
__________________
Mfg, t'john
Das TB unterstützen

Alt 08.02.2013, 15:10   #14
ALF-VIR
 
In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Standard

In Firefox öffnet sich neues Fenster ( mit Wikipedia )



Gleichfalls ! ...und vielen Dank noch 'mal !

Antwort

Themen zu In Firefox öffnet sich neues Fenster ( mit Wikipedia )
adobe, adobe flash player, appdata, code, crypt, down, explorer.exe, firefox, flash player, gmer, harddisk, ntdll.dll, port, problem, registry, rundll, rundll32.exe, scan, service.exe, software, system, system32, temp, toshiba, windows, öffnet



Ähnliche Themen: In Firefox öffnet sich neues Fenster ( mit Wikipedia )


  1. Firefox öffnet bei Aktion neues Fenster mit Werbung bzw unerwünschter Seite
    Plagegeister aller Art und deren Bekämpfung - 11.09.2015 (8)
  2. neues Fenster und Werbung öffnet sich in Chrome ungefragt
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (41)
  3. Win 8 64bit Laptop öffnet 3-4 Fenster im FireFox und der Mauszeiger bewegt sich von allein.
    Log-Analyse und Auswertung - 20.11.2014 (10)
  4. windows 7 Firefox: My search öffnet sich als Fenster
    Log-Analyse und Auswertung - 09.09.2014 (7)
  5. regclean pro öffnet ständig neues fenster, das nicht mehr verschwindet!
    Plagegeister aller Art und deren Bekämpfung - 09.06.2014 (11)
  6. Neues Firefoc-Fenster von Seitensprungarea.com öffnet sich
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (3)
  7. Zweites Fenster öffnet sich bei Firefox -appround.biz-Was ist das?
    Plagegeister aller Art und deren Bekämpfung - 29.03.2013 (7)
  8. Ein Neues Fenster öffnet sich bei Firefox
    Log-Analyse und Auswertung - 21.02.2013 (17)
  9. Firefox öffnet neues Fenster mit Werbung
    Mülltonne - 14.07.2011 (1)
  10. Firefox öffnet neues Fenster, Verlinkungen auf falsche Webseiten, Bluescreen, PC-langsam
    Log-Analyse und Auswertung - 06.07.2011 (30)
  11. Firefox öffnet ständig neues Fenster mit 4 Tabs
    Plagegeister aller Art und deren Bekämpfung - 02.07.2011 (2)
  12. IE öffnet immer mal ein neues Fenster!
    Plagegeister aller Art und deren Bekämpfung - 22.11.2010 (6)
  13. Firefox öffnet immer neues Fenster mit Werbung
    Log-Analyse und Auswertung - 15.04.2009 (1)
  14. Firefox öffnet neues Fenster mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 18.12.2008 (6)
  15. Firefox öffnet neues Fenster mit Werbung/ stürzt bei mehreren Fenstern ab
    Log-Analyse und Auswertung - 24.07.2008 (1)
  16. Firefox öffnet neues Fenster mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 22.06.2008 (10)
  17. Öffnet sich selbstständig ein neues Fenster
    Log-Analyse und Auswertung - 12.01.2005 (5)

Zum Thema In Firefox öffnet sich neues Fenster ( mit Wikipedia ) - Hi und guten Abend ! Nach den vorliegenden Anweisungen habe ich "gmer" laufen lassen und poste den Log-file. Das Problem ist, dass ( vermutlich nach einer Aktualisierung von Adobe Flash - In Firefox öffnet sich neues Fenster ( mit Wikipedia )...
Archiv
Du betrachtest: In Firefox öffnet sich neues Fenster ( mit Wikipedia ) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.