Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Coupondropdown

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.02.2013, 12:54   #1
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



hallo bin neu hier und hab ein problem mit Coupondropdown.

Hab mir schon Malwarebytes runtergeladen und lass es gerade durchlaufen!

adwcleaner0 hab ich auch schon runtergeladen sowie OTL!

installier zuerst mal alles!

Alt 22.02.2013, 13:44   #2
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hi,

have a look at Remove the CouponDropDown Adware (Uninstall Guide)...

Lass MAM nach update im Fullscan-Mode laufen, Log posten...

chris
__________________

__________________

Alt 22.02.2013, 17:14   #3
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



irgendwie beendet er den suchlauf nicht Malwarebytes nicht!

es kommt dann ein blauer display und irgendwas läd dann bis 100 und dann macht er einen neustart
__________________

Alt 22.02.2013, 18:19   #4
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hi,

seltsam, erstelle und poste ersteinmal ein OTL-Log...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Geändert von Chris4You (22.02.2013 um 18:32 Uhr)

Alt 22.02.2013, 22:11   #5
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



bekomme nur einen quick scan durch

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 22.02.2013 22:09:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ASUS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 47,28% Memory free
6,19 Gb Paging File | 4,61 Gb Available in Paging File | 74,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 82,58 Gb Free Space | 46,17% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 103,18 Gb Free Space | 86,54% Space Free | Partition Type: NTFS
 
Computer Name: FUXI | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe (Adobe Systems, Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
PRC - C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\HControlUser.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\libcef.dll ()
MOD - C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.WinForms.dll ()
MOD - C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
MOD - C:\Program Files\ATK Hotkey\HControlUser.exe ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ATK Hotkey\MsgTran.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (0062091355493512mcinstcleanup) -- C:\Windows\TEMP\006209~1.EXE File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (dgdersvc) -- C:\Windows\System32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (FsUsbExDisk) -- C:\Windows\system32\FsUsbExDisk.SYS File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (cpuz132) -- C:\Users\ASUS\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (MpKsl8acc88d1) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2DB3697-D52C-4557-B794-A5B1912E4550}\MpKsl8acc88d1.sys (Microsoft Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (dgderdrv) -- C:\Windows\System32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=182ae4c0-421b-11e1-803c-d28d2f004551&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263
IE - HKCU\..\SearchScopes\{b167b83b-348e-4f8a-a00d-693f28ede787}: "URL" = hxxp://search.expatshield.com/g/results.php?c=s&q={searchTerms}
IE - HKCU\..\SearchScopes\{B7719148-62EC-4539-80C0-48AEAB3C866F}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Expat Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.oe3.at"
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:7.6.0.2
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: greenwebplayer%40greentube.com:1.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7Ba060276a-53be-45ec-8ebe-b94b1e803179%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\ASUS\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ASUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\ASUS\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.21 15:46:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.02.12 23:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.21 00:49:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.19 23:01:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.20 19:59:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.02.21 15:22:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.21 15:23:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.19 23:01:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.20 19:59:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.02.21 15:22:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.21 15:23:00 | 000,000,000 | ---D | M]
 
[2012.02.15 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2012.02.15 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2013.02.14 11:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions
[2011.02.16 01:28:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.17 14:25:21 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(49)
[2012.12.01 02:40:49 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013.02.14 11:35:14 | 000,000,000 | ---D | M] (Expat Shield Community Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
[2011.03.31 22:07:07 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\engine@conduit.com
[2013.01.03 19:24:35 | 000,000,000 | ---D | M] ("GreenWebPlayer") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\greenwebplayer@greentube.com
[2011.07.27 14:11:36 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\support@predictad.com
[2012.11.15 18:30:12 | 000,214,020 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\socksharedownloader@socksharedownloader.com.xpi
[2011.08.27 19:17:45 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\youtube2mp3@mondayx.de.xpi
[2012.12.11 18:56:44 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 11:43:35 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.05 18:15:28 | 000,242,136 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011.10.02 17:45:52 | 000,000,927 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\conduit.xml
[2011.02.16 00:47:33 | 000,002,342 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icq-search.xml
[2011.03.09 16:06:04 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-1.xml
[2011.03.28 13:00:35 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-2.xml
[2011.04.15 02:00:27 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-3.xml
[2011.11.08 18:05:46 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-4.xml
[2012.08.02 21:36:23 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-5.xml
[2011.03.30 13:14:34 | 000,001,042 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin.xml
[2012.01.18 22:26:54 | 000,000,792 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\startsear.xml
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.19 23:01:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.21 00:49:08 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.21 15:46:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013.02.19 23:01:56 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.08.03 14:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2013.02.08 04:55:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.08 04:55:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.02.08 04:55:38 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.02.01 04:16:53 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2010.02.01 04:16:53 | 000,001,963 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.xml
[2013.02.08 04:55:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.08 04:55:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.08 04:55:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.11.17 10:47:56 | 000,434,016 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: ::1	localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	全讯网,博彩优æƒ*,皇å†*æ*£ç½‘cr67com,皇å†*比分,皇å†*即时指数,太阳城代理112scg,tt娱乐城8bc8,网上真钱娱
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1	100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 14940 more lines...
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files\SockshareDownloader\smarterdownloader.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TaskTray]  File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Spotify] "C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm File not found
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.15.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.153.32.129 213.153.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D827FF7B-104B-418D-88A8-286EF2737543}: DhcpNameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D98009D2-C8C2-4FFD-80F6-F9982BD69DA1}: DhcpNameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3759B92-3389-493E-AFDB-36DC3BFFB67C}: DhcpNameServer = 213.153.32.129 213.153.32.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{68ef0606-b344-11de-ae7c-9e7336002150}\Shell - "" = AutoRun
O33 - MountPoints2\{68ef0606-b344-11de-ae7c-9e7336002150}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{9d7916b7-5fce-11df-95e9-0aeb2e000433}\Shell\AutoRun\command - "" = F:\Install.exe
O33 - MountPoints2\{9d7916b7-5fce-11df-95e9-0aeb2e000433}\Shell\menu1\command - "" = F:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.22 12:14:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2013.02.22 00:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.22 00:04:30 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.21 16:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.02.21 16:42:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.02.21 15:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.02.20 17:57:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\IsolatedStorage
[2013.02.20 17:57:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Medion
[2013.02.20 17:57:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\MEDION
[2013.02.20 17:27:40 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.20 17:27:09 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.20 17:27:09 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.20 17:27:09 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.19 23:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.14 11:18:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.14 11:18:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.14 11:18:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.14 11:18:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.14 11:18:15 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.14 11:18:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.14 11:18:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.14 11:18:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.14 10:29:07 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.14 10:29:06 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.14 10:29:00 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.14 10:29:00 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.12 23:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.02.12 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.02.10 19:24:41 | 016,365,936 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.02.10 19:23:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.22 22:09:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.22 22:05:55 | 000,214,694 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.02.22 22:05:43 | 000,214,694 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013.02.22 22:05:25 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 22:05:25 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 22:05:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.22 22:05:12 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.22 17:45:39 | 000,677,300 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.22 17:45:39 | 000,637,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.22 17:45:39 | 000,146,836 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.22 17:45:39 | 000,120,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.22 17:29:59 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2593200360-2997682069-409558613-1000UA.job
[2013.02.22 17:05:20 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.02.22 14:22:37 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2013.02.22 14:15:00 | 514,453,561 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.22 12:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2013.02.22 12:06:07 | 000,587,671 | ---- | M] () -- C:\Users\ASUS\Desktop\adwcleaner0.exe
[2013.02.22 00:04:43 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.21 23:30:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2593200360-2997682069-409558613-1000Core.job
[2013.02.20 17:59:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2013.02.20 17:26:57 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.20 17:26:53 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.20 17:26:53 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.20 17:26:53 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.20 17:26:52 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013.02.20 17:26:51 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.02.20 17:16:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2013.02.20 14:08:02 | 000,007,808 | ---- | M] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2013.02.14 11:37:17 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.14 11:37:17 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.14 11:32:09 | 001,796,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.12 23:08:32 | 000,001,158 | ---- | M] () -- C:\Users\ASUS\Desktop\Free YouTube to MP3 Converter.lnk
[2013.02.10 19:24:42 | 016,365,936 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.02.10 19:23:09 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.02.10 19:23:09 | 000,001,878 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.30 02:17:53 | 000,115,847 | ---- | M] () -- C:\Users\ASUS\Desktop\dani low lol.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.22 14:22:37 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013.02.22 12:05:35 | 000,587,671 | ---- | C] () -- C:\Users\ASUS\Desktop\adwcleaner0.exe
[2013.02.22 02:40:50 | 514,453,561 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.22 00:04:43 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.20 17:59:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2013.02.20 17:59:04 | 000,002,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2013.02.20 17:16:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2013.02.12 23:08:32 | 000,001,158 | ---- | C] () -- C:\Users\ASUS\Desktop\Free YouTube to MP3 Converter.lnk
[2013.02.10 19:23:09 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.02.10 19:22:46 | 000,001,878 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.29 23:27:31 | 000,115,847 | ---- | C] () -- C:\Users\ASUS\Desktop\dani low lol.jpg
[2012.01.12 16:54:56 | 000,056,903 | ---- | C] () -- C:\Users\ASUS\iphone_weiss-6c3408a89806dac4.jpg
[2012.01.12 00:02:29 | 000,000,844 | ---- | C] () -- C:\Users\ASUS\.recently-used.xbel
[2011.04.11 22:10:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.08 13:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.08 13:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.08 13:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.08 13:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.26 04:59:33 | 000,150,468 | ---- | C] () -- C:\Users\ASUS\798.jpg
[2009.12.17 13:43:04 | 000,007,808 | ---- | C] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2009.10.25 14:24:35 | 000,000,353 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\burnaware.ini
[2009.06.17 22:47:12 | 000,068,096 | ---- | C] () -- C:\Users\ASUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.17 01:05:47 | 000,214,694 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.06.17 00:59:15 | 000,214,694 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.17 00:29:58 | 000,000,091 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\AVSDVDPlayer.m3u
[2008.07.02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 22.02.2013 22:09:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ASUS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 47,28% Memory free
6,19 Gb Paging File | 4,61 Gb Available in Paging File | 74,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 82,58 Gb Free Space | 46,17% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 103,18 Gb Free Space | 86,54% Space Free | Partition Type: NTFS
 
Computer Name: FUXI | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2593200360-2997682069-409558613-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A543E68-50B4-4280-8BB2-AF4DB71FDA93}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1C30E30E-06F7-4A52-95C2-1C4541E58B23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E993F14-44D1-4437-8B9A-902B61661856}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{27858E58-10E5-4B38-A6FA-09D3956417FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2BBEAB61-B35E-49E9-B982-00CD20BA9B74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5762BB8C-5713-42F2-B76B-4A0BDE6ACF6C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{63C28116-2ADF-4398-BF2F-0E4FA2E21BF3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{79ACAE4E-82E3-4F7A-B778-9AEF715286FF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{81DA91E1-6DB8-4E52-8501-5DF583EBA4DD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{89988D43-F3D5-4C04-9523-93123877D53E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A2C6BAEF-39E9-4EA3-BBCD-EA661A81BF29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{ACD7BD19-9B8F-4917-A218-A949DA546214}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C9BA2135-5E8A-4158-903F-0CE661F6F9BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D94C0A8C-9655-43BD-9646-F1C1D5B959D9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E2040A9C-36D7-47E7-9DDA-1117CC61FEC9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E3F8752F-D2C0-463D-9B1F-0E29B86A28D6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{E82F8434-88D5-4A4C-9D7E-AE9A6AFF98F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FB73A0D1-89CA-4877-A3F1-11B0E57CD040}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FC125BF-7535-4C3A-926A-E369B915D277}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2846BFB9-A37C-40E9-905E-C498C3402230}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{28C196C2-8DAA-4ED0-915A-FF0B40732C8A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2C707093-1204-4053-9730-B5F7323B17BE}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{2E78A1AD-4BFA-4E69-83A8-B315F4C51310}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{302AA768-BB91-41C2-89C9-E37D0BA4D70E}" = dir=in | app=c:\users\asus\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{3F0A46E9-4F84-48C7-BEF0-24002C136DCF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4C7B8896-4F9B-4D53-B344-3F36AA503B1F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4CD9B703-92A9-4A00-B907-C7A887E79A99}" = protocol=6 | dir=out | app=system | 
"{525F908F-DB7A-4454-8513-1920A23CA372}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{5C3A3761-0F61-4A9F-B02E-3949F048F026}" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{5DE767E6-E14A-4C72-AD62-2D88493B1599}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5EF7E2AB-DEAD-47EC-B2F8-3DAA8157F22C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{6D184CAA-983F-435F-888F-572CFA2CE395}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{6E6B1BF0-3059-4700-BB17-B9D0BA241DFE}" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe | 
"{6FB80A46-2835-4163-B544-CBB70DC80C8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{764F1010-6A97-486B-A570-4203E725470E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{78D99BC1-0845-4931-B31C-684270711CDC}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7A6B56B0-E771-42FE-9A23-AA48591019D2}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{8C9114D4-450D-459D-BDBF-F87D1D628920}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8D3EA953-0D3F-42A4-9403-D4D1C22BE830}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{918A5634-D5D5-4094-898C-43743E99ADCF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A0C7150C-B38A-4CC8-ADB7-10BDCC711491}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{B0BC3717-50D8-49D5-8AB8-959107F835B7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B376F9B6-5526-44DF-AE9B-A6A40FDC2EE9}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{BEEBAB89-2F33-4895-8512-1133E2EA2038}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C6664F16-B08C-45F9-BAC7-810306B06421}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{CD865DCE-E0C3-4CDB-8358-B2B12B0F2ED8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CF7E2BF2-C54A-4669-8B2C-6FBBA8B5FBA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D2BDF7EE-D352-4B08-8880-8E118275C1FD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{D53A8B30-2A40-4666-8874-66428BBB3144}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DC934799-E8E3-4D12-BD2A-FB95D0066AF3}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{E003579F-41F2-4624-A179-224E8214C7B2}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{E9AD6D57-3083-4F77-BFDF-ACD140199E34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FB56F7EF-11B2-43BE-AFD2-8C9327CDBC46}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{26070578-49A6-4630-A98F-8D8E011C24D4}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{34844064-54FC-47AA-B1DD-88472A47283F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{474CDC70-4D32-488F-AFD0-DB64CBE8F420}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{4B44284A-230D-45C8-A6B0-E3B2166DBA23}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{76DB59A0-01AE-459F-9493-0B9FE4A74867}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{772B22A7-4235-42C0-9B62-E6EBED34AECB}C:\program files\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7m\icq.exe | 
"TCP Query User{82E5D594-1A79-4057-B1AB-0039C42907B4}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{90676244-9304-4638-A066-53FFEB679179}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{98C5A6EF-DCFC-4F1E-900D-53496C1BEDFB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{99B187F5-82F8-4C64-8A8B-1C7D998CAE61}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{AA32D57C-FBD0-46B0-B693-2BBD11EDABD1}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{BCEA742A-3146-4677-A318-C0764E98D8E5}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe | 
"TCP Query User{C298E0EA-750C-4839-B676-90518D7D57F8}C:\users\asus\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{C96A2365-F468-4055-9EEE-4D620E2ABDE1}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe | 
"TCP Query User{E8B7B721-F16A-4938-A318-539E1F7B9D29}C:\users\asus\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\asus\temp\teamviewer\version4\teamviewer.exe | 
"TCP Query User{F9389D45-D78F-4448-85B0-22C90BF4C652}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{056DA071-4F49-4830-AD63-AB5D5269B8B5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{1B27E940-C221-4BBA-8155-F055F7DB23F2}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe | 
"UDP Query User{24A33CCF-011F-423A-8CAB-2838002A031D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{34C3E988-19C4-4076-8703-76157A99971F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{435B2682-1E82-4311-BD2C-6C4BF9DA6FFD}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe | 
"UDP Query User{56C390FE-FBCE-4F94-8A68-B27C9C2D7595}C:\users\asus\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\asus\temp\teamviewer\version4\teamviewer.exe | 
"UDP Query User{81A664F2-1598-495D-BCAB-929AC6F50A0E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{9DF648F1-2AD8-45CF-B521-7342AE0683C8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{A910CA21-C825-4010-BC92-90B79DD4BECC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{B89A04BA-5163-4008-807A-F35B2710A81F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{D329B893-F43C-4004-940B-140144C13308}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{D7EC0D91-E179-416D-B489-B212AD17B645}C:\users\asus\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{E3204786-3219-4209-9278-21C9C02CC539}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{E6BE28FD-7367-4FBC-BB3E-89AE4503BA32}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{EA2A26F1-9E35-48CC-88B2-AE01C248BF84}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{EC55580F-43DA-4FC2-8EC9-05C97CA43009}C:\program files\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7m\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{330A9A13-25F2-4E5F-8CE5-9D1AED7CA342}" = Microsoft Security Client
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B1E5A3-1B29-4582-A226-172A1FC7BA6C}" = Windows Live Family Safety
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65A5E87D-7A3F-4819-807D-B86990D5F369}" = inSSIDer
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-0137-0407-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C9E91711-8600-4919-AEF0-D4821F886797}_is1" = Gigaflat
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE500B8E-564F-4D25-AE7F-7BDE30F64642}" = Deutsch (IBM) - Custom
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE6E1AF6-6B88-44FE-8101-84AE6A52B393}" = Windows Live Movie Maker-Betaversion
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = SockshareDownloader
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Ask Toolbar_is1" = Ask Toolbar
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"AutocompletePro3_is1" = AutocompletePro
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"ICQToolbar" = ICQ Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"mIRC" = mIRC
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"Mozilla Thunderbird 17.0.3 (x86 de)" = Mozilla Thunderbird 17.0.3 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PROPLUS" = Microsoft Office Professional Plus 2007
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Shockwave" = Shockwave
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EA SPORTS Game Face Browser Plugin" = EA SPORTS Game Face Browser Plugin 1.5.3.0
"Facebook Plug-In" = Facebook Plug-In
"Game Organizer" = EasyBits GO
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.01.2013 17:38:26 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
 
Error - 31.01.2013 17:38:26 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
 
Error - 31.01.2013 17:38:26 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
 
Error - 01.02.2013 18:55:17 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.02.2013 18:55:17 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1919
 
Error - 01.02.2013 18:55:17 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1919
 
Error - 02.02.2013 15:44:03 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 02.02.2013 15:44:03 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1077
 
Error - 02.02.2013 15:44:03 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1077
 
Error - 02.02.2013 15:44:04 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 02.02.2013 15:44:04 | Computer Name = Fuxi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2091
 
[ OSession Events ]
Error - 08.11.2011 02:00:09 | Computer Name = Fuxi | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 382
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 18.02.2013 09:56:57 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 18.02.2013 17:21:16 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 19.02.2013 03:44:19 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 20.02.2013 13:00:10 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 20.02.2013 13:00:10 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 20.02.2013 13:01:10 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7032
Description = 
 
Error - 20.02.2013 13:01:10 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7032
Description = 
 
Error - 21.02.2013 21:41:02 | Computer Name = Fuxi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 22.02.2013 um 02:39:09 unerwartet heruntergefahren.
 
Error - 22.02.2013 06:29:30 | Computer Name = Fuxi | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 22.02.2013 09:15:09 | Computer Name = Fuxi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 22.02.2013 um 14:12:47 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---


Alt 22.02.2013, 22:24   #6
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



Das ist der quickscan

Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.21.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
ASUS :: FUXI [Administrator]

Schutz: Aktiviert

22.02.2013 02:51:27
mbam-log-2013-02-22 (02-51-27).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211290
Laufzeit: 26 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://startsear.ch/?aff=1&cf=182ae4c0-421b-11e1-803c-d28d2f004551) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ADW:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 23/02/2013 um 00:53:24 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : ASUS - FUXI
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ASUS\Desktop\adwcleaner0.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Datei Gefunden : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gefunden : C:\Program Files\Mozilla FireFox\searchplugins\fast.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-3.xml
Datei Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\Startsear.xml
Ordner Gefunden : C:\Program Files\AskBarDis
Ordner Gefunden : C:\Program Files\AutocompletePro
Ordner Gefunden : C:\Program Files\ICQ6Toolbar
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\ASUS\AppData\Local\Babylon
Ordner Gefunden : C:\Users\ASUS\AppData\Local\Conduit
Ordner Gefunden : C:\Users\ASUS\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\ASUS\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\Conduit
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\ConduitCommon
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\ConduitEngine
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\CT2549263
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\engine@conduit.com
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\staged
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\support@predictad.com
Ordner Gefunden : C:\Users\ASUS\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\1ClickDownload
Schlüssel Gefunden : HKCU\Software\AppDataLow\AskBarDis
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AutocompletePro
Schlüssel Gefunden : HKCU\Software\AutocompleteProBHO
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2481020
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gefunden : HKU\S-1-5-21-2593200360-2997682069-409558613-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKU\S-1-5-21-2593200360-2997682069-409558613-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKU\S-1-5-21-2593200360-2997682069-409558613-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gefunden : HKU\S-1-5-21-2593200360-2997682069-409558613-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v19.0 (de)

Datei : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\prefs.js

Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Mar 04 2011 20:11:57 GMT+0100");
Gefunden : user_pref("CT2481020..clientLogIsEnabled", false);
Gefunden : user_pref("CT2481020..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2481020..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2481020.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2481020.BrowserCompStateIsOpen_129469746101488132", true);
Gefunden : user_pref("CT2481020.CTID", "ct2481020");
Gefunden : user_pref("CT2481020.CurrentServerDate", "13-8-2011");
Gefunden : user_pref("CT2481020.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2481020.DialogsGetterLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gefunden : user_pref("CT2481020.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2481020.FeedLastCount129076858299680990", 0);
Gefunden : user_pref("CT2481020.FeedPollDate129076849370150342", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076850042182211", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076850596400916", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076850791868756", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076852434375419", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076853083906444", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076854010937606", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076855068438037", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076855340312884", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076855597344292", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076855883906472", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076856408281730", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076856723281882", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076856982969262", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076857229219583", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076857478587121", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedPollDate129076858014837073", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gefunden : user_pref("CT2481020.FeedTTL129076850596400916", 5);
Gefunden : user_pref("CT2481020.FeedTTL129076850791868756", 5);
Gefunden : user_pref("CT2481020.FeedTTL129076855068438037", 2);
Gefunden : user_pref("CT2481020.FeedTTL129076856408281730", 30);
Gefunden : user_pref("CT2481020.FeedTTL129076856723281882", 5);
Gefunden : user_pref("CT2481020.FeedTTL129076857229219583", 30);
Gefunden : user_pref("CT2481020.FirstServerDate", "12-8-2011");
Gefunden : user_pref("CT2481020.FirstTime", true);
Gefunden : user_pref("CT2481020.FirstTimeFF3", true);
Gefunden : user_pref("CT2481020.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2481020.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2481020.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2481020.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2481020.Initialize", true);
Gefunden : user_pref("CT2481020.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2481020.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2481020.InstallationId", "ConduitStubGeneric");
Gefunden : user_pref("CT2481020.InstallationType", "ConduitStubIntegration");
Gefunden : user_pref("CT2481020.InstalledDate", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gefunden : user_pref("CT2481020.IsGrouping", false);
Gefunden : user_pref("CT2481020.IsInitSetupIni", true);
Gefunden : user_pref("CT2481020.IsMulticommunity", false);
Gefunden : user_pref("CT2481020.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2481020.IsOpenUninstallPage", false);
Gefunden : user_pref("CT2481020.LanguagePackLastCheckTime", "Wed Aug 17 2011 07:29:54 GMT+0200");
Gefunden : user_pref("CT2481020.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2481020.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2481020.LastLogin_3.5.0.12", "Mon Aug 15 2011 18:01:23 GMT+0200");
Gefunden : user_pref("CT2481020.LatestVersion", "3.3.3.2");
Gefunden : user_pref("CT2481020.Locale", "de");
Gefunden : user_pref("CT2481020.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2481020.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2481020.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2481020.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2481020.OriginalFirstVersion", "3.5.0.12");
Gefunden : user_pref("CT2481020.RadioIsPodcast", false);
Gefunden : user_pref("CT2481020.RadioMediaID", "9962");
Gefunden : user_pref("CT2481020.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2481020.RadioMenuSelectedID", "EBRadioMenu_CT24810209962");
Gefunden : user_pref("CT2481020.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2481020.RadioStationName", "California%20Rock");
Gefunden : user_pref("CT2481020.RadioStationURL", "hxxp://feedlive.net/california.asx");
Gefunden : user_pref("CT2481020.SavedHomepage", "www.oe3.at");
Gefunden : user_pref("CT2481020.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2481020.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Gefunden : user_pref("CT2481020.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2481020.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2481020.SearchInNewTabLastCheckTime", "Sun Aug 14 2011 21:36:51 GMT+0200");
Gefunden : user_pref("CT2481020.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2481020.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2481020.ServiceMapLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gefunden : user_pref("CT2481020.SettingsLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gefunden : user_pref("CT2481020.SettingsLastUpdate", "1312118201");
Gefunden : user_pref("CT2481020.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2481020.ThirdPartyComponentsLastCheck", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gefunden : user_pref("CT2481020.ThirdPartyComponentsLastUpdate", "1255344657");
Gefunden : user_pref("CT2481020.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2481020.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481020");
Gefunden : user_pref("CT2481020.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2481020.UserID", "UN62541758850617261");
Gefunden : user_pref("CT2481020.alertChannelId", "874426");
Gefunden : user_pref("CT2481020.backendstorage.active", "796573");
Gefunden : user_pref("CT2481020.backendstorage.firstinstall", "796573");
Gefunden : user_pref("CT2481020.backendstorage.gsdomain", "");
Gefunden : user_pref("CT2481020.backendstorage.lastrun", "31333133313731363737383630");
Gefunden : user_pref("CT2481020.backendstorage.partner_id", "3937346665643236");
Gefunden : user_pref("CT2481020.backendstorage.shopupdate", "323031312D30382D3132");
Gefunden : user_pref("CT2481020.backendstorage.shopversionv2", "3130303039");
Gefunden : user_pref("CT2481020.backendstorage.short", "30");
Gefunden : user_pref("CT2481020.backendstorage.tbready", "74727565");
Gefunden : user_pref("CT2481020.ct2481020.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2481020.ct2481020.FeedLastCount129076858299680990", 389);
Gefunden : user_pref("CT2481020.ct2481020.InvalidateCache", false);
Gefunden : user_pref("CT2481020.ct2481020.LanguagePackLastCheckTime", "Sun Aug 14 2011 21:36:52 GMT+0200");
Gefunden : user_pref("CT2481020.ct2481020.Locale", "de");
Gefunden : user_pref("CT2481020.ct2481020.RadioLastCheckTime", "Wed Aug 17 2011 07:29:47 GMT+0200");
Gefunden : user_pref("CT2481020.ct2481020.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2481020.ct2481020.RadioLastUpdateServer", "3");
Gefunden : user_pref("CT2481020.ct2481020.SearchInNewTabLastCheckTime", "Fri Aug 12 2011 19:54:34 GMT+0200");
Gefunden : user_pref("CT2481020.ct2481020.SettingsLastCheckTime", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gefunden : user_pref("CT2481020.ct2481020.SettingsLastUpdate", "1312118201");
Gefunden : user_pref("CT2481020.ct2481020.ThirdPartyComponentsLastCheck", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gefunden : user_pref("CT2481020.ct2481020.ThirdPartyComponentsLastUpdate", "1255344657");
Gefunden : user_pref("CT2481020.ct2481020.globalFirstTimeInfoLastCheckTime", "Sun Aug 14 2011 21:36:53 GMT+0200[...]
Gefunden : user_pref("CT2481020.ct2481020.toolbarAppMetaDataLastCheckTime", "Fri Aug 12 2011 19:54:33 GMT+0200"[...]
Gefunden : user_pref("CT2481020.ct2481020.toolbarContextMenuLastCheckTime", "Fri Aug 12 2011 19:54:34 GMT+0200"[...]
Gefunden : user_pref("CT2481020.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2481020.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 07:29:54 GMT+0200");
Gefunden : user_pref("CT2481020.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2481020.initDone", true);
Gefunden : user_pref("CT2481020.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2481020.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2481020.myStuffEnabled", true);
Gefunden : user_pref("CT2481020.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2481020.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2481020.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2481020.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2481020.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2481020.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2481020.testingCtid", "");
Gefunden : user_pref("CT2481020.toolbarAppMetaDataLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gefunden : user_pref("CT2481020.toolbarContextMenuLastCheckTime", "Fri Aug 12 2011 19:54:33 GMT+0200");
Gefunden : user_pref("CT2481020.usagesFlag", 1);
Gefunden : user_pref("CT2549263..clientLogIsEnabled", false);
Gefunden : user_pref("CT2549263..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2549263..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2549263.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2549263.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2549263.BrowserCompStateIsOpen_129593636272103152", true);
Gefunden : user_pref("CT2549263.BrowserCompStateIsOpen_129681782619538716", true);
Gefunden : user_pref("CT2549263.BrowserCompStateIsOpen_129738909652389324", true);
Gefunden : user_pref("CT2549263.BrowserCompStateIsOpen_1359634298000", true);
Gefunden : user_pref("CT2549263.CT2549263", "CT2549263");
Gefunden : user_pref("CT2549263.Chat.ServerLastCheckTime", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gefunden : user_pref("CT2549263.CurrentServerDate", "23-2-2013");
Gefunden : user_pref("CT2549263.DSInstall", true);
Gefunden : user_pref("CT2549263.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2549263.DialogsGetterLastCheckTime", "Wed Feb 20 2013 19:58:12 GMT+0100");
Gefunden : user_pref("CT2549263.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2549263.EMailNotifierPollDate", "Sat Oct 15 2011 20:42:34 GMT+0200");
Gefunden : user_pref("CT2549263.FeedLastCount129118271027024187", 30);
Gefunden : user_pref("CT2549263.FeedPollDate128795077986382124", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gefunden : user_pref("CT2549263.FeedPollDate128795078397943899", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gefunden : user_pref("CT2549263.FeedTTL128795078397943899", 40);
Gefunden : user_pref("CT2549263.FirstServerDate", "15-10-2011");
Gefunden : user_pref("CT2549263.FirstTime", true);
Gefunden : user_pref("CT2549263.FirstTimeFF3", true);
Gefunden : user_pref("CT2549263.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2549263.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2549263.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2549263.HPChangedManually", false);
Gefunden : user_pref("CT2549263.HPInstall", true);
Gefunden : user_pref("CT2549263.HPProtectChoice", true);
Gefunden : user_pref("CT2549263.HPProtectCount", 1);
Gefunden : user_pref("CT2549263.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2549263.HomePageProtectorEnabled", true);
Gefunden : user_pref("CT2549263.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=[...]
Gefunden : user_pref("CT2549263.Initialize", true);
Gefunden : user_pref("CT2549263.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2549263.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2549263.InstallationType", "Unknown");
Gefunden : user_pref("CT2549263.InstalledDate", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gefunden : user_pref("CT2549263.InvalidateCache", false);
Gefunden : user_pref("CT2549263.IsGrouping", false);
Gefunden : user_pref("CT2549263.IsInitSetupIni", true);
Gefunden : user_pref("CT2549263.IsMulticommunity", false);
Gefunden : user_pref("CT2549263.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2549263.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2549263.IsProtectorsInit", true);
Gefunden : user_pref("CT2549263.LanguagePackLastCheckTime", "Fri Feb 22 2013 17:06:17 GMT+0100");
Gefunden : user_pref("CT2549263.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2549263.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2549263.LastLogin_3.12.2.3", "Mon May 21 2012 16:32:56 GMT+0200");
Gefunden : user_pref("CT2549263.LastLogin_3.13.0.6", "Thu Jul 12 2012 17:29:17 GMT+0200");
Gefunden : user_pref("CT2549263.LastLogin_3.14.1.0", "Wed Aug 15 2012 19:49:36 GMT+0200");
Gefunden : user_pref("CT2549263.LastLogin_3.15.1.0", "Wed Nov 14 2012 07:16:22 GMT+0100");
Gefunden : user_pref("CT2549263.LastLogin_3.16.0.3", "Mon Feb 11 2013 21:43:13 GMT+0100");
Gefunden : user_pref("CT2549263.LastLogin_3.18.0.7", "Fri Feb 22 2013 22:07:35 GMT+0100");
Gefunden : user_pref("CT2549263.LastLogin_3.7.0.6", "Sat Oct 15 2011 20:42:56 GMT+0200");
Gefunden : user_pref("CT2549263.LatestVersion", "3.18.0.7");
Gefunden : user_pref("CT2549263.Locale", "en-us");
Gefunden : user_pref("CT2549263.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2549263.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2549263.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2549263.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2549263.OriginalFirstVersion", "3.7.0.6");
Gefunden : user_pref("CT2549263.RadioIsPodcast", false);
Gefunden : user_pref("CT2549263.RadioLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gefunden : user_pref("CT2549263.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2549263.RadioLastUpdateServer", "129118362079830000");
Gefunden : user_pref("CT2549263.RadioMediaID", "20117398");
Gefunden : user_pref("CT2549263.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2549263.RadioMenuSelectedID", "EBRadioMenu_CT254926320117398");
Gefunden : user_pref("CT2549263.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2549263.RadioStationName", "Radio%20Hip-Hop%2FRap(USA)");
Gefunden : user_pref("CT2549263.RadioStationURL", "hxxp://206.51.233.231/007HipHop");
Gefunden : user_pref("CT2549263.SavedHomepage", "www.oe3.at");
Gefunden : user_pref("CT2549263.SearchCaption", "Expat Shield Customized Web Search");
Gefunden : user_pref("CT2549263.SearchEngineBeforeUnload", "Expat Shield Customized Web Search");
Gefunden : user_pref("CT2549263.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2549263.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254[...]
Gefunden : user_pref("CT2549263.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2549263.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2549263.SearchInNewTabLastCheckTime", "Fri Feb 22 2013 22:07:07 GMT+0100");
Gefunden : user_pref("CT2549263.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2549263.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gefunden : user_pref("CT2549263.SearchProtectorEnabled", true);
Gefunden : user_pref("CT2549263.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2549263.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT2549263.ServiceMapLastCheckTime", "Fri Feb 22 2013 22:07:34 GMT+0100");
Gefunden : user_pref("CT2549263.SettingsLastCheckTime", "Fri Feb 22 2013 22:07:05 GMT+0100");
Gefunden : user_pref("CT2549263.SettingsLastUpdate", "1361554943");
Gefunden : user_pref("CT2549263.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
Gefunden : user_pref("CT2549263.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2549263.ThirdPartyComponentsLastCheck", "Sat Oct 15 2011 20:42:33 GMT+0200");
Gefunden : user_pref("CT2549263.ThirdPartyComponentsLastUpdate", "1312887586");
Gefunden : user_pref("CT2549263.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2549263.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2549263");
Gefunden : user_pref("CT2549263.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2549263.UserID", "UN66639081627559808");
Gefunden : user_pref("CT2549263.WeatherNetwork", "");
Gefunden : user_pref("CT2549263.WeatherPollDate", "Sat Oct 15 2011 20:42:56 GMT+0200");
Gefunden : user_pref("CT2549263.WeatherUnit", "C");
Gefunden : user_pref("CT2549263.alertChannelId", "942243");
Gefunden : user_pref("CT2549263.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e.:2z527", "247E716B7374443A384336423C3C204A4A2F77317B23222[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e06cg5el8:", "6E6D706A6C7471757274");
Gefunden : user_pref("CT2549263.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737670727A777B787A242F4B4947[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gefunden : user_pref("CT2549263.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gefunden : user_pref("CT2549263.backendstorage./9b-0?3g>d", "396B6D6A6C7340727A7444787520754C792125234D7E242A7E[...]
Gefunden : user_pref("CT2549263.backendstorage./9b-0?3g@6:5;", "");
Gefunden : user_pref("CT2549263.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Gefunden : user_pref("CT2549263.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Gefunden : user_pref("CT2549263.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477A213F3E484F4E4D464[...]
Gefunden : user_pref("CT2549263.backendstorage./9b5ba==9cjag", "3C6A3D6941743F6E7A46437146757A7C4A787E2023");
Gefunden : user_pref("CT2549263.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D706A6C7471757176737976");
Gefunden : user_pref("CT2549263.backendstorage./9b9643g3/9e", "6A");
Gefunden : user_pref("CT2549263.backendstorage./9b<:222h64<", "393F352F3E");
Gefunden : user_pref("CT2549263.backendstorage./9b=+03eh8h8j?:", "4443");
Gefunden : user_pref("CT2549263.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gefunden : user_pref("CT2549263.backendstorage./9b?b0d:8aj62<h", "6D");
Gefunden : user_pref("CT2549263.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gefunden : user_pref("CT2549263.components.1000234", true);
Gefunden : user_pref("CT2549263.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2549263.globalFirstTimeInfoLastCheckTime", "Sat Oct 15 2011 20:42:34 GMT+0200");
Gefunden : user_pref("CT2549263.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2549263.initDone", true);
Gefunden : user_pref("CT2549263.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2549263.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2549263.myStuffEnabled", true);
Gefunden : user_pref("CT2549263.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2549263.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2549263.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2549263.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2549263.revertSettingsEnabled", true);
Gefunden : user_pref("CT2549263.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2549263.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2549263.testingCtid", "");
Gefunden : user_pref("CT2549263.toolbarAppMetaDataLastCheckTime", "Fri Feb 22 2013 22:07:34 GMT+0100");
Gefunden : user_pref("CT2549263.toolbarContextMenuLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gefunden : user_pref("CT2549263.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo DE Customized Web Search,Expat Shield Cust[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2549263/CT2549263[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/AT", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/942243/938027/AT", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481020", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2549263", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://newtab.conduit-hosting.com/newtab/?ctid=CT2549263", "\"ItdQT[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481020",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2549263",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481020&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2549263&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481020&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Gefunden : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Gefunden : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.IsEngineShown", false);
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\ASUS\\AppData\\Roaming\\Mozilla\\Fi[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2481020,CT2549263");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2481020,CT2549263");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2481020,CT2549263");
Gefunden : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri May 06 2011 11:44:37 GMT+02[...]
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 19:41:37 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 19:41:29 GMT+0200");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "b9b1c5af-8cc5-48f9-b35d-936affae8cc9");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gefunden : user_pref("CommunityToolbar.globalUserId", "f1444e90-fb40-446a-9968-1a4de288d9ef");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2549263");
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Oct 15 2011 20:42:3[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Oct 15 2011 20:42:42 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Oct 15 2011 20:42:33 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "59f9f7aa-e212-4b9b-9ca2-2a636b036c7c");
Gefunden : user_pref("CommunityToolbar.originalHomepage", "www.oe3.at");
Gefunden : user_pref("CommunityToolbar.originalSearchEngine", "Ashampoo DE Customized Web Search");
Gefunden : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 15 2011 08:47:59 GMT+0200");
Gefunden : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gefunden : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Mar 22 2011 18:03:11 GMT+0100");
Gefunden : user_pref("ConduitEngine.FirstServerDate", "03/22/2011 20");
Gefunden : user_pref("ConduitEngine.FirstTime", true);
Gefunden : user_pref("ConduitEngine.FirstTimeFF3", true);
Gefunden : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gefunden : user_pref("ConduitEngine.Initialize", true);
Gefunden : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gefunden : user_pref("ConduitEngine.InstalledDate", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gefunden : user_pref("ConduitEngine.IsMulticommunity", false);
Gefunden : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gefunden : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gefunden : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gefunden : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gefunden : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Mar 22 2011 18:03:08 GMT+0100");
Gefunden : user_pref("ConduitEngine.UserID", "UN16328975944510082");
Gefunden : user_pref("ConduitEngine.componentAlertEnabled", false);
Gefunden : user_pref("ConduitEngine.engineLocale", "de");
Gefunden : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gefunden : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue Mar 22 2011 23:13:38 GMT+0100");
Gefunden : user_pref("ConduitEngine.initDone", true);
Gefunden : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Gefunden : user_pref("ConduitEngine.usagesFlag", 2);
Gefunden : user_pref("browser.search.defaultengine", "Web Search");
Gefunden : user_pref("browser.search.defaultthis.engineName", "Expat Shield Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gefunden : user_pref("browser.search.order.1", "Web Search");
Gefunden : user_pref("extensions.enabledAddons", "youtube2mp3%40mondayx.de:1.2.3,%7B81BF1D23-5F17-408D-AC6B-BD6[...]

*************************

AdwCleaner[R1].txt - [49041 octets] - [23/02/2013 00:53:24]

########## EOF - C:\AdwCleaner[R1].txt - [49102 octets] ##########
         
--- --- ---

Alt 23.02.2013, 20:45   #7
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hi,
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
SRV - (0062091355493512mcinstcleanup) -- C:\Windows\TEMP\006209~1.EXE File not found
DRV - (cpuz132) -- C:\Users\ASUS\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook:  - No CLSID value found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4 - HKLM..\Run: [TaskTray]  File not found

:REG
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = dword:0x00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = dword:0x00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = dword:0x00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2593200360-2997682069-409558613-1000]
"EnableNotifications" = dword:0x01

:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

AdwareCleaner
Schliesse alle offenstehende Fenster und starte AdwCleaner (Win7/Vista: Als Administrator ausführen)
  • Klicke Delete
  • Klicke bei:AdwCleaner-Information OK
  • Klicke bei:AdwCleaner-Restart Required OK
Alle Icons werden kurzzeitig verschwinden...
Dein Rechner wird neu gestartet und es öffnet sich ein Logfile (C:\AdwCleaner[xx].txt), poste dessen Inhalt hier ins Forum.

Superantispyware (SASW):
http://www.trojaner-board.de/51871-a...tispyware.html
Log posten...

Versuche auch nochmal MAM zu aktualisieren und dann einen Fullscan durchzuführen, was ist die genau Fehlermeldung (falls das nicht geht)?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 24.02.2013, 21:57   #8
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



All processes killed
========== OTL ==========
Service 0062091355493512mcinstcleanup stopped successfully!
Service 0062091355493512mcinstcleanup deleted successfully!
File C:\Windows\TEMP\006209~1.EXE File not found not found.
Service cpuz132 stopped successfully!
Service cpuz132 deleted successfully!
File C:\Users\ASUS\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5786D022-540E-4699-B350-B4BE0AE94B79} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5786D022-540E-4699-B350-B4BE0AE94B79}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\"DisableMonitoring" |dword:0x00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" |dword:0x00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" | dword:0x00 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2593200360-2997682069-409558613-1000\\"EnableNotifications" | dword:0x01 /E!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ASUS
->Temp folder emptied: 51094547 bytes
->Temporary Internet Files folder emptied: 95110306 bytes
->Java cache emptied: 225152 bytes
->FireFox cache emptied: 66191960 bytes
->Flash cache emptied: 2696 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1461189 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 568076697 bytes
RecycleBin emptied: 228724563 bytes

Total Files Cleaned = 964,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 02242013_215013

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.113 - Datei am 24/02/2013 um 22:00:10 erstellt
# Aktualisiert am 23/02/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : ASUS - FUXI
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Program Files\Mozilla FireFox\searchplugins\fast.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\searchplugins\Startsear.xml
Ordner Gelöscht : C:\Program Files\AskBarDis
Ordner Gelöscht : C:\Program Files\AutocompletePro
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\ASUS\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\ASUS\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\ASUS\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\ASUS\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\ASUS\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\Conduit
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\ConduitCommon
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\ConduitEngine
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\CT2549263
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\engine@conduit.com
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\extensions\support@predictad.com
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\jetpack
Ordner Gelöscht : C:\Users\ASUS\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskBarDis
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AutocompletePro
Schlüssel Gelöscht : HKCU\Software\AutocompleteProBHO
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2481020
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (de)

Datei : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\prefs.js

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\vasdy6o4.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Mar 04 2011 20:11:57 GMT+0100");
Gelöscht : user_pref("CT2481020..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2481020..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2481020..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2481020.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2481020.BrowserCompStateIsOpen_129469746101488132", true);
Gelöscht : user_pref("CT2481020.CTID", "ct2481020");
Gelöscht : user_pref("CT2481020.CurrentServerDate", "13-8-2011");
Gelöscht : user_pref("CT2481020.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2481020.DialogsGetterLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gelöscht : user_pref("CT2481020.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2481020.FeedLastCount129076858299680990", 0);
Gelöscht : user_pref("CT2481020.FeedPollDate129076849370150342", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076850042182211", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076850596400916", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076850791868756", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076852434375419", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076853083906444", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076854010937606", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076855068438037", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076855340312884", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076855597344292", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076855883906472", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076856408281730", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076856723281882", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076856982969262", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076857229219583", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076857478587121", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedPollDate129076858014837073", "Wed Aug 17 2011 17:24:04 GMT+0200");
Gelöscht : user_pref("CT2481020.FeedTTL129076850596400916", 5);
Gelöscht : user_pref("CT2481020.FeedTTL129076850791868756", 5);
Gelöscht : user_pref("CT2481020.FeedTTL129076855068438037", 2);
Gelöscht : user_pref("CT2481020.FeedTTL129076856408281730", 30);
Gelöscht : user_pref("CT2481020.FeedTTL129076856723281882", 5);
Gelöscht : user_pref("CT2481020.FeedTTL129076857229219583", 30);
Gelöscht : user_pref("CT2481020.FirstServerDate", "12-8-2011");
Gelöscht : user_pref("CT2481020.FirstTime", true);
Gelöscht : user_pref("CT2481020.FirstTimeFF3", true);
Gelöscht : user_pref("CT2481020.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2481020.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2481020.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2481020.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2481020.Initialize", true);
Gelöscht : user_pref("CT2481020.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2481020.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2481020.InstallationId", "ConduitStubGeneric");
Gelöscht : user_pref("CT2481020.InstallationType", "ConduitStubIntegration");
Gelöscht : user_pref("CT2481020.InstalledDate", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gelöscht : user_pref("CT2481020.IsGrouping", false);
Gelöscht : user_pref("CT2481020.IsInitSetupIni", true);
Gelöscht : user_pref("CT2481020.IsMulticommunity", false);
Gelöscht : user_pref("CT2481020.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2481020.IsOpenUninstallPage", false);
Gelöscht : user_pref("CT2481020.LanguagePackLastCheckTime", "Wed Aug 17 2011 07:29:54 GMT+0200");
Gelöscht : user_pref("CT2481020.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2481020.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2481020.LastLogin_3.5.0.12", "Mon Aug 15 2011 18:01:23 GMT+0200");
Gelöscht : user_pref("CT2481020.LatestVersion", "3.3.3.2");
Gelöscht : user_pref("CT2481020.Locale", "de");
Gelöscht : user_pref("CT2481020.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2481020.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2481020.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2481020.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2481020.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2481020.RadioIsPodcast", false);
Gelöscht : user_pref("CT2481020.RadioMediaID", "9962");
Gelöscht : user_pref("CT2481020.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2481020.RadioMenuSelectedID", "EBRadioMenu_CT24810209962");
Gelöscht : user_pref("CT2481020.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2481020.RadioStationName", "California%20Rock");
Gelöscht : user_pref("CT2481020.RadioStationURL", "hxxp://feedlive.net/california.asx");
Gelöscht : user_pref("CT2481020.SavedHomepage", "www.oe3.at");
Gelöscht : user_pref("CT2481020.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2481020.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT248[...]
Gelöscht : user_pref("CT2481020.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2481020.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2481020.SearchInNewTabLastCheckTime", "Sun Aug 14 2011 21:36:51 GMT+0200");
Gelöscht : user_pref("CT2481020.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2481020.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2481020.ServiceMapLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gelöscht : user_pref("CT2481020.SettingsLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gelöscht : user_pref("CT2481020.SettingsLastUpdate", "1312118201");
Gelöscht : user_pref("CT2481020.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2481020.ThirdPartyComponentsLastCheck", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gelöscht : user_pref("CT2481020.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2481020.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2481020.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2481020");
Gelöscht : user_pref("CT2481020.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2481020.UserID", "UN62541758850617261");
Gelöscht : user_pref("CT2481020.alertChannelId", "874426");
Gelöscht : user_pref("CT2481020.backendstorage.active", "796573");
Gelöscht : user_pref("CT2481020.backendstorage.firstinstall", "796573");
Gelöscht : user_pref("CT2481020.backendstorage.gsdomain", "");
Gelöscht : user_pref("CT2481020.backendstorage.lastrun", "31333133313731363737383630");
Gelöscht : user_pref("CT2481020.backendstorage.partner_id", "3937346665643236");
Gelöscht : user_pref("CT2481020.backendstorage.shopupdate", "323031312D30382D3132");
Gelöscht : user_pref("CT2481020.backendstorage.shopversionv2", "3130303039");
Gelöscht : user_pref("CT2481020.backendstorage.short", "30");
Gelöscht : user_pref("CT2481020.backendstorage.tbready", "74727565");
Gelöscht : user_pref("CT2481020.ct2481020.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2481020.ct2481020.FeedLastCount129076858299680990", 389);
Gelöscht : user_pref("CT2481020.ct2481020.InvalidateCache", false);
Gelöscht : user_pref("CT2481020.ct2481020.LanguagePackLastCheckTime", "Sun Aug 14 2011 21:36:52 GMT+0200");
Gelöscht : user_pref("CT2481020.ct2481020.Locale", "de");
Gelöscht : user_pref("CT2481020.ct2481020.RadioLastCheckTime", "Wed Aug 17 2011 07:29:47 GMT+0200");
Gelöscht : user_pref("CT2481020.ct2481020.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2481020.ct2481020.RadioLastUpdateServer", "3");
Gelöscht : user_pref("CT2481020.ct2481020.SearchInNewTabLastCheckTime", "Fri Aug 12 2011 19:54:34 GMT+0200");
Gelöscht : user_pref("CT2481020.ct2481020.SettingsLastCheckTime", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gelöscht : user_pref("CT2481020.ct2481020.SettingsLastUpdate", "1312118201");
Gelöscht : user_pref("CT2481020.ct2481020.ThirdPartyComponentsLastCheck", "Fri Aug 12 2011 19:54:30 GMT+0200");
Gelöscht : user_pref("CT2481020.ct2481020.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2481020.ct2481020.globalFirstTimeInfoLastCheckTime", "Sun Aug 14 2011 21:36:53 GMT+0200[...]
Gelöscht : user_pref("CT2481020.ct2481020.toolbarAppMetaDataLastCheckTime", "Fri Aug 12 2011 19:54:33 GMT+0200"[...]
Gelöscht : user_pref("CT2481020.ct2481020.toolbarContextMenuLastCheckTime", "Fri Aug 12 2011 19:54:34 GMT+0200"[...]
Gelöscht : user_pref("CT2481020.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2481020.globalFirstTimeInfoLastCheckTime", "Wed Aug 17 2011 07:29:54 GMT+0200");
Gelöscht : user_pref("CT2481020.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2481020.initDone", true);
Gelöscht : user_pref("CT2481020.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2481020.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2481020.myStuffEnabled", true);
Gelöscht : user_pref("CT2481020.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2481020.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2481020.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2481020.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2481020.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2481020.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2481020.testingCtid", "");
Gelöscht : user_pref("CT2481020.toolbarAppMetaDataLastCheckTime", "Fri Aug 12 2011 19:54:29 GMT+0200");
Gelöscht : user_pref("CT2481020.toolbarContextMenuLastCheckTime", "Fri Aug 12 2011 19:54:33 GMT+0200");
Gelöscht : user_pref("CT2481020.usagesFlag", 1);
Gelöscht : user_pref("CT2549263..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2549263..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2549263..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2549263.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2549263.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2549263.BrowserCompStateIsOpen_129593636272103152", true);
Gelöscht : user_pref("CT2549263.BrowserCompStateIsOpen_129681782619538716", true);
Gelöscht : user_pref("CT2549263.BrowserCompStateIsOpen_129738909652389324", true);
Gelöscht : user_pref("CT2549263.BrowserCompStateIsOpen_1359634298000", true);
Gelöscht : user_pref("CT2549263.CT2549263", "CT2549263");
Gelöscht : user_pref("CT2549263.Chat.ServerLastCheckTime", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gelöscht : user_pref("CT2549263.CurrentServerDate", "24-2-2013");
Gelöscht : user_pref("CT2549263.DSInstall", true);
Gelöscht : user_pref("CT2549263.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2549263.DialogsGetterLastCheckTime", "Sun Feb 24 2013 15:06:20 GMT+0100");
Gelöscht : user_pref("CT2549263.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2549263.EMailNotifierPollDate", "Sat Oct 15 2011 20:42:34 GMT+0200");
Gelöscht : user_pref("CT2549263.FeedLastCount129118271027024187", 30);
Gelöscht : user_pref("CT2549263.FeedPollDate128795077986382124", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gelöscht : user_pref("CT2549263.FeedPollDate128795078397943899", "Sat Oct 15 2011 20:42:35 GMT+0200");
Gelöscht : user_pref("CT2549263.FeedTTL128795078397943899", 40);
Gelöscht : user_pref("CT2549263.FirstServerDate", "15-10-2011");
Gelöscht : user_pref("CT2549263.FirstTime", true);
Gelöscht : user_pref("CT2549263.FirstTimeFF3", true);
Gelöscht : user_pref("CT2549263.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2549263.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2549263.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2549263.HPChangedManually", false);
Gelöscht : user_pref("CT2549263.HPInstall", true);
Gelöscht : user_pref("CT2549263.HPProtectChoice", true);
Gelöscht : user_pref("CT2549263.HPProtectCount", 1);
Gelöscht : user_pref("CT2549263.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2549263.HomePageProtectorEnabled", true);
Gelöscht : user_pref("CT2549263.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=[...]
Gelöscht : user_pref("CT2549263.Initialize", true);
Gelöscht : user_pref("CT2549263.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2549263.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2549263.InstallationType", "Unknown");
Gelöscht : user_pref("CT2549263.InstalledDate", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gelöscht : user_pref("CT2549263.InvalidateCache", false);
Gelöscht : user_pref("CT2549263.IsGrouping", false);
Gelöscht : user_pref("CT2549263.IsInitSetupIni", true);
Gelöscht : user_pref("CT2549263.IsMulticommunity", false);
Gelöscht : user_pref("CT2549263.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2549263.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2549263.IsProtectorsInit", true);
Gelöscht : user_pref("CT2549263.LanguagePackLastCheckTime", "Sun Feb 24 2013 15:06:20 GMT+0100");
Gelöscht : user_pref("CT2549263.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2549263.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2549263.LastLogin_3.12.2.3", "Mon May 21 2012 16:32:56 GMT+0200");
Gelöscht : user_pref("CT2549263.LastLogin_3.13.0.6", "Thu Jul 12 2012 17:29:17 GMT+0200");
Gelöscht : user_pref("CT2549263.LastLogin_3.14.1.0", "Wed Aug 15 2012 19:49:36 GMT+0200");
Gelöscht : user_pref("CT2549263.LastLogin_3.15.1.0", "Wed Nov 14 2012 07:16:22 GMT+0100");
Gelöscht : user_pref("CT2549263.LastLogin_3.16.0.3", "Mon Feb 11 2013 21:43:13 GMT+0100");
Gelöscht : user_pref("CT2549263.LastLogin_3.18.0.7", "Sun Feb 24 2013 20:01:10 GMT+0100");
Gelöscht : user_pref("CT2549263.LastLogin_3.7.0.6", "Sat Oct 15 2011 20:42:56 GMT+0200");
Gelöscht : user_pref("CT2549263.LatestVersion", "3.18.0.7");
Gelöscht : user_pref("CT2549263.Locale", "en-us");
Gelöscht : user_pref("CT2549263.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2549263.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2549263.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2549263.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2549263.OriginalFirstVersion", "3.7.0.6");
Gelöscht : user_pref("CT2549263.RadioIsPodcast", false);
Gelöscht : user_pref("CT2549263.RadioLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gelöscht : user_pref("CT2549263.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2549263.RadioLastUpdateServer", "129118362079830000");
Gelöscht : user_pref("CT2549263.RadioMediaID", "20117398");
Gelöscht : user_pref("CT2549263.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2549263.RadioMenuSelectedID", "EBRadioMenu_CT254926320117398");
Gelöscht : user_pref("CT2549263.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2549263.RadioStationName", "Radio%20Hip-Hop%2FRap(USA)");
Gelöscht : user_pref("CT2549263.RadioStationURL", "hxxp://206.51.233.231/007HipHop");
Gelöscht : user_pref("CT2549263.SavedHomepage", "www.oe3.at");
Gelöscht : user_pref("CT2549263.SearchCaption", "Expat Shield Customized Web Search");
Gelöscht : user_pref("CT2549263.SearchEngineBeforeUnload", "Expat Shield Customized Web Search");
Gelöscht : user_pref("CT2549263.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2549263.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254[...]
Gelöscht : user_pref("CT2549263.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2549263.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2549263.SearchInNewTabLastCheckTime", "Sun Feb 24 2013 15:06:17 GMT+0100");
Gelöscht : user_pref("CT2549263.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2549263.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gelöscht : user_pref("CT2549263.SearchProtectorEnabled", true);
Gelöscht : user_pref("CT2549263.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2549263.SendProtectorDataViaLogin", true);
Gelöscht : user_pref("CT2549263.ServiceMapLastCheckTime", "Sun Feb 24 2013 15:06:20 GMT+0100");
Gelöscht : user_pref("CT2549263.SettingsLastCheckTime", "Sun Feb 24 2013 20:01:09 GMT+0100");
Gelöscht : user_pref("CT2549263.SettingsLastUpdate", "1361717685");
Gelöscht : user_pref("CT2549263.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2549263&SearchSource=13");
Gelöscht : user_pref("CT2549263.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2549263.ThirdPartyComponentsLastCheck", "Sat Oct 15 2011 20:42:33 GMT+0200");
Gelöscht : user_pref("CT2549263.ThirdPartyComponentsLastUpdate", "1312887586");
Gelöscht : user_pref("CT2549263.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2549263.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2549263");
Gelöscht : user_pref("CT2549263.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2549263.UserID", "UN66639081627559808");
Gelöscht : user_pref("CT2549263.WeatherNetwork", "");
Gelöscht : user_pref("CT2549263.WeatherPollDate", "Sat Oct 15 2011 20:42:56 GMT+0200");
Gelöscht : user_pref("CT2549263.WeatherUnit", "C");
Gelöscht : user_pref("CT2549263.alertChannelId", "942243");
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e.:2z527", "247E716B7374443A384336423C3C204A4A2F77317B23222[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e06cg5el8:", "6E6D706A6C7471757274");
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737670727A777B787A242F4B4947[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b-0?3g>d", "396B6D6A6C7340727A7444787520754C792125234D7E242A7E[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b-0?3g@6:5;", "");
Gelöscht : user_pref("CT2549263.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Gelöscht : user_pref("CT2549263.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477A213F3E484F4E4D464[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b5ba==9cjag", "3C6A3D6941743F6E7A46437146757A7C4A787E2023");
Gelöscht : user_pref("CT2549263.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D706A6C7471757176737976");
Gelöscht : user_pref("CT2549263.backendstorage./9b9643g3/9e", "6A");
Gelöscht : user_pref("CT2549263.backendstorage./9b<:222h64<", "393F352F3E");
Gelöscht : user_pref("CT2549263.backendstorage./9b=+03eh8h8j?:", "4443");
Gelöscht : user_pref("CT2549263.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gelöscht : user_pref("CT2549263.backendstorage./9b?b0d:8aj62<h", "6D");
Gelöscht : user_pref("CT2549263.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gelöscht : user_pref("CT2549263.components.1000234", true);
Gelöscht : user_pref("CT2549263.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2549263.globalFirstTimeInfoLastCheckTime", "Sat Oct 15 2011 20:42:34 GMT+0200");
Gelöscht : user_pref("CT2549263.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2549263.initDone", true);
Gelöscht : user_pref("CT2549263.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2549263.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2549263.myStuffEnabled", true);
Gelöscht : user_pref("CT2549263.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2549263.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2549263.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2549263.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2549263.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2549263.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2549263.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2549263.testingCtid", "");
Gelöscht : user_pref("CT2549263.toolbarAppMetaDataLastCheckTime", "Sun Feb 24 2013 15:06:20 GMT+0100");
Gelöscht : user_pref("CT2549263.toolbarContextMenuLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gelöscht : user_pref("CT2549263.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481020&Search[...]
Gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "Ashampoo DE Customized Web Search,Expat Shield Cust[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2549263/CT2549263[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/AT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/942243/938027/AT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2481020", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2549263", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://newtab.conduit-hosting.com/newtab/?ctid=CT2549263", "\"ItdQT[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2481020",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2549263",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2481020&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2549263&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2481020&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Gelöscht : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\ASUS\\AppData\\Roaming\\Mozilla\\Fi[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2481020,CT2549263");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2481020,CT2549263");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2481020,CT2549263");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri May 06 2011 11:44:37 GMT+02[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 19:41:37 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 19:41:29 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "b9b1c5af-8cc5-48f9-b35d-936affae8cc9");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Oct 15 2011 20:42:38 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "f1444e90-fb40-446a-9968-1a4de288d9ef");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2549263");
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Oct 15 2011 20:42:3[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Oct 15 2011 20:42:42 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Oct 15 2011 20:42:33 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "59f9f7aa-e212-4b9b-9ca2-2a636b036c7c");
Gelöscht : user_pref("CommunityToolbar.originalHomepage", "www.oe3.at");
Gelöscht : user_pref("CommunityToolbar.originalSearchEngine", "Ashampoo DE Customized Web Search");
Gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 15 2011 08:47:59 GMT+0200");
Gelöscht : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Mar 22 2011 18:03:11 GMT+0100");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "03/22/2011 20");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.2.1", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Mar 22 2011 18:03:08 GMT+0100");
Gelöscht : user_pref("ConduitEngine.UserID", "UN16328975944510082");
Gelöscht : user_pref("ConduitEngine.componentAlertEnabled", false);
Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Mar 22 2011 18:03:12 GMT+0100");
Gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue Mar 22 2011 23:13:38 GMT+0100");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Gelöscht : user_pref("ConduitEngine.usagesFlag", 2);
Gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "Expat Shield Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gelöscht : user_pref("browser.search.order.1", "Web Search");
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", true);
Gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Gelöscht : user_pref("icqtoolbar.geolastmodified", 1341428002);
Gelöscht : user_pref("icqtoolbar.history", "parkemed%201500||mehr%20fotos||claus%20h%C3%B6rner||penis%20krankhe[...]
Gelöscht : user_pref("icqtoolbar.hpChange", true);
Gelöscht : user_pref("icqtoolbar.icqgeo", 43);
Gelöscht : user_pref("icqtoolbar.installTime", "1341837265");
Gelöscht : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Gelöscht : user_pref("icqtoolbar.newtab_state", "0");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "13.0.1");
Gelöscht : user_pref("icqtoolbar.showPc", false);
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
Gelöscht : user_pref("icqtoolbar.uniqueID", "129781491012978152491297816086868");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1341789301);
Gelöscht : user_pref("icqtoolbar.userHpApproved", true);
Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");

*************************

AdwCleaner[R1].txt - [49172 octets] - [23/02/2013 00:53:24]
AdwCleaner[S1].txt - [337 octets] - [23/02/2013 01:01:03]
AdwCleaner[S2].txt - [50929 octets] - [24/02/2013 22:00:10]

########## EOF - C:\AdwCleaner[S2].txt - [50990 octets] ##########
         
--- --- ---

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/24/2013 at 11:31 PM

Application Version : 5.6.1014

Core Rules Database Version : 10047
Trace Rules Database Version: 7859

Scan type : Complete Scan
Total Scan Time : 01:17:13

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 661
Memory threats detected : 0
Registry items scanned : 38498
Registry threats detected : 0
File items scanned : 64051
File threats detected : 0

Alt 25.02.2013, 23:49   #9
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.25.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
ASUS :: FUXI [Administrator]

Schutz: Deaktiviert

25.02.2013 21:44:34
mbam-log-2013-02-25 (21-44-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 377222
Laufzeit: 1 Stunde(n), 58 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 26.02.2013, 08:23   #10
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hi,

das sieht schon mal so schlecht nicht aus, wie verhält sich der Rechnerß

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 26.02.2013, 14:20   #11
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



eig.ganz normal ausser das ich seit dem immer wieder das gleiche Windows update habe, ka warum

eig. ganz normal.
nur hab ich seit tagen immer wieder die gleichen updates zu verfügung. ich weiss nicht ob es mit dem zusammenhängt aber ich hab sie schon 3x geland mit neustart aber es kommt dann gleich wieder zum download

eig. ganz normal!
nur hab ich seit tagen immer wieder die gleiche updates! hab sie schon 3-4x geladen installiert neustart usw... doch es kommt immer wieder.

ka ob das mit dem zusammenhängt

Alt 27.02.2013, 11:48   #12
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hi,

das kann mehrer Ursachen haben, prüfe mal das "WindowsUpdate.log" im Windowsverzeichnis, was da so drin steht... sonst nach dem Download der Updatedateien Netzwerk trennen und vor der Installation die Antivierenlösung komplett ausschalten...

Sonst folge mal diesem Link hier Zurücksetzen von Windows Update-Komponenten und poste noch ein neues OTL-Log...

Bist Du als Admin angemeldet?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 27.02.2013, 18:03   #13
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.02.2013 17:17:37 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ASUS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 38,85% Memory free
6,20 Gb Paging File | 4,21 Gb Available in Paging File | 67,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 83,23 Gb Free Space | 46,53% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 103,17 Gb Free Space | 86,52% Space Free | Partition Type: NTFS
 
Computer Name: FUXI | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.22 12:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
PRC - [2013.02.21 15:23:06 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2013.02.19 23:01:56 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.02.14 11:37:17 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
PRC - [2013.02.13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.02.05 16:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.25 10:05:20 | 000,247,728 | ---- | M] (Facebook) -- C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
PRC - [2012.08.14 13:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012.06.15 12:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012.02.28 11:17:26 | 000,929,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.02.28 11:12:36 | 000,011,744 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2010.08.24 06:16:20 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.08.13 00:21:12 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.09 18:14:06 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.25 04:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.06.19 21:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2008.06.18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.02.02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008.01.24 00:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008.01.23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.07.06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.05.18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.27 04:07:18 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013.02.27 04:07:12 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013.02.27 04:06:57 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
MOD - [2013.02.27 04:06:46 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.02.27 04:06:19 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.02.27 04:06:14 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013.02.27 03:21:39 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.02.27 03:21:30 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013.02.21 15:23:09 | 002,243,480 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2013.02.21 15:23:09 | 000,158,104 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013.02.21 15:23:09 | 000,022,424 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013.02.19 23:01:25 | 003,067,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 11:37:15 | 014,717,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_168.dll
MOD - [2013.02.13 03:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012.09.25 10:05:32 | 022,423,984 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\libcef.dll
MOD - [2012.09.25 10:05:08 | 000,181,680 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.WinForms.dll
MOD - [2012.09.25 10:05:00 | 000,286,640 | ---- | M] () -- C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\CefSharp.dll
MOD - [2012.06.18 16:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.03.30 05:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.09.16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.01.24 00:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.13 00:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTran.dll
MOD - [2007.08.08 11:52:08 | 000,331,776 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll
MOD - [2007.06.15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.02.19 23:01:55 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.14 11:37:17 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.15 12:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.02.28 11:12:36 | 000,215,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.02.28 11:12:36 | 000,011,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.08.24 06:16:20 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2009.06.25 01:17:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.05.18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\FsUsbExDisk.SYS -- (FsUsbExDisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2012.02.27 17:06:18 | 000,073,600 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.08.02 16:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.05.25 00:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010.08.24 06:16:20 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.10.07 14:20:27 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.09.05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.07.02 00:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.18 02:56:23 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.18 02:56:22 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.06.03 22:41:52 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008.05.13 22:35:24 | 001,772,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008.01.14 11:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.11.16 05:09:04 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2007.08.11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.08.09 05:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.07.30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006.12.15 08:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{b167b83b-348e-4f8a-a00d-693f28ede787}: "URL" = hxxp://search.expatshield.com/g/results.php?c=s&q={searchTerms}
IE - HKCU\..\SearchScopes\{B7719148-62EC-4539-80C0-48AEAB3C866F}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.oe3.at"
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:7.6.0.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.3.0.7280
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\ASUS\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ASUS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\ASUS\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.21 15:46:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.24 15:22:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.24 22:00:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.24 22:00:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.02.21 15:22:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.21 15:23:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.24 22:00:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.24 22:00:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.02.21 15:22:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.21 15:23:00 | 000,000,000 | ---D | M]
 
[2012.02.15 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2012.02.15 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
[2013.02.24 22:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions
[2011.02.16 01:28:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.17 14:25:21 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(49)
[2012.12.01 02:40:49 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\vasdy6o4.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012.11.15 18:30:12 | 000,214,020 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\socksharedownloader@socksharedownloader.com.xpi
[2011.08.27 19:17:45 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\youtube2mp3@mondayx.de.xpi
[2012.12.11 18:56:44 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 11:43:35 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.05 18:15:28 | 000,242,136 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011.02.16 00:47:33 | 000,002,342 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icq-search.xml
[2011.11.08 18:05:46 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-4.xml
[2012.08.02 21:36:23 | 000,000,950 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\mozilla\firefox\profiles\vasdy6o4.default\searchplugins\icqplugin-5.xml
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.19 23:01:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.02.19 23:01:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.21 15:46:18 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013.02.19 23:01:56 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.08.03 14:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2013.02.08 04:55:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.08 04:55:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.02.08 04:55:38 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.02.01 04:16:53 | 000,003,700 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fast.png
[2013.02.08 04:55:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.08 04:55:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.08 04:55:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.11.17 10:47:56 | 000,434,016 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: ::1	localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14940 more lines...
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files\SockshareDownloader\smarterdownloader.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\ASUS\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [Spotify] "C:\Users\ASUS\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\ASUS\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm File not found
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.15.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.153.32.129 213.153.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D827FF7B-104B-418D-88A8-286EF2737543}: DhcpNameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D98009D2-C8C2-4FFD-80F6-F9982BD69DA1}: DhcpNameServer = 194.48.139.254 194.48.124.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3759B92-3389-493E-AFDB-36DC3BFFB67C}: DhcpNameServer = 213.153.32.129 213.153.32.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{68ef0606-b344-11de-ae7c-9e7336002150}\Shell - "" = AutoRun
O33 - MountPoints2\{68ef0606-b344-11de-ae7c-9e7336002150}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{9d7916b7-5fce-11df-95e9-0aeb2e000433}\Shell\AutoRun\command - "" = F:\Install.exe
O33 - MountPoints2\{9d7916b7-5fce-11df-95e9-0aeb2e000433}\Shell\menu1\command - "" = F:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.25 21:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.25 21:39:21 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.25 21:33:44 | 010,156,344 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\ASUS\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.24 22:10:53 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\SUPERAntiSpyware.com
[2013.02.24 21:50:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.23 16:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.23 16:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.23 16:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.23 16:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.02.22 12:14:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2013.02.21 16:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.02.21 16:42:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.02.21 15:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.02.20 17:57:28 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\IsolatedStorage
[2013.02.20 17:57:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Medion
[2013.02.20 17:57:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\MEDION
[2013.02.20 17:27:40 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.20 17:27:09 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.20 17:27:09 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.20 17:27:09 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.19 23:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.14 11:18:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.14 11:18:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.14 11:18:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.14 11:18:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.14 11:18:15 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.14 11:18:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.14 11:18:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.14 11:18:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.14 10:29:07 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.14 10:29:06 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.14 10:29:00 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.14 10:29:00 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.12 23:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.02.12 23:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.02.10 19:24:41 | 016,365,936 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.02.10 19:23:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.27 17:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.27 17:01:41 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2593200360-2997682069-409558613-1000UA.job
[2013.02.27 17:01:15 | 000,214,694 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013.02.27 17:01:15 | 000,214,694 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.02.27 17:00:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.27 04:37:29 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 04:37:29 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 03:31:21 | 000,677,300 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.27 03:31:21 | 000,637,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.27 03:31:21 | 000,146,836 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.27 03:31:21 | 000,120,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.26 23:30:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2593200360-2997682069-409558613-1000Core.job
[2013.02.25 21:39:33 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.25 21:37:55 | 010,156,344 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\ASUS\Desktop\mbam-setup-1.70.0.1100.exe
[2013.02.25 16:34:54 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.24 21:59:40 | 000,594,019 | ---- | M] () -- C:\Users\ASUS\Desktop\adwcleaner.exe
[2013.02.23 16:46:31 | 000,001,631 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.22 17:05:20 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.02.22 14:22:37 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2013.02.22 12:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2013.02.20 17:59:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2013.02.20 17:26:57 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.20 17:26:53 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.20 17:26:53 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.20 17:26:53 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.20 17:26:52 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013.02.20 17:26:51 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.02.20 17:16:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2013.02.20 14:08:02 | 000,007,808 | ---- | M] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2013.02.14 11:37:17 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.14 11:37:17 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.14 11:32:09 | 001,796,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.12 23:08:32 | 000,001,158 | ---- | M] () -- C:\Users\ASUS\Desktop\Free YouTube to MP3 Converter.lnk
[2013.02.10 19:24:42 | 016,365,936 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013.02.10 19:23:09 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.02.10 19:23:09 | 000,001,878 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2013.02.25 21:39:33 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.24 21:59:24 | 000,594,019 | ---- | C] () -- C:\Users\ASUS\Desktop\adwcleaner.exe
[2013.02.23 16:46:31 | 000,001,631 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.22 14:22:37 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013.02.20 17:59:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2013.02.20 17:59:04 | 000,002,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2013.02.20 17:16:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
[2013.02.12 23:08:32 | 000,001,158 | ---- | C] () -- C:\Users\ASUS\Desktop\Free YouTube to MP3 Converter.lnk
[2013.02.10 19:23:09 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.02.10 19:22:46 | 000,001,878 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012.01.12 16:54:56 | 000,056,903 | ---- | C] () -- C:\Users\ASUS\iphone_weiss-6c3408a89806dac4.jpg
[2012.01.12 00:02:29 | 000,000,844 | ---- | C] () -- C:\Users\ASUS\.recently-used.xbel
[2011.04.11 22:10:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.08 13:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.08 13:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.08 13:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.08 13:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.26 04:59:33 | 000,150,468 | ---- | C] () -- C:\Users\ASUS\798.jpg
[2009.12.17 13:43:04 | 000,007,808 | ---- | C] () -- C:\Users\ASUS\AppData\Local\d3d9caps.dat
[2009.10.25 14:24:35 | 000,000,353 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\burnaware.ini
[2009.06.17 22:47:12 | 000,068,096 | ---- | C] () -- C:\Users\ASUS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.17 01:05:47 | 000,214,694 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.06.17 00:59:15 | 000,214,694 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.17 00:29:58 | 000,000,091 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\AVSDVDPlayer.m3u
[2008.07.02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---

Alt 28.02.2013, 08:38   #14
Chris4You
 
Coupondropdown - Standard

Coupondropdown



Hallo,

das Log sieht sauber aus, bist Du dem angegebenen Link gefolgt und die Analyse ausgeführt?
Hast Du das Windowsupdate.log gefunden, sind darin Warnungen/Fehlermeldungen enthalten (wenn ja, bitte posten)!

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 28.02.2013, 13:11   #15
misterfuxi
 
Coupondropdown - Standard

Coupondropdown



trotzdem habe ich die Coupondropdown anzeigen noch immer.


hier der log:

2013-02-24 23:49:57:815 5400 1684 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-24 23:49:57:815 5400 1684 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-24 23:49:57:811 5400 1684 AUClnt Launched Client UI process
2013-02-24 23:49:59:071 5400 1684 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-24 23:49:59:071 5400 1684 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-24 23:49:59:071 5400 1684 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-24 23:49:59:071 5400 1684 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 00:08:02:021 2864 9d4 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 00:08:02:021 2864 9d4 Misc = Process: C:\Windows\Explorer.EXE
2013-02-25 00:08:02:021 2864 9d4 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-25 00:08:02:016 2864 9d4 WUApp No EULA acceptance needed
2013-02-25 00:08:02:026 5400 1684 CltUI AU client got new directive = 'Interactive Progress', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 00:42:14:648 5400 1684 CltUI AU client got new directive = 'Install Complete Ux', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 00:43:44:644 5400 1684 CltUI AU client got new directive = 'Download Progress', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 00:43:44:681 5400 1684 CltUI FATAL: Failed to show download progress, hr=8024AFFF
2013-02-25 00:44:00:896 5232 1784 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 00:44:00:896 5232 1784 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 00:44:00:892 5232 1784 AUClnt Launched Client UI process
2013-02-25 00:44:01:112 5232 1784 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 00:44:01:113 5232 1784 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 00:44:01:113 5232 1784 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-25 00:44:01:112 5232 1784 CltUI AU client got new directive = 'Download Progress', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 00:44:01:135 5232 1784 CltUI FATAL: Failed to show download progress, hr=8024AFFF
2013-02-25 00:44:16:439 3316 126c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 00:44:16:439 3316 126c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 00:44:16:433 3316 126c AUClnt Launched Client UI process
2013-02-25 00:44:16:576 3316 126c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 00:44:16:576 3316 126c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 00:44:16:576 3316 126c Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-25 00:44:16:576 3316 126c CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 03:00:19:635 3316 126c CltUI AU client got new directive = 'Shutdown', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 14:22:22:011 3772 135c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 14:22:22:022 3772 135c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 14:22:22:007 3772 135c AUClnt Launched Client UI process
2013-02-25 14:22:22:144 3772 135c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 14:22:22:144 3772 135c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 14:22:22:144 3772 135c Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-25 14:22:22:144 3772 135c CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-25 16:39:02:751 3144 16ac Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 16:39:02:751 3144 16ac Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 16:39:02:742 3144 16ac AUClnt Launched Client UI process
2013-02-25 16:39:03:022 3144 16ac Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-25 16:39:03:022 3144 16ac Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-25 16:39:03:022 3144 16ac Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-25 16:39:03:022 3144 16ac CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-26 03:00:09:710 3144 16ac CltUI AU client got new directive = 'Shutdown', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-26 03:33:29:170 3596 dc Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-26 03:33:29:170 3596 dc Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-26 03:33:29:166 3596 dc AUClnt Launched Client UI process
2013-02-26 03:33:29:226 3596 dc Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-26 03:33:29:226 3596 dc Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-26 03:33:29:226 3596 dc Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-26 03:33:29:226 3596 dc CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-26 05:30:18:074 4800 fb8 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-26 05:30:18:074 4800 fb8 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-26 05:30:18:070 4800 fb8 AUClnt Launched Client UI process
2013-02-26 05:30:18:174 4800 fb8 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-26 05:30:18:174 4800 fb8 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-26 05:30:18:174 4800 fb8 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-26 05:30:18:174 4800 fb8 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-26 14:18:56:303 3192 a84 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-26 14:18:56:304 3192 a84 Misc = Process: C:\Windows\Explorer.EXE
2013-02-26 14:18:56:304 3192 a84 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-26 14:18:56:303 3192 a84 WUApp FATAL: GetProperty "updateSummaryImportantText" failed with hr=80070057
2013-02-26 14:19:09:292 3192 a84 WUApp FATAL: GetProperty "updateSummaryImportantText" failed with hr=80070057
2013-02-26 14:22:07:049 3192 a84 WUApp FATAL: GetProperty "updateSummaryImportantText" failed with hr=80070057
2013-02-27 03:00:11:273 4800 fb8 CltUI AU client got new directive = 'Shutdown', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 03:33:41:992 5332 1680 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 03:33:41:992 5332 1680 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 03:33:41:986 5332 1680 AUClnt Launched Client UI process
2013-02-27 03:33:42:098 5332 1680 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 03:33:42:098 5332 1680 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 03:33:42:098 5332 1680 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-27 03:33:42:098 5332 1680 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 05:21:28:739 4116 9e8 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 05:21:28:739 4116 9e8 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 05:21:28:735 4116 9e8 AUClnt Launched Client UI process
2013-02-27 05:21:28:790 4116 9e8 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 05:21:28:790 4116 9e8 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 05:21:28:790 4116 9e8 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-27 05:21:28:790 4116 9e8 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 17:16:15:611 4116 9e8 CltUI AU client got new directive = 'None', serviceId = {00000000-0000-0000-0000-000000000000}, return = 80010108
2013-02-27 17:17:35:158 5148 e38 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 17:17:35:159 5148 e38 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 17:17:35:153 5148 e38 AUClnt Launched Client UI process
2013-02-27 17:17:35:251 5148 e38 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 17:17:35:251 5148 e38 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 17:17:35:251 5148 e38 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-27 17:17:35:251 5148 e38 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 20:00:55:575 3268 160c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 20:00:55:575 3268 160c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 20:00:55:569 3268 160c AUClnt Launched Client UI process
2013-02-27 20:00:55:686 3268 160c Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 20:00:55:686 3268 160c Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 20:00:55:686 3268 160c Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-27 20:00:55:686 3268 160c CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 20:00:55:696 3268 160c AUClnt WARNING: Shell_NotifyIcon failed (dwMessage=0x0, uFlags=0x7, hr=0x80070002)
2013-02-27 20:00:55:696 3268 160c AUClnt WARNING: Shell_NotifyIcon failed (dwMessage=0x0, uFlags=0x7, hr=0x80070002)
2013-02-27 20:00:55:696 3268 160c AUClnt WARNING: Shell_NotifyIcon failed (dwMessage=0x0, uFlags=0x7, hr=0x80070002)
2013-02-27 20:00:55:696 3268 160c AUClnt WARNING: Shell_NotifyIcon failed (dwMessage=0x0, uFlags=0x7, hr=0x80070002)
2013-02-27 23:01:05:106 4568 1110 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 23:01:05:106 4568 1110 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 23:01:05:099 4568 1110 AUClnt Launched Client UI process
2013-02-27 23:01:05:929 4568 1110 Misc =========== Logging initialized (build: 7.6.7600.256, tz: +0100) ===========
2013-02-27 23:01:05:929 4568 1110 Misc = Process: C:\Windows\system32\wuauclt.exe
2013-02-27 23:01:05:929 4568 1110 Misc = Module: C:\Windows\system32\wucltux.dll
2013-02-27 23:01:05:929 4568 1110 CltUI AU client got new directive = 'Download Progress', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-27 23:01:07:324 4568 1110 CltUI AU client got new directive = 'Install Approval', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0
2013-02-28 03:00:17:560 4568 1110 CltUI AU client got new directive = 'Shutdown', serviceId = {7971F918-A847-4430-9279-4A52D1EFE18D}, return = 0

Antwort

Themen zu Coupondropdown
coupondropdown, malwarebytes, neu, problem, runtergeladen



Ähnliche Themen: Coupondropdown


  1. Ad by CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (8)
  2. coupondropdown
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (5)
  3. Win 7: CouponDropDown entfernen
    Log-Analyse und Auswertung - 24.08.2013 (10)
  4. CouponDropDown Virus
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (83)
  5. Coupondropdown in shockwave flash
    Plagegeister aller Art und deren Bekämpfung - 26.07.2013 (2)
  6. CouponDropDown entfernen?
    Log-Analyse und Auswertung - 18.07.2013 (12)
  7. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (21)
  8. Virus Coupondropdown auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (33)
  9. CouponDropDown
    Log-Analyse und Auswertung - 14.07.2013 (21)
  10. CouponDropDown - Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (13)
  11. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 12.05.2013 (15)
  12. CouponDropDown entfernen
    Log-Analyse und Auswertung - 26.04.2013 (9)
  13. CouponDropDown
    Log-Analyse und Auswertung - 16.04.2013 (24)
  14. CouponDropDown - brauche Unterstützung
    Log-Analyse und Auswertung - 12.03.2013 (37)
  15. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (17)
  16. Mein PC ist mit CouponDropDown infiziert
    Plagegeister aller Art und deren Bekämpfung - 29.01.2013 (12)
  17. Coupondropdown und akamaihd.net
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (3)

Zum Thema Coupondropdown - hallo bin neu hier und hab ein problem mit Coupondropdown. Hab mir schon Malwarebytes runtergeladen und lass es gerade durchlaufen! adwcleaner0 hab ich auch schon runtergeladen sowie OTL! installier zuerst - Coupondropdown...
Archiv
Du betrachtest: Coupondropdown auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.