Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   claro search entfernen (https://www.trojaner-board.de/127049-claro-search-entfernen.html)

LouLau 15.11.2012 17:26
claro search entfernen
 
Hallo Leute ich habe ein Problem und brauche Hilfe:
Seit ein paar Tagen kommt jedesmal beim Öffnen des Browsers (Firefox) als Startseite: "Claro-search". Ich kann das zwar temporär wieder ändern, aber beim nächsten Start ist der Mist wieder da. Ich habe schon einiges probiert,
inclusive eines kompletten Systemscann mit "Norten 360" aber eine Lösung ist mir bis jetzt noch nicht gelungen. Ich möchte aber auch noch anfügen, dass meine PC-Kenntnisse sehr bescheiden sind. Hilfe wäre also sehr lieb. Vielen Dank.

cosinus 17.11.2012 01:07
Hallo und :hallo:

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Zitat:
inclusive eines kompletten Systemscann mit "Norten 360"
Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520

LouLau 17.11.2012 10:21
Hallo Cosinus,
vielen Dank und schön, dass du dich meines Problems annehmen möchtest.
Sag mir bitte was zu tun ist. Aber wie ich schon zu Beginn mitgeteilt habe bitte ich um Nachsicht, wenn ich einige Dinge nicht sofort kapiere (Computerkenntnisse.....). Dennoch werde ich mich bemühen, deinen "Anweisungen" zu folgen. Mal sehen, ob's was wird ??
Eine Frage noch: Wie muß ich das mit den "BB-Codes" händeln ?

cosinus 17.11.2012 15:03
Zitat:
Sag mir bitte was zu tun ist.
Ganz unten in meinem ersten Posting steht schon etwas was du beachten solltest, das wurde verlinkt

Zitat:
Eine Frage noch: Wie muß ich das mit den "BB-Codes" händeln ?
Wurde in meinem ersten Posting auch verlinkt (CODE-Tags), hier nochmal ausführlicher

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

LouLau 18.11.2012 12:24
Guten Tag Cosinus,

starte mal vorsichtig einen ersten Versuch. Die angegebene Malwarescanner
hebe ich alle nicht auf meinem Rechner, deshalb habe ich mal ein wenig in Eurem Forum geschnüffelt und das gemacht, was einigen dort empfohlen wurde:
1. Defogger herunterladen - aufs Desktop und Ergebnis:
Logfile:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:36 on 15/11/2012 (Herbert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
2.OTL herunterladen - Ausführen - Ergebnis:
Logfile1: (Extras - Editor)
OTL Logfile:
Code:
OTL Extras logfile created on: 15.11.2012 16:40:21 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Herbert\Desktop\2
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 39,86% Memory free
8,19 Gb Paging File | 5,60 Gb Available in Paging File | 68,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,63 Gb Total Space | 295,13 Gb Free Space | 50,66% Space Free | Partition Type: NTFS
Drive D: | 13,54 Gb Total Space | 1,86 Gb Free Space | 13,72% Space Free | Partition Type: NTFS
 
Computer Name: HP-DESKTOP | User Name: Herbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE" /x /n
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoinsight Designer] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\Fotoinsight Designer.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE" /x /n
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoinsight Designer] -- "C:\Program Files (x86)\Fotoinsight\Fotoinsight Designer\Fotoinsight Designer.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = B1 39 AF 01 D7 3D CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0258D4AB-3ACD-4128-8904-56907217C09A}" = lport=138 | protocol=17 | dir=in | app=system |
"{070AB8FF-D300-4A4A-A677-21D1013C4BF1}" = rport=139 | protocol=6 | dir=out | app=system |
"{187EA1CE-88CD-43BE-8C7F-BB7300D0772B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4C336251-AEAE-4751-A4BC-FE5AEDAE1D1A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{53C62F0D-41F5-4F7A-B0E7-DC90B99360C8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{55D6AD7C-75B8-4E89-AB25-34CED2ECFEB1}" = rport=137 | protocol=17 | dir=out | app=system |
"{727E1BB6-1A20-4E6B-850A-B71D5E907ED2}" = lport=445 | protocol=6 | dir=in | app=system |
"{8E04D028-61CD-48C7-AC39-9AF5B41BAC66}" = lport=58927 | protocol=6 | dir=in | app=c:\program files (x86)\birdiesync\birdiesync.exe |
"{A8D60D22-16DA-40E3-859B-57EB03090C63}" = lport=139 | protocol=6 | dir=in | app=system |
"{BAFAC6AD-3BBE-4CF9-B1DD-5485305C68BD}" = rport=138 | protocol=17 | dir=out | app=system |
"{CDF4A670-9EAB-4CDC-B2DC-D422B60AF6EF}" = lport=137 | protocol=17 | dir=in | app=system |
"{DD044CF5-F0A5-421A-AC21-04414B6F00D5}" = rport=445 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BB7D0B5-B9E5-4923-819A-E08C8014451D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{142CF540-DB64-465E-A8C1-9F78FA381836}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{1FA9019D-0B4D-42FF-B51D-C469FA2B4ED2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3ABA224F-F532-443E-B9B8-3877BDABEFBC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{41A355C7-E033-4B27-809C-06064BE80C93}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{484E4CA7-63CE-494B-AE1D-5141D1E578A6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5ED4B645-04D8-49C3-AE67-47FC3FCF53BE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{71923E2E-FF47-415B-84A2-B4E5C8FD62A5}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{731B12CF-7439-4682-9A9C-273AF1952A93}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{731F9014-170F-4C31-BA58-7FD1CB58D0E4}" = dir=in | app=c:\users\herbert\appdata\local\microsoft\skydrive\skydrive.exe |
"{742B2A8E-7C74-429A-9AB7-03F6D13D3F62}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78079336-918B-4E49-BFBB-CA0A8512BE76}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{7FFFADC5-2A0C-48A3-AE1C-9D15FAFCA85D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A46577D4-E487-4D31-9FB3-F2D9DEC361D5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A879130E-80A5-4A19-8689-8E6EA237F246}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{C5425AEB-DFDA-414D-8B64-0F30CD4341AE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{D0959FF8-1A88-4009-9083-A3654F5E8E35}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{D4F6384E-20AF-41AD-B7FE-C8B24A7EEE43}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{E6D2694D-5D92-4204-8F41-B4E9066E7CCF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F5614131-EEEE-437A-89A3-40C48B1A34BE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04C43AE1-5B72-487F-AC6C-6BC1AA19FE03}" = Microsoft IntelliPoint 6.2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1D95A4AF-B4FE-45E5-1518-2A842BA83081}" = ccc-utility64
"{223C0721-A6B0-4853-88C0-331029841734}" = HP Color LaserJet CP1510 Series 2.0
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EA8213A-9080-C41F-2F85-8FF98374AB9F}" = ATI Catalyst Install Manager
"{B71CCF77-38A2-4805-9759-A6F7D2C52F3A}" = Adobe Photoshop Lightroom 4.2 64-bit
"{B85B1A3C-E404-44E5-A0E1-C4D0438A49C1}" = Adobe Photoshop Lightroom 2.5 64-bit
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F68310EC-B615-4044-B7D7-1A6349758D42}" = Microsoft SQL Server VSS Writer
"{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}" = Microsoft SQL Server Native Client
"A35BD68D4A1B3E191138E3C9AA417190A9468F7E" = Windows-Treiberpaket - Leaf Imaging Ltd. Image  (02/11/2010 )
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Testversion von Microsoft Office Home and Student 2007
"ZDFmediathek_is1" = ZDFmediathek Version 1.4.3
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0019BCD5-6D1C-6B47-8214-A151D5FCFDDC}" = Catalyst Control Center Localization Thai
"{014A0EB1-C226-1CAF-7B72-49321CB0E9B3}" = CCC Help Hungarian
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{069B290F-5398-4629-A009-85B4BCB4B1B9}" = Claro Chrome Toolbar
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0AF5BF1B-FFE1-2C85-FDDC-3A44EFD341EC}" = Catalyst Control Center Localization Italian
"{0BB291F1-BEBA-2530-990B-863B206B1F8A}" = Catalyst Control Center Localization German
"{0DBC686C-F556-473E-B6DC-AB828A938828}" = Lexware vereinsverwaltung Update
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{114C3B4C-CA35-1027-B126-F10DAB0F20B7}" = CCC Help Norwegian
"{11908571-96AB-2B21-EDBE-7852B087E925}" = Catalyst Control Center Localization Portuguese
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1C5D5D15-CABD-4C5A-A80E-B5C4CA6FE90A}" = hppTLBXFXCP1510
"{1F73D672-6175-4A1D-B3C1-420439D03D0F}" = Product_SF_Full_QFolder
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{23C7264E-BAA0-73B7-0B7C-BA1CCA40F438}" = CCC Help Chinese Standard
"{23D2AA7C-FFB2-3271-7568-58D9CE58598F}" = CCC Help German
"{25468ED2-C4F8-C7EB-5CDB-20D934D6A1F9}" = CCC Help French
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{277AF855-DF15-BDCA-D570-5B94C5371201}" = CCC Help Polish
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2BEC7DA6-3455-5674-4A0E-09A6777A2C25}" = Catalyst Control Center Localization Dutch
"{2CC86F66-6C15-3D00-F05E-830846CF2393}" = CCC Help Turkish
"{2DDB9835-EE7B-FF38-084C-EBB81710A5FB}" = Catalyst Control Center Graphics Previews Vista
"{2E4609A3-F5AF-4408-B0C4-B8B84BC753DF}" = Catalyst Control Center - Branding
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}" = Quicken 2012
"{319786B7-D72F-43B3-99C1-E93724ED17D3}" = Lexware online banking 4.90
"{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}" = funScreenScraping Client Version
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35BEB65B-B67C-C104-CE7E-56D71378822D}" = Catalyst Control Center Localization Swedish
"{36D76EB0-F8A6-BD4A-A3C9-B07BE72FF6CD}" = Catalyst Control Center Graphics Full New
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39AF5C9F-9673-438F-BBF9-47690B989F7F}" = QuickSteuer 2012
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B7AD0B6-B25D-EB03-5657-E9B3ECBC3C28}" = Catalyst Control Center Graphics Light
"{3C9DDCA5-D9EF-B431-B7E8-3B2286E92FEE}" = Catalyst Control Center Core Implementation
"{3E4A0E01-8E00-4D1F-A280-81A92D638552}" = Steuer Update 15.03
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{414C803A-6115-4DB6-BD4E-FD81EA6BC71C}" = Product_SF_Min_QFolder
"{441BA798-953E-1FF2-F9B8-7D1BED5E3278}" = CCC Help Chinese Traditional
"{450008C6-3722-4214-AB4F-9E45B57CB422}" = DDBAC
"{4601651C-0FCF-47CD-BE86-9C88BC54BD0D}" = Steuer Update 15.03
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{48FF6DE6-0619-4562-B4B1-21F161FE0DE0}" = Symantec Technical Support Advanced Chat Controls
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C074190-CE6F-1960-F8BC-B00CF700CAA4}" = Catalyst Control Center Localization Korean
"{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}" = Quicken 2010 - Servicepack 5
"{4DDF7B07-6CC5-CEE9-CA52-E95F8547EBC0}" = Catalyst Control Center Localization Greek
"{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken 2010
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56B74948-05CA-C84D-307C-A578F98DAF33}" = Catalyst Control Center Localization Japanese
"{590129B0-8CBD-0C3D-55C6-693C5C910A53}" = Catalyst Control Center Graphics Full Existing
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5E894531-91FB-4B76-AA0F-49E0E1F357D6}" = hppPQVideoCP1510
"{60706F47-9AD7-59C5-2BFF-A747086FE30B}" = Catalyst Control Center Localization Finnish
"{607576AD-A631-77DE-3D8C-3FBA257962D0}" = Skins
"{61B8FF9A-E7A4-0500-34C9-2A218825F09C}" = Catalyst Control Center InstallProxy
"{61E1C6E3-1793-2F66-B14D-E8899F8F36D7}" = Catalyst Control Center Localization Turkish
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64FD4D83-085A-49D0-905A-F06057B73DA3}" = hppCLJCP1510
"{65C043EC-BEB5-4791-8EB3-EF9EDBEDA7DB}" = QuickSteuer Wissens-Center 2009
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68E6762C-20CA-41B2-8720-1B178B2C6AED}" = DxO FilmPack 2.0
"{69742A9A-B7C4-433B-98B2-53D597598793}_is1" = Inpaint 3 Installation & Registrierung
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6EE36762-E5CE-41E6-9EDF-DF610ADD6D72}" = Steuer Update 15.03
"{6F058B03-40A6-3023-ACE4-C031CB5F51E6}" = CCC Help Portuguese
"{6F1D0A3C-3E04-3E6D-2286-1B1900777555}" = Catalyst Control Center Localization Chinese Standard
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{76F79738-4234-45E8-80AA-F56F8FCD4FBE}" = QuickSteuer 2009
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADCEEA0-AC82-4360-AD6B-CCF01B66F9DB}" = hppusgCP1510
"{7B4B0AA9-F97E-49C4-AE6F-D40580B65A22}" = onOne PerfectPresets
"{7C0B4269-EFF1-FE99-2298-B5752BBCD1CE}" = Catalyst Control Center Graphics Previews Common
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7FC74607-ED6E-49C3-87FA-56B50A2EE158}" = Quicken Import Export Server 2012
"{815E4EFD-6A9C-50F5-3C7B-DD5984BF1CBB}" = Catalyst Control Center Localization Danish
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.9.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D8637C8-BD8F-71AF-1E15-B4104FDFF6A9}" = CCC Help Japanese
"{90110407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9E3A383E-0AF0-97F3-3FFF-E466DFDD302B}" = CCC Help Greek
"{9F07D3B6-3801-4C33-B20E-39CC29E63253}" = Steganos Privacy Suite 14
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A40DD5A8-B549-126F-DEDE-2A0DD11342F0}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC42EE05-1F5D-4B92-851A-DBFE81088A0C}" = QuickSteuer 2010
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B03DF1CE-9964-0BCB-A53E-9ABE88B17F60}" = Catalyst Control Center Localization Spanish
"{B04F82E0-C4F2-58B3-C799-FAC82F6F88C1}" = CCC Help Russian
"{B0516082-BA15-2ACC-A354-0CA22CFE4CF9}" = CCC Help Spanish
"{B3891007-20E0-83BB-93F8-3062A2ED39EB}" = CCC Help Italian
"{B3DA638A-7AC7-4202-C489-898D8A5AE48B}" = CCC Help Dutch
"{B593E002-4F0A-2537-AF4D-59C371FCE60F}" = CCC Help Finnish
"{B790DA3B-5017-FA94-E330-94CFF7CF7171}" = Saal Design Software
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{B91E216D-425B-4016-BD26-57D6BBF8B768}" = LexwareVereinsverwaltung 12 Update
"{B932A416-28A7-4D08-89A6-7A0464DAD37D}" = hpzTLBXFX
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{B9CB4A55-002A-5FC0-DF39-A5D5FF2F036D}" = Catalyst Control Center Localization French
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C485E0AA-2176-835B-8555-C08002E8517B}" = Catalyst Control Center Localization Norwegian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7BD9413-E518-4178-AF1B-A8915554031D}" = RedmarkVereinsverwaltung 2011
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}" = Lexware online banking
"{C948C303-C151-B075-DDD6-F69B963B70EF}" = Catalyst Control Center Localization Russian
"{C9E04998-234A-4ACE-6C91-30F7E8EA735D}" = Catalyst Control Center Localization Polish
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB5EE8A-8DE8-E4E2-1D3D-31C9CC3519C9}" = Catalyst Control Center Localization Chinese Traditional
"{D2299355-97DE-1DBC-98EB-C5F2357F874C}" = Catalyst Control Center Localization Hungarian
"{D2C6274D-C3C0-0C1B-5E79-B94843622343}" = Catalyst Control Center Localization Czech
"{D5C8E140-6E6F-11DD-9AA9-0050560400B1}" = Haufe iDesk-Service
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D78C15E3-7648-A466-651C-FB618B3659AD}" = CCC Help Korean
"{D79B34A7-658C-4406-B4A5-6C982E07D57F}" = Steganos Password Manager 2009
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{DC2A30B7-030B-6842-C5D5-AE3D5E7B8ECC}" = ccc-core-static
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF18DFB5-A9CC-1A17-9861-2187C1265CD4}" = CCC Help Swedish
"{E13DE915-C42C-4A06-BC63-474A4E12F474}" = Steuer Update 15.09
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}" = QuickSteuer 2011
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E8C5BD56-F5D8-41D3-8A71-273468FE256A}" = T-Home Dialerschutz-Software
"{E9DA117D-B2B8-9F7D-DBD7-FF2A730FBB8A}" = CCC Help Czech
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED5BDA06-0D68-4B4C-93FE-50BE94ADA6E9}" = hppManualsCP1510
"{EE5BCA77-F9B8-4896-BB04-6CBE587BC8CE}" = QuickSteuer 2009
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}" = HP Easy Setup - Frontend
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F48AAE0F-52F4-11DD-B1F7-0050560400B1}" = Haufe iDesk-Browser
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F7E345A5-F79B-44EE-BC4A-738899E756C0}" = Lexware online banking 4.90
"{FDC5251B-4139-1DAE-8CCC-20AAC4E5422E}" = CCC Help Thai
"{FF063B2A-19DB-C210-C06D-8BBECD7D45B4}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon iP4700 series Benutzerregistrierung" = Canon iP4700 series Benutzerregistrierung
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CaptureOne5_is1" = Capture One 5.2
"claro" = Claro LTD toolbar 
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.0
"Cut Out_is1" = Cut Out 3.0
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"DPP" = Canon Utilities Digital Photo Professional 3.9
"DRI Tool 2.0_is1" = DRI Tool 2.0
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"Filter Forge Freepack 2 - Photo Effects_is1" = Filter Forge Freepack 2 - Photo Effects 1.012
"Forte Free" = Forte Free 2.0
"Fotoinsight Designer" = Fotoinsight Designer
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Updater" = Google Updater
"InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken 2010
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JAP" = JAP
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"mediAvatar iPhone Klingelton Maker" = mediAvatar iPhone Klingelton Maker
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Vollversion)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"N360" = Norton 360
"NirSoft Wireless Network Watcher" = NirSoft Wireless Network Watcher
"PC-Doctor for Windows" = Hardware Diagnose Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PowerLame" = PowerLame (remove only)
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Saal Fotobuch" = Saal Fotobuch
"SaalDesignSoftware" = Saal Design Software
"SilverFast CanonSDK-SE" = SilverFast CanonSDK-SE 6.6.2r5
"Stepok's One Click Wipe  Basic_is1" = One Click Wipe  Basic
"Webshots Desktop_is1" = Webshots Desktop
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WildTangent hp Master Uninstall" = My HP Games
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1008
Description =
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1005
Description =
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1018
Description =
 
Error - 13.11.2012 08:51:16 | Computer Name = HP-Desktop | Source = Perflib | ID = 1008
Description =
 
Error - 14.11.2012 04:33:44 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description =
 
Error - 15.11.2012 04:41:06 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description =
 
Error - 15.11.2012 04:59:54 | Computer Name = HP-Desktop | Source = EventSystem | ID = 4621
Description =
 
Error - 15.11.2012 05:30:32 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description =
 
Error - 15.11.2012 06:04:24 | Computer Name = HP-Desktop | Source = EventSystem | ID = 4621
Description =
 
Error - 15.11.2012 06:07:41 | Computer Name = HP-Desktop | Source = WinMgmt | ID = 10
Description =
 
Error - 15.11.2012 11:34:46 | Computer Name = HP-Desktop | Source = Application Hang | ID = 1002
Description = Programm ccSvcHst.exe, Version 11.2.3.6 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: b64  Anfangszeit: 01cdc318ee87335c  Zeitpunkt der Beendigung:
 24
 
[ System Events ]
Error - 13.11.2012 04:44:22 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 14.11.2012 04:34:26 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description =
 
Error - 14.11.2012 04:34:26 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 15.11.2012 04:42:02 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description =
 
Error - 15.11.2012 04:42:03 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 15.11.2012 05:30:14 | Computer Name = HP-Desktop | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =
 
Error - 15.11.2012 05:31:57 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description =
 
Error - 15.11.2012 05:31:57 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description =
 
Error - 15.11.2012 06:08:13 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7022
Description =
 
Error - 15.11.2012 06:08:14 | Computer Name = HP-Desktop | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >
--- --- ---



Logfile2 (OTL - Editor)

OTL Logfile:
Code:
OTL logfile created on: 15.11.2012 16:40:21 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Herbert\Desktop\2
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 39,86% Memory free
8,19 Gb Paging File | 5,60 Gb Available in Paging File | 68,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,63 Gb Total Space | 295,13 Gb Free Space | 50,66% Space Free | Partition Type: NTFS
Drive D: | 13,54 Gb Total Space | 1,86 Gb Free Space | 13,72% Space Free | Partition Type: NTFS
 
Computer Name: HP-DESKTOP | User Name: Herbert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.15 16:38:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Herbert\Desktop\2\OTL.exe
PRC - [2012.11.15 16:23:42 | 000,050,477 | ---- | M] () -- C:\Users\Herbert\Desktop\1\Defogger.exe
PRC - [2012.10.24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.10.18 08:17:17 | 000,238,552 | ---- | M] (Microsoft Corporation) -- C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012.10.02 12:30:10 | 000,084,992 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe
PRC - [2012.10.02 12:30:04 | 000,071,680 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe
PRC - [2012.10.02 12:24:00 | 000,017,920 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe
PRC - [2012.09.06 12:12:20 | 000,162,408 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
PRC - [2011.09.16 10:48:54 | 001,623,920 | ---- | M] (Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2011.07.31 14:07:18 | 000,189,808 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2008.10.23 16:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
PRC - [2008.08.15 10:39:04 | 003,343,688 | ---- | M] (Webshots.com) -- C:\PROGRA~2\Webshots\Webshots.scr
PRC - [2008.04.16 17:18:44 | 000,317,952 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\DTHtml.exe
PRC - [2008.04.16 17:16:40 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2008.01.21 03:50:17 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2007.11.26 14:51:00 | 001,085,440 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Program Files (x86)\DSL-Manager\DslMgr.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.11 00:43:54 | 000,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
PRC - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
PRC - [2007.04.18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.15 16:23:42 | 000,050,477 | ---- | M] () -- C:\Users\Herbert\Desktop\1\Defogger.exe
MOD - [2012.11.15 10:39:02 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.15 10:38:45 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.15 10:38:35 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.15 10:37:36 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.15 10:37:30 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.11.15 10:19:57 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012.11.15 10:19:48 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012.11.15 10:19:46 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012.11.15 10:19:45 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012.11.15 10:19:43 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012.11.15 10:19:35 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012.10.24 18:49:23 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012.10.11 12:17:06 | 002,069,528 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.03.30 05:42:19 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:40:03 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.03 17:31:38 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2008.04.16 17:16:42 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2008.04.16 17:16:24 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2008.02.11 16:23:14 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\drivers\vista.dll
MOD - [2007.05.08 16:44:58 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPToolkit.dll
MOD - [2007.05.08 16:44:58 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPUsageTracking.dll
MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
MOD - [2007.05.08 16:44:58 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\Enumeration.dll
MOD - [2007.05.08 16:44:44 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPTools.dll
MOD - [2007.05.08 16:44:40 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT\bin\HPStreamsInterface.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2008.05.14 23:03:34 | 000,887,808 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2012.11.14 10:49:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.30 12:16:22 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.21 18:15:34 | 000,376,832 | ---- | M] (T-Systems International GmbH) [Auto | Running] -- C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe -- (DFSVC)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.25 10:45:40 | 000,153,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.05 14:55:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.10.23 16:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Running] -- C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2008.04.16 17:16:40 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2008.02.03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.02.01 18:08:50 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008.01.21 03:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 03:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.07.06 03:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012.07.06 03:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012.06.07 05:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012.05.22 10:36:46 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.05.22 02:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2012.02.29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.16 20:38:00 | 000,445,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0604000.009\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011.11.16 20:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2011.08.15 23:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009.10.15 18:14:38 | 000,028,192 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SipIMNDI64.sys -- (SipIMNDI)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.09.03 10:45:26 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008.05.14 23:49:44 | 004,436,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2007.09.12 16:24:00 | 000,041,024 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dsltestSp5a64.sys -- (dsltestSp5a64)
DRV:64bit: - [2007.08.21 09:43:26 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64)
DRV:64bit: - [2007.08.01 14:49:02 | 000,019,008 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dslmnlwf.sys -- (DslMNLwf)
DRV:64bit: - [2007.07.16 11:29:22 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPFXBULK)
DRV:64bit: - [2006.11.16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV - [2012.11.15 10:04:47 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121114.008\ex64.sys -- (NAVEX15)
DRV - [2012.11.15 10:04:47 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121114.008\eng64.sys -- (NAVENG)
DRV - [2012.10.24 00:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.10.23 12:56:32 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.09.01 01:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121114.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.09 10:30:17 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.02.17 13:21:12 | 000,108,256 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\SleeN1764.sys -- (SLEE_17_DRIVER)
DRV - [2009.10.15 18:14:38 | 000,017,952 | ---- | M] (T-Systems International GmbH) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS -- (DFSYS)
DRV - [2006.10.05 16:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\TPkd.sys -- (TPkd)
DRV - [2001.01.26 13:43:20 | 000,002,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys -- (PciDumpr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}
IE:64bit: - HKLM\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE:64bit: - HKLM\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ${URL_STARTPAGE}
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2102572
IE - HKLM\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {6B1D1FB7-7233-4F7C-802C-21A1DDB12754}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{09038620-190C-402B-A92F-18864E6AB22F}: "URL" = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4612_4&babsrc=SP_ss&mntrId=7047a004000000000000002215191871
IE - HKCU\..\SearchScopes\{32A68923-D242-4DB1-9D61-59ECDFE687EE}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{40064957-18EB-412d-9146-3F57E8D92EEC}: "URL" = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
IE - HKCU\..\SearchScopes\{5A817CF6-92D5-4DE5-AC38-82DF8A73EF28}: "URL" = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6B1D1FB7-7233-4F7C-802C-21A1DDB12754}: "URL" = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
IE - HKCU\..\SearchScopes\{8D27B32E-89EE-460e-82D2-5FC354078EAD}: "URL" = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
IE - HKCU\..\SearchScopes\{D6E4D59A-E5FE-4C8D-8347-B99B76E656E5}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{DCE59F23-A446-45a5-9459-E68FDC0DE38D}: "URL" = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
IE - HKCU\..\SearchScopes\{F137222E-6DE9-44E9-8EF2-CC5A8D3833BB}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.zdf.de/"
FF - prefs.js..extensions.enabledAddons: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.18
FF - prefs.js..extensions.enabledAddons: {8F6A6FD9-0619-459f-B9D0-81DE065D4E21}:1.10.3
FF - prefs.js..extensions.enabledAddons: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.8
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.3
FF - prefs.js..extensions.enabledAddons: {00F0643E-B367-4779-B45D-7046EBA37A88}:14.0.3.10073
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.6
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {8F6A6FD9-0619-459f-B9D0-81DE065D4E21}:1.10.1
FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "${URL_SEARCHPAGE}"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Herbert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012.05.23 08:08:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012.11.15 11:08:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2012.11.09 10:44:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.15 10:48:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.30 13:01:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 12:16:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.11.13 13:45:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.30 12:16:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.08.20 11:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Extensions
[2010.08.20 11:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.11.15 10:37:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions
[2012.11.09 11:00:44 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.05.01 16:28:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.07 17:45:29 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.01.08 16:52:36 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
[2012.01.23 12:32:07 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.01 11:52:45 | 000,000,000 | ---D | M] (Locationbar²) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\locationbar2@design-noir.de
[2011.03.14 10:02:24 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Herbert\AppData\Roaming\mozilla\Firefox\Profiles\8318c41d.default\extensions\personas@christopher.beard
[2012.08.27 16:57:01 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2011.12.09 09:17:34 | 000,025,332 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{8F6A6FD9-0619-459f-B9D0-81DE065D4E21}.xpi
[2012.07.25 08:23:04 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.13 13:45:58 | 000,002,514 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\searchplugins\browsemngr.xml
[2012.01.22 13:20:10 | 000,000,931 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\mozilla\firefox\profiles\8318c41d.default\searchplugins\conduit.xml
[2012.11.15 10:48:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.30 13:01:49 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2012.10.30 13:01:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.30 13:01:47 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com
[2012.11.13 13:45:58 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.796.11\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009.03.31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.13 13:45:38 | 000,006,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Steganos.Pwm.BHO) - {23162633-071E-4D3C-B347-B85451A92DBA} - C:\Program Files (x86)\Steganos Password Manager 2009\PwmBho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe File not found
O4 - HKLM..\Run: [SSS14 File Redirection Starter] C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [SSS14 HotKeys] C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [T-Home Dialerschutz-Software] C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe (T-Systems International GmbH)
O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk ()
O4 - HKCU..\Run: [SkyDrive] C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SSS14 Browser Monitor] C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe (Steganos Software GmbH)
O4 - HKCU..\Run: [SSS6_SAFE] "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe" /booting File not found
O4 - HKCU..\Run: [SSS6_SPM] "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe" /booting File not found
O4 - HKCU..\Run: [SSS6_Suite] "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe" /booting File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" File not found
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Commerzbank_2012.xls - Verknüpfung.lnk = C:\Users\Herbert\Documents\Banking\Aktien\Commerzbank_2012.xls ()
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Veri-Valeur_2012.xls - Verknüpfung.lnk = C:\Users\Herbert\Documents\Banking\Aktien\Veri-Valeur_2012.xls ()
O4 - Startup: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Herbert\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{7B0E5486-E11D-437f-AC8B-7901C7D3FCCB} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5e8dbd1a-3e57-11df-bff5-002215191871}\Shell\AutoRun\command - "" = E:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.15 16:39:08 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Desktop\2
[2012.11.15 16:28:53 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Desktop\1
[2012.11.15 10:12:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.13 13:46:00 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012.11.13 13:45:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.11.13 13:45:57 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Claro
[2012.11.13 13:45:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Claro LTD
[2012.11.13 13:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.13 13:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.11.13 13:45:12 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\Babylon
[2012.11.13 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Herbert\AppData\Roaming\pdfforge
[2012.11.13 13:45:08 | 000,100,864 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.11.10 11:00:05 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Steganos
[2012.11.09 17:25:51 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Steganos Safe
[2012.11.09 11:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Passwort-Manager 2009
[2012.11.09 11:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steganos Password Manager 2009
[2012.11.09 10:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Privacy Suite 14
[2012.11.09 10:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steganos
[2012.11.09 10:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steganos Privacy Suite 14
[2012.11.08 10:45:08 | 000,000,000 | ---D | C] -- C:\Users\Herbert\Documents\Karstadt
[2012.10.30 13:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.30 12:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.15 16:36:10 | 000,000,000 | ---- | M] () -- C:\Users\Herbert\defogger_reenable
[2012.11.15 16:16:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.15 16:04:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.15 15:06:41 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 15:06:41 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 14:53:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.11.15 11:06:50 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.15 11:06:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.15 11:04:22 | 000,000,829 | ---- | M] () -- C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
[2012.11.15 10:30:03 | 000,389,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.15 10:28:14 | 003,052,617 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0604000.009\Cat.DB
[2012.11.15 10:22:54 | 001,659,072 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 10:22:54 | 000,701,018 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 10:22:54 | 000,655,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 10:22:54 | 000,157,432 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 10:22:54 | 000,127,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.09 10:44:56 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Privacy Suite Hauptmenü.lnk
[2012.11.01 18:48:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHerbert.job
[2012.10.18 08:12:50 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.15 16:36:10 | 000,000,000 | ---- | C] () -- C:\Users\Herbert\defogger_reenable
[2012.11.09 10:44:55 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Privacy Suite Hauptmenü.lnk
[2012.09.12 08:34:28 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\CIUtils.dll
[2012.08.14 12:48:49 | 000,000,021 | ---- | C] () -- C:\Users\Herbert\AppData\Local\mc.pixel.data
[2012.01.26 12:05:18 | 000,001,270 | ---- | C] () -- C:\Users\Herbert\AppData\Roaming\wklnhst.dat
[2011.03.31 08:31:45 | 000,000,038 | ---- | C] () -- C:\Windows\SysWow64\ZX9EQJT7_{3533659F-E481-44B1-869C-95C372DE8D54}.dat
[2011.02.20 11:57:14 | 000,132,408 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.11.04 21:31:22 | 000,020,531 | -H-- | C] () -- C:\ProgramData\R49LW
[2010.08.26 15:22:23 | 000,000,095 | ---- | C] () -- C:\Users\Herbert\AppData\Local\fusioncache.dat
[2010.08.05 16:50:47 | 000,006,944 | ---- | C] () -- C:\Users\Herbert\AppData\Local\d3d9caps.dat
[2009.03.15 16:35:01 | 000,015,428 | ---- | C] () -- C:\Users\Herbert\RefEdit.exd
[2008.11.20 10:59:11 | 000,193,377 | ---- | C] () -- C:\Users\Herbert\AppData\Roaming\mdbu.bin
[2008.11.06 13:16:03 | 000,017,920 | ---- | C] () -- C:\Users\Herbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008.11.03 17:05:08 | 000,000,000 | -HSD | M] -- C:\Users\Herbert\AppData\Roaming\.#
[2012.11.13 13:45:12 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Babylon
[2012.02.09 17:49:02 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\BirdieSync
[2010.11.04 21:10:43 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Canon
[2010.01.25 18:38:12 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\CD-LabelPrint
[2012.11.13 13:45:57 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Claro
[2009.05.18 18:43:15 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DataDesign
[2008.11.06 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DisplayTune
[2012.10.09 13:45:07 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\dll-files.com
[2012.01.23 12:32:47 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DVDVideoSoft
[2012.01.23 12:32:06 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.10.22 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Filter Forge Freepack 2 - Photo Effects
[2009.04.11 16:14:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\GHISLER
[2012.07.17 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\gnupg
[2012.07.17 10:19:17 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\gtk-2.0
[2010.09.23 19:29:06 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Imaxel
[2012.07.16 14:38:49 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\JonDo
[2012.06.03 13:53:31 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Lasersoft Imaging
[2011.03.10 13:48:57 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Lexware
[2012.06.14 15:37:16 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\mediAvatar
[2012.02.15 10:59:38 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\MOBackup
[2011.08.09 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\MusE
[2011.09.07 10:21:54 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\OpenCandy
[2008.11.10 22:00:11 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\OpenOffice.org
[2012.07.02 18:29:49 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\PACE Anti-Piracy
[2012.11.13 13:47:03 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\pdfforge
[2012.07.02 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\PixelPlanet
[2011.01.13 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\SaalDesignSoftware
[2010.11.04 20:56:48 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\ScanSoft
[2012.01.23 13:31:23 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Software4u
[2012.11.12 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Steganos
[2008.11.04 11:01:05 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Steganos Security Suite 6
[2009.01.02 10:06:59 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\T-Online
[2012.01.26 12:05:21 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Template
[2010.08.20 11:35:44 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Thunderbird
[2008.12.15 21:15:04 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\Webshots
[2009.02.27 14:12:43 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\WildTangent
[2008.11.04 17:10:36 | 000,000,000 | ---D | M] -- C:\Users\Herbert\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 989 bytes -> C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr
@Alternate Data Stream - 1170 bytes -> C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ

< End of report >
--- --- ---


So, ich hoffe dass du jetzt keinen Wutanfall bekommst und ich nichts falsch gemacht habe ??
Danke für deine Geduld !!

cosinus 18.11.2012 21:56
Ich hab extra den Teil mit Norton zitiert, hat Norton denn nun was gefunden oder nicht?

LouLau 19.11.2012 12:34
Guten Tag, Cosinus,

zur Norton-Auswertung:
Ein kompletter Systemscann hat nichts gebracht. Bis auf zwei kleine Trackinig-Cookies, deren Gefährlichkeit mit "gering" eingestuft und die auch sofort beseitigt wurden, kam kein beachtenswertes Ergebnis.

Ein zweiter, sog. Bewertungsscann hat aus der Menge der überprüften Dateien nun einige herausgefischt, dessen Vertrauenswürdigkeit sehr bedenklich ist.

Diese Dateien habe ich wie folgt einmal zusammengefasst:

Code:
Dateiname        Vertrauensstufe        Verbreitung
1144f77.msi        unerprobt        sehr wenige Benutzer
symlcrst.dll        unerprobt        sehr wenige Benutzer
170206.msi        unerprobt        sehr wenige Benutzer
7befa2.msi        unerprobt        sehr wenige Benutzer
9c7a61.msi        unerprobt        sehr wenige Benutzer
237e94.msi        unerprobt        sehr wenige Benutzer
379b5c.msi        unerprobt        sehr wenige Benutzer
24d762.msi        unerprobt        sehr wenige Benutzer
dbee1.msi        unerprobt        sehr wenige Benutzer
dbf57.msi        unerprobt        sehr wenige Benutzer
df17dd.msi        unerprobt        sehr wenige Benutzer
plshell.dll        schwacht        wenige Benutzer

"Die Vertauensquote laut Auswertung ist 77,7 % ""Vertrauenswürdig"""               
"und 21,9% ""Gut"""               

"Die restliche Quote der Vertrauensstufe (0,4 %) = 0,35 % ""unbekannt"" und 0,02 % ""Schwach"" "
desweiteren schicke ich dir einmal einen sog., von Norton erstellten Diagnosebericht. Vielleicht kannst du ja auch aus dem etwas entnehmen ?

Code:
        Diagnosebericht       

Beim Norton 360 Online-Diagnosebericht werden Informationen zum Computer
(z.B. Betriebssystem, Programme und Hardware) gesammelt. Dieser Bericht
hilft Ihnen beim Erkennen und Reparieren von Problemen. Der Bericht kann
gespeichert, per E-Mail versendet oder bei Bedarf für Freunde,
Familienmitglieder oder Techniker ausgedruckt werden.
Bericht erstellt am: 19.11.2012 (12:11)
------------------------------------------------------------------------
Norton 360 Online-StatusDetails anzeigen <#>

In diesem Abschnitt wird der Gesamt- und Kategoriestatus für Norton 360
Online angezeigt (inkl. letzte Scans, Updates und Backups).

Funktion        Details
Version        6.4.0.9
Betriebsstatus        Geschützt
PC-Sicherheit        Geschützt
Identitätsschutz        Geschützt
Backup        Deaktiviert
PC-Optimierung        Geschützt
Viren- und Spywarescan        Zuletzt ausgeführt: 15.11.2012
Schutz-Updates        Letzte Aktualisierung: 19.11.2012
Backup        Zuletzt ausgeführt: 30.10.2012

BetriebssystemDetails anzeigen <#>

In diesem Abschnitt finden Sie die wichtigsten Betriebssystemangaben
einschließlich Version, Zeitpunkt des letzten Updates und vieles mehr.

Funktion        Details
Betriebssystem        Microsoft&reg; Windows Vista&trade; Home Premium
Patch-Ebene        Service Pack 2
Installationsdatum        25.09.2008
Ländercode        49
Systemsprache des Betriebssystems        1031
ANSI-Zeichensatz        1252
System-Gebietsschema        0407
Internet Explorer-Version        9.0.8112.16421
Windows-Update        Automatisch
Neuester Windows-Hotfix - Datum        15.11.2012
Pfad        C:\Windows\system32;
C:\Windows;
C:\Windows\System32\Wbem;
C:\hp\bin\Python;
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;
C:\Program Files (x86)\Haufe\iDesk\iDeskService\;
c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;
C:\Windows\System32\WindowsPowerShell\v1.0\;
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\;
C:\Program Files (x86)\Common Files\Apple\Apple Application Support;
Benutzersprache des Betriebssystems        1031

RessourcennutzungDetails anzeigen <#>

In diesem Abschnitt wird die Verwendung der Hauptressourcen erläutert,
einschließlich RAM, Festplattenspeicher und Auslagerungsdatei.

Funktion        Details
Auslagerungsdatei - Größe        4.393 MB
Auslagerungsdatei frei        94 %
Arbeitsspeichergröße        4.093 MB
Arbeitsspeicher frei        42 %
Datenträgertyp        Festplatte
Datenträger-ID        C
Gesamter Speicherplatz        583 GB
Freier Speicherplatz        297 GB
Datenträgertyp        Festplatte
Datenträger-ID        D
Gesamter Speicherplatz        13,5 GB
Freier Speicherplatz        1,85 GB

AutostartprogrammeDetails anzeigen <#>

Problem: Norton 360 Online hat sehr viele Startobjekte erkannt.

Empfehlung: Evtl. kann die Leistung durch Änderungen an den
Startobjekten des Systems verbessert werden. Führen Sie den Startmanager
aus, um die Bootdauer des Computers zu beschleunigen.

Jetzt beheben

In diesem Abschnitt werden die Programme beschrieben, die beim Starten
des Computers automatisch gestartet werden. Das Deaktivieren oder
Verzögern von Startobjekten kann die Systemleistung verbessern.

Autostart - Programm        Speicherort        Software-Hersteller        Beschreibung
SSS6_Suite        "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting               
SSS6_SAFE        "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting               
SSS6_SPM        "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting               
Sidebar        %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
Microsoft Corporation        Windows-Sidebar
WindowsWelcomeCenter        rundll32.exe oobefldr.dll,ShowWelcomeCenter
Microsoft Corporation        Begrüßungscenter
SSS6_Suite        "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting               
SSS6_SAFE        "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting               
SSS6_SPM        "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting               
Sidebar        %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
Microsoft Corporation        Windows-Sidebar
WindowsWelcomeCenter        rundll32.exe oobefldr.dll,ShowWelcomeCenter
Microsoft Corporation        Begrüßungscenter
SSS6_Suite        "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting               
SSS6_SAFE        "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting               
SSS6_SPM        "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting               
Commerzbank_2012.xls - Verknüpfung        Commerzbank_2012.xls -
Verknüpfung.lnk               
DSL-Manager        DSL-Manager.lnk               
Veri-Valeur_2012.xls - Verknüpfung        Veri-Valeur_2012.xls -
Verknüpfung.lnk               
Webshots        Webshots.lnk               
Sidebar        C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Microsoft Corporation        Windows-Sidebar
SSS6_Suite        "C:\Program Files (x86)\Steganos Security Suite 6\sss.exe"
/booting               
SSS6_SAFE        "C:\Program Files (x86)\Steganos Security Suite 6\safe.exe"
/booting               
SSS6_SPM        "C:\Program Files (x86)\Steganos Security Suite 6\spm.exe"
/booting               
ehTray.exe        C:\Windows\ehome\ehTray.exe        Microsoft Corporation        Media
Center Tray Applet
PCSpeedUp        C:\Program Files (x86)\PC Beschleunigen\PCSpeedUp.lnk               
SkyDrive
"C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe"
/background        Microsoft Corporation        Microsoft SkyDrive
SSS14 Browser Monitor        "C:\Program Files (x86)\Steganos Privacy Suite
14\SteganosBrowserMonitor.exe"        Steganos Software GmbH        Steganos Trace
Destructor Browser Monitor
WMPNSCFG        C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe               
Lexware Info Service        C:\PROGRA~2\COMMON~1\Lexware\UPDATE~1\LXUPDA~1.EXE
/autostart        Haufe-Lexware GmbH & Co. KG        Lexware Info Service Assistent
Microsoft Office        C:\PROGRA~2\MICROS~2\Office10\OSA.EXE -b -l        Microsoft
Corporation        Microsoft Office XP component
Quicken 2012 Zahlungserinnerung
C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4A...
        Macrovision Corporation        InstallShield
Windows Defender        %ProgramFiles%\Windows Defender\MSASCui.exe -hide               
IntelliPoint        "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
Microsoft Corporation        IPoint.exe
Windows Mobile-based device management
%windir%\WindowsMobile\wmdSync.exe        Microsoft Corporation        User session
Windows Mobile device handler
hpsysdrv        c:\hp\support\hpsysdrv.exe        Hewlett-Packard Company        hpsysdrv
KBD        C:\HP\KBD\KbdStub.EXE               
StartCCC        "c:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun        Advanced Micro
Devices, Inc.        Catalyst® Control Center Launcher
HP Software Update        C:\Program Files (x86)\HP\HP Software
Update\HPWuSchd2.exe        Hewlett-Packard Co.        Hewlett-Packard Product
Assistant
DT HPW        "C:\Program Files (x86)\Common Files\Portrait
Displays\Shared\DT_startup.exe" -HPW               
SearchSettings        C:\Program Files (x86)\pdfforge
Toolbar\SearchSettings.exe                 
SSBkgdUpdate        "C:\Program Files (x86)\Common Files\Scansoft
Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Em..."        Nuance Communications,
Inc.        SSBkgdUpdate
OpwareSE4        "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
Nuance Communications, Inc.        OCR Aware
T-Home Dialerschutz-Software        "C:\Program Files
(x86)\T-Home\Dialerschutz-Software\Defender64.exe"        T-Systems
International GmbH        T-Home Dialerschutz-Software
Adobe Photo Downloader        "C:\Program Files (x86)\Adobe\Photoshop Elements
6.0\apdproxy.exe"        Adobe Systems Incorporated        Adobe Photo Downloader
4.0 component
HPUsageTracking        "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe"
"C:\Program Files (x86)\HP\HP UT\"               
HP Health Check Scheduler        "c:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPHC_Scheduler.exe"        Hewlett-Packard        HP Health Check
Scheduler
Adobe ARM        "C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\AdobeARM.exe"        Adobe Systems Incorporated        Adobe
Reader and Acrobat Manager
APSDaemon        "C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe"        Apple Inc.        Apple Push
LexwareInfoService        C:\Program Files (x86)\Common Files\Lexware\Update
Manager\LxUpdateManager.exe /autostart        Haufe-Lexware GmbH & Co. KG
Lexware Info Service Assistent
SunJavaUpdateSched        "C:\Program Files (x86)\Common Files\Java\Java
Update\jusched.exe"        Sun Microsystems, Inc.        Java(TM) Update Scheduler
PDFPrint        "C:\Program Files (x86)\PDF24\pdf24.exe"        Geek Software GmbH
PDF24 Creator
iTunesHelper        "C:\Program Files (x86)\iTunes\iTunesHelper.exe"        Apple
Inc.        iTunesHelper
SSS14 HotKeys        "C:\Program Files (x86)\Steganos Privacy Suite
14\SteganosHotKeyService.exe"        Steganos Software GmbH        Steganos Hot Key
Service
SSS14 File Redirection Starter        "C:\Program Files (x86)\Steganos Privacy
Suite 14\fredirstarter.exe"        Steganos Software GmbH        File Redirection
Starter

Installierte ProgrammeDetails anzeigen <#>

Problem: Norton 360 Online hat 159 installierte Programme erkannt.

Empfehlung: Speicherplatz und Leistung lassen sich evtl. durch Entfernen
selten verwendeter Programme verbessern. Führen Sie die Option
"Software" aus, um die Menge an Speicherplatz und die Leistung des
Computers zu verbessern.

Jetzt beheben

In diesem Abschnitt werden die auf Ihrem Computer installierten
Programme sowie deren Version und Installationsdatum aufgeführt. Die
Leistung kann verbessert werden, indem nicht verwendete oder unnötige
Programme entfernt werden.

Name        Version        Autor        Installiert        Informationen
Adobe AIR        3.4.0.2540        Adobe Systems Incorporated        28.08.2012       
Adobe Flash Player 11 ActiveX        11.4.402.287        Adobe Systems Incorporated
09.10.2012        hxxp://www.adobe.com/go/flashplayer_support/
Adobe Flash Player 11 Plugin        11.5.502.110        Adobe Systems Incorporated
14.11.2012        hxxp://www.adobe.com/go/flashplayer_support/
Adobe Photoshop Elements 6.0        6.0        Adobe Systems, Inc.        05.11.2008
hxxp://www.adobe.de/support/main.html
ALDI Sued Foto Service        1.13.0.111        MAGIX AG        20.11.2008       
Aldi Süd Fotoservice                        20.11.2008       
CANON iMAGE GATEWAY Task for ZoomBrowser EX        1.3.1.5                05.11.2008       
Canon Internet Library for ZoomBrowser EX        1.5.1.4                05.11.2008       
Canon iP4700 series Benutzerregistrierung                        21.01.2010       
Canon Utilities Solution Menu                        01.02.2010       
Capture One 5.2        5.2.42076.55        Phase One A/S        30.06.2011
hxxp://www.phaseone.com
Claro LTD toolbar                Claro LTD        13.11.2012       
CrystalDiskInfo 5.0.0        5.0.0        Crystal Dew World        25.09.2012
hxxp://crystalmark.info/
Cut Out 3.0                Franzis.de        12.09.2012        hxxp://www.franzis.de/
Dll-Files.com Fixer        1.0        Dll-Files.com        09.10.2012
hxxp://www.Dll-Files.com/Fixer/
Canon Utilities Digital Photo Professional 3.9        3.9.2.0        Canon Inc.
20.10.2010       
DRI Tool 2.0        2.0        Traumflieger        29.04.2009        hxxp://www.traumflieger.de
Canon Utilities Easy-PhotoPrint EX                        21.01.2010       
Canon Easy-WebPrint EX                        21.01.2010       
Magic Desktop                        17.01.2009       
Canon Utilities EOS Utility        2.1.0.1                05.11.2008       
iDevice Manager        1.1.4.0        Marx Softwareentwicklung        13.02.2012
hxxp://www.software4u.de/servicecenter.aspx
Filter Forge Freepack 2 - Photo Effects 1.012                Filter Forge, Inc.
22.10.2010        hxxp://www.filterforge.com
Forte Free 2.0                        19.08.2010       
Fotoinsight Designer                        10.06.2009       
Free YouTube to MP3 Converter version 3.10.15.1228                DVDVideoSoft Ltd.
23.01.2012        hxxp://www.dvdvideosoft.com
Google Updater        2.4.2432.1652        Google Inc.        01.10.2011       
Quicken 2010        17.00.00.0081        Lexware GmbH & Co. KG        16.05.2009
hxxp://support.lexware.de/supportHome
PowerDirector        6.5.2926        CyberLink Corp.        12.09.2008
hxxp://support.gocyberlink.com/
HP MediaSmart DVD        2.2.3309        Hewlett-Packard        31.07.2010
hxxp://support.gocyberlink.com/
JAP        00.12.005        JAP-Team        23.11.2009        hxxp://anon.inf.tu-dresden.de/
Optimierte Multimedia-Tastatur-Lösung                Hewlett-Packard        25.09.2008       
Microsoft .NET Framework 1.1 Security Update (KB2656370)                        12.04.2012       
Microsoft .NET Framework 1.1 Security Update (KB2698023)                        15.11.2012       
Microsoft .NET Framework 1.1 Security Update (KB979906)                        28.08.2010       
CD-LabelPrint                        21.01.2010       
mediAvatar iPhone Klingelton Maker        3.0.6.20120613        mediAvatar        14.06.2012
hxxp://www.mediavideoconverter.com
Microsoft .NET Framework 1.1                        27.08.2010       
Microsoft SQL Server 2005                Microsoft Corporation        07.12.2009
hxxp://go.microsoft.com/fwlink/?LinkId=52152
MOBackup - Datensicherung für Outlook (Vollversion)        7.0        Heiko Schröder
09.10.2012        hxxp://www.mobackup.de
MozBackup 1.5.1                Pavel Cvrcek        17.02.2012        hxxp://mozbackup.jasnapaka.com/
Mozilla Firefox 16.0.2 (x86 de)        16.0.2        Mozilla        15.11.2012
hxxp://www.mozilla.com/de/
Mozilla Thunderbird 16.0.2 (x86 de)        16.0.2        Mozilla        31.10.2012
hxxp://www.mozilla.org/de/
Mozilla Maintenance Service        16.0.2        Mozilla        30.10.2012       
Canon MP Navigator EX 1.0                        04.11.2010       
MuseScore 1.2 MuseScore score typesetter        1.2.0        Werner Schweer and
Others        09.08.2012        hxxp://www.musescore.org/
Norton 360        6.4.0.9        Symantec Corporation        23.05.2012
hxxp://www.symantec.com/de/de/support/index.jsp
NirSoft Wireless Network Watcher                        23.07.2012       
Hardware Diagnose Tools        5.1.4861.15        PC-Doctor, Inc.        09.10.2012
hxxp://www.pc-doctor.com
Canon Utilities PhotoStitch        3.1.19.43                05.11.2008       
Canon Utilities Picture Style Editor        1.0.1.0                05.11.2008       
PowerLame (remove only)        4.0        Marcel Dyka        19.04.2010        hxxp://www.powerlame.de
Canon RAW Image Task for ZoomBrowser EX        2.7.0.3                05.11.2008       
Saal Fotobuch        2.0.2.1        Imaxel Lab S.L        26.08.2010       
Saal Design Software        3.1.10        SSW Software GmbH        27.08.2012       
SilverFast CanonSDK-SE 6.6.2r5                LaserSoft Imaging AG        09.12.2011
hxxp://www.silverfast.com/
One Click Wipe Basic                Stepok Image Lab.        18.12.2010        hxxp://www.stepok.com/
Webshots Desktop                AGCM        15.12.2008        hxxp://www.ag.com/
Canon Utilities WFT-E1/E2/E3 Utility        3.1.0.7                09.10.2012       
My HP Games        1.0.0.52        WildTangent        25.09.2008        hxxp://support.wildgames.com
Canon Utilities ZoomBrowser EX        5.8.0.74                05.11.2008       
Microsoft Office 2000 Premium        9.00.2816        Microsoft Corporation
04.11.2008        hxxp://www.microsoft.com/support
PDFCreator        1.5.1        Frank Heindörfer, Philip Chinery        13.11.2012
hxxp://www.pdfforge.org/support
OpenOffice.org 3.0        3.0.9358        OpenOffice.org        10.11.2008
hxxp://de.openoffice.org
Claro Chrome Toolbar        1.0.0.2        Claro        13.11.2012       
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
9.00.4035.00        Microsoft Corporation        25.06.2010
hxxp://go.microsoft.com/fwlink/?LinkId=52154
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        9.0.21022
Microsoft Corporation        31.07.2010       
Lexware vereinsverwaltung Update        11.0        Haufe-Lexware GmbH & Co KG
06.06.2011        hxxp://www.linear-software.de
HP My Display        1.33.005        Portrait Displays, Inc.        06.11.2008
hxxp://www.portrait.com
Browser Manager                Bit89 Inc        13.11.2012        hxxp://www.bit89.com/uninstall.html
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319        10.0.30319
Microsoft Corporation        09.10.2012
hxxp://go.microsoft.com/fwlink/?LinkId=146008
CyberLink DVD Suite Deluxe        .1707        CyberLink Corp.        25.09.2008       
Java(TM) 6 Update 33        6.0.330        Oracle        09.07.2012        hxxp://java.com
Java 7 Update 9        7.0.90        Oracle        01.09.2012        hxxp://java.com
Inpaint 3.0                Teorex        28.06.2012        hxxp://www.theinpaint.com
Catalyst Control Center - Branding        1.00.0000        ATI        12.09.2008       
DHTML Editing Component        6.02.0001        Microsoft Corporation        11.11.2009       
Quicken 2012        19.36.00.0165        Haufe-Lexware GmbH & Co.KG        02.11.2011
hxxp://www.lexware.de
funScreenScraping Client Version        1.0.173        fun communications GmbH
27.01.2009        hxxp://www.fun.de/funScreenScraping
Java(TM) SE Runtime Environment 6 Update 1        1.6.0.10        Sun Microsystems,
Inc.        12.09.2008        hxxp://java.com
QuickSteuer 2012        18.07.00.0006        Haufe-Lexware GmbH & Co.KG        19.05.2012
hxxp://www.lexware.de
Microsoft Works        9.7.0621        Microsoft Corporation        03.11.2008
hxxp://go.microsoft.com/fwlink/?LinkId=6831
Power2Go        5.6.4109        CyberLink Corp.        25.09.2008       
HP Advisor        3.3.12286.3436        Hewlett-Packard        27.01.2011
hxxp://www.hp.com/cgi-bin/hpsupport/index.pl
DDBAC        4.3.71        DataDesign        02.11.2011       
HPSSupply        2.2.0.0000        Ihr Firmenname        03.11.2008        hxxp://www.hp.com/go/support
Symantec Technical Support Advanced Chat Controls        3.5.3        Symantec
Corporation        05.11.2008        hxxp://www.symantec.com
Quicken 2010 - Servicepack 5        17.05.0000        Lexware GmbH & Co KG        04.12.2009       
Google Earth        6.1.0.5001        Google        24.11.2011        hxxp://earth.google.de
Apple Application Support        2.2.2        Apple Inc.        24.09.2012
hxxp://www.apple.com/de/support/
QuickSteuer Wissens-Center 2009        15.0.1.0        Haufe Mediengruppe        04.02.2009
hxxp://www.haufe.de
DxO FilmPack 2.0        2.0.0        DxO Labs        02.07.2012       
Inpaint 3 Installation & Registrierung                Teorex, dadagoo GmbH        28.06.2012
hxxp://www.inpaint.de
Windows Media Player Firefox Plugin        1.0.0.8        Microsoft Corp        13.02.2009       
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        9.0.30729
Microsoft Corporation        19.08.2010       
Python 2.5.2        2.5.2150        Python Software Foundation        12.09.2008       
QuickSteuer 2009        15.00.00.0034        Lexware        30.01.2009       
Apple Software Update        2.1.3.127        Apple Inc.        13.12.2011
hxxp://www.apple.com/de/support
onOne PerfectPresets        1.0        onOne Software        05.08.2011
hxxp://www.onOnesoftware.com/support.html
LightScribe System Software        1.18.3.2        LightScribe        03.08.2009       
Quicken Import Export Server 2012        19.30.00.0134        Haufe-Lexware GmbH &
Co.KG        10.03.2011        hxxp://www.lexware.de
PDF24 Creator 4.9.0                PDF24.org        18.09.2012        hxxp://www.pdf24.org
Microsoft Visual C++ 2005 Redistributable        8.0.59193        Microsoft
Corporation        19.05.2011       
Microsoft Office XP Professional        10.0.6626.0        Microsoft Corporation
17.07.2012        hxxp://www.microsoft.com/germany/support
Compatibility Pack für 2007 Office System        12.0.4518.1014        Microsoft
Corporation        03.11.2008        hxxp://www.microsoft.com/support
DSL-Manager                        30.09.2009       
Microsoft Office PowerPoint Viewer 2007 (German)        12.0.4518.1014
Microsoft Corporation        03.11.2008        hxxp://support.microsoft.com
HP Demo        1.00.0000        Hewlett-Packard        12.09.2008        hxxp://www.hp.com
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        9.0.30729
Microsoft Corporation        02.07.2012       
Steganos Privacy Suite 14        14.0.3        Steganos Software GmbH        09.11.2012
hxxp://www.steganos.com
QuickSteuer 2010        16.14.00.0002        Haufe-Lexware GmbH & Co. KG        29.03.2012
hxxp://www.lexware.de
Adobe Reader X (10.1.4) - Deutsch        10.1.4        Adobe Systems Incorporated
16.08.2012        hxxp://www.adobe.de/support/main.html
funScreenScraping Microsoft Systemdateien        1.0.6        fun communications GmbH
27.01.2009       
pdfforge Toolbar v1.0        1.00.0000        GreenTree Applications, Inc.        28.04.2009       
LexwareVereinsverwaltung 12 Update        12.0        Haufe-Lexware GmbH & Co KG
02.07.2012        hxxp://www.linear-software.de
muvee autoProducer 6.1        6.10.050        muvee Technologies        12.09.2008
hxxp://www.muvee.com
HP Customer Experience Enhancements        5.6.0.2510        Hewlett-Packard
12.09.2008        hxxp://www.Hewlett-Packard.com
LabelPrint        2.2.2913        CyberLink Corp.        25.09.2008       
RedmarkVereinsverwaltung 2011        10.0        WRS Verlag GmbH & Co KG        25.06.2010
hxxp://www.linear-software.de
HP Update        4.000.010.008        Hewlett-Packard        12.09.2008        hxxp://www.hp.com
Lexware online banking        12.00.00.0043        Haufe-Lexware GmbH & Co.KG
10.03.2011        hxxp://www.lexware.de
Haufe iDesk-Service        8.08.20.5622        Haufe        30.01.2009       
Steganos Password Manager 2009        11.0.1        Steganos GmbH        09.11.2012
hxxp://www.steganos.com
ScanSoft OmniPage SE 4        15.2.0020        Nuance Communications, Inc.        04.11.2010
hxxp://www.nuance.de/support
QuickSteuer 2011        17.07.00.0001        Haufe-Lexware GmbH & Co.KG        29.03.2012
hxxp://www.lexware.de
T-Home Dialerschutz-Software                        26.12.2010       
SPORE Creature Creator Trial Edition        1.00.0000        Electronic Arts        25.09.2008       
Realtek High Definition Audio Driver        6.0.1.6151        Realtek Semiconductor
Corp.        14.07.2010       
Lexware Info Service        2.80.00.0007        Haufe-Lexware GmbH & Co.KG        23.01.2012
hxxp://www.lexware.de
HP Easy Setup - Frontend        5.7.0.2693        Hewlett-Packard        12.09.2008
hxxp://www.hp.com
Haufe iDesk-Browser        8.07.16.5590        Haufe        30.01.2009        hxxp://www.Haufe.de
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        9.0.21022
Microsoft Corporation        12.09.2008       
Microsoft SkyDrive        17.0.2003.1112        Microsoft Corporation        16.11.2012
hxxp://go.microsoft.com/fwlink/?LinkID=215117
Unity Web Player                Unity Technologies ApS        01.10.2010        hxxp://unity3d.com/
Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 )
02/11/2010        Leaf Imaging Ltd.        30.06.2011       
HP Imaging Device Functions 9.0        9.0        HP        03.11.2008        hxxp://www.hp.com/support
HP Photosmart Essential 3.0        3.0        HP        25.09.2008        hxxp://www.hp.com/support
HP Solution Center 9.0        9.0        HP        03.11.2008        hxxp://www.hp.com/support
HP Customer Participation Program 9.0        9.0        HP        03.11.2008
hxxp://www.hp.com/support
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU                Microsoft
Corporation        19.08.2009        hxxp://go.microsoft.com/fwlink/?LinkId=120337
Microsoft .NET Framework 3.5 SP1                Microsoft Corporation        07.07.2009
hxxp://go.microsoft.com/fwlink/?LinkId=120337
Microsoft .NET Framework 4 Client Profile        4.0.30319        Microsoft
Corporation        08.09.2010        hxxp://go.microsoft.com/fwlink/?LinkId=164164
Microsoft .NET Framework 4 Client Profile DEU Language Pack        4.0.30319
Microsoft Corporation        08.09.2010
hxxp://go.microsoft.com/fwlink/?LinkId=164164
NVIDIA Drivers                        12.09.2008       
Testversion von Microsoft Office Home and Student 2007                        03.11.2008       
ZDFmediathek Version 1.4.3                ZDF        21.11.2008        hxxp://www.zdf.de
Microsoft Visual C++ 2005 Redistributable (x64)        8.0.56336        Microsoft
Corporation        12.09.2008       
Canon iP4700 series Printer Driver                        21.01.2010       
iTunes        10.7.0.21        Apple Inc.        24.09.2012        hxxp://www.apple.com/de/support/
HP Color LaserJet CP1510 Series 2.0        2.0        HP        03.11.2008
hxxp://www.hp.com/support
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        9.0.21022
Microsoft Corporation        12.09.2008       
Bonjour        3.0.0.10        Apple Inc.        13.12.2011        hxxp://www.apple.com/de/support
Microsoft Visual C++ 2005 Redistributable (x64)        8.0.50727.42        Microsoft
Corporation        12.09.2008       
Apple Mobile Device Support        6.0.0.59        Apple Inc.        24.09.2012
hxxp://www.apple.com/support/
Adobe Photoshop Lightroom 4.2 64-bit        4.2.1        Adobe        09.10.2012
hxxp://www.adobe.de
Adobe Photoshop Lightroom 2.5 64-bit        2.5        Adobe        06.01.2011
hxxp://www.adobe.de
Microsoft SQL Server VSS Writer        9.00.4035.00        Microsoft Corporation
25.06.2010        hxxp://go.microsoft.com/fwlink/?LinkId=52155
Microsoft SQL Server Native Client        9.00.4035.00        Microsoft Corporation
25.06.2010        hxxp://go.microsoft.com/fwlink/?LinkId=52153
Internet Explorer        9.0.8112.16421        Microsoft Corporation       
hxxp://support.microsoft.com/

HardwareprofilDetails anzeigen <#>

In diesem Abschnitt werden die wichtigsten Hardwaregeräte und
Komponenten des Systems angegeben.

Funktion        Details
PC-Hersteller        HP-Pavilion
Modell        FL321AA-ABD a6652de
Hersteller der Hauptplatine        PEGATRON CORPORATION
Produkt        NARRA3
CPU        AMD Phenom(tm) 9650 Quad-Core Processor
Version        AMD64 Family 16 Model 2 Stepping 3
Datenbreite        64 Bit
L2 Cache-Größe        512 KB
Ungefähre aktuelle Taktfrequenz        1.150 Mhz
Ungefähre maximale Taktfrequenz        2.300 Mhz
BIOS        Phoenix - AwardBIOS v6.00PG
Datum        20.06.2008
Version        HPQOEM - 42302e31
Auf Hauptplatine vorhandene Speichersteckplätze        4
Speicher-Chip        A0
RAM        2.048 MB
Geschwindigkeit        800 ns
Speicher-Chip        A1
RAM        2.048 MB
Geschwindigkeit        800 ns
System-Slot        PCI1
Status        Verfügbar
System-Slot        PCIEX16
Status        Verwendet
System-Slot        PCIEX1_1
Status        Verfügbar
System-Slot        PCIEX1_2
Status        Verfügbar
CD-Laufwerk        TSSTcorp CDDVDW TS-H653Q SCSI CdRom Device
Medientyp        DVD Writer
Version        0303
Hersteller der Grafikkarte        ATI Technologies Inc.
Grafikkarte        ATI Radeon HD 3650
RAM        512 MB
Modus        1680 x 1050 x 4294967296 Farben
Treiber
atidxx32,atidxx64.dll,atiumdag,atiumdva,atiumd64.dll,atiumd6a.dat,atitmm64.dll
Datum        15.05.2008
Version        7.01.01.788
Festplattenmodell        WDC WD64 00AAKS-65A7B SCSI Disk Device
Schnittstelle        SCSI
Festplattenmodell        Generic- Compact Flash USB Device
Schnittstelle        USB
Festplattenmodell        Generic- MS/MS-Pro USB Device
Schnittstelle        USB
Festplattenmodell        Generic- SD/MMC USB Device
Schnittstelle        USB
Festplattenmodell        Generic- SM/xD-Picture USB Device
Schnittstelle        USB
Netzwerkadapter        NVIDIA nForce 10/100 Mbps Ethernet
Softwarename        NVENETFD
Sound-Hersteller        Realtek
Modell        Realtek High Definition Audio
Sound-Hersteller        Microsoft
Modell        High Definition Audio-Gerät
Drucker        PDFCreator
Drucker        PDF24 PDF
Drucker        Microsoft XPS Document Writer
Drucker        HP Color LaserJet CP1510 Series PCL 6
Website        hxxp://go.microsoft.com/fwlink/?LinkID=37&prd=10798&sbp=Printers
Drucker        Epson Stylus COLOR 880 (M)
Website        hxxp://go.microsoft.com/fwlink/?LinkID=36&prd=10798&sbp=Printers
Drucker        Canon iP4700 series
Website        hxxp://www.canon.com/support/index.html?model=Canon iP4700 series
Anzahl aktiver logischer CPUs        4

NetzwerkverbindungstestDetails anzeigen <#>

Anhand dieses Abschnitts wird der Netzwerkverbindungsstatus des Systems
überprüft.

Statusprüfung        Ergebnis
Status der physischen Verbindung am NVIDIA nForce 10/100 Mbps Ethernet
Verbunden
Netzwerkkonfigurationsstatus        Lokales Netzwerk erkannt, LAN, RAS installiert
Netzwerkroute festgelegt        Ja
192.168.178.1 Gateway am NVIDIA nForce 10/100 Mbps Ethernet        Erreichbar
Host-Überprüfung für Wide Area Internet        Erreichbar
DNS-Auflösungstest (Domain Name System)        Bestanden für hxxp://www.symantec.de
Norton LiveUpdate-Server        Erreichbar

SystemwiederherstellungspunkteDetails anzeigen <#>

In diesem Abschnitt finden Sie die verwendeten
Systemwiederherstellungspunkte.

Checkpoint-Typ        Datum
Gerätetreiber-Paketinstallation: Apple, Inc. USB-Controller        13.06.2012
Gerätetreiber-Paketinstallation: Apple Netzwerkadapter        13.06.2012
Windows Update        14.06.2012
Windows Update        19.06.2012
LexwareVereinsverwaltung 12 Update wurde installiert.        02.07.2012
Installed DxO FilmPack 2.0        02.07.2012
Removed DxO FilmPack 2.0        02.07.2012
Installed DxO FilmPack 2.0        02.07.2012
Installed Java(TM) 6 Update 33        09.07.2012
Windows Update        11.07.2012
Entfernt Motorola Phone Tools        15.07.2012
Entfernt Motorola Phone Tools        15.07.2012
Entfernt Motorola Phone Tools        15.07.2012
Microsoft Office XP Professional wird entfernt        17.07.2012
Microsoft Office XP Professional wird installiert        17.07.2012
Installed SmartFTP Client        25.07.2012
Removed SmartFTP Client        25.07.2012
Removed Safari        06.08.2012
Windows Update        16.08.2012
Installed Java 7 Update 7        01.09.2012
Windows Update        13.09.2012
Norton 360 Registry Clean        18.09.2012
Windows Update        22.09.2012
Gerätetreiber-Paketinstallation: Apple, Inc. USB-Controller        24.09.2012
Installed Adobe Photoshop Lightroom 4.2 64-bit.        09.10.2012
DLL-Files.com Fixer Di, Okt 09, 12 14:48        09.10.2012
Windows Update        10.10.2012
Installed Steganos Privacy Suite 14        09.11.2012
Installed Java 7 Update 9        10.11.2012
Windows Update        15.11.2012

Derzeit ausgeführte ProzesseDetails anzeigen <#>

In diesem Abschnitt werden die aktuell ausgeführten Prozesse sowie die
bisher dafür aufgebrachte Zeit aufgeführt.

Prozessname        Bisherige Verarbeitungszeit        Arbeitssatzspeicher        Ladepfad
System Idle Process        03 Stunde(n), 13 Minute(n), 47 Sekunde(n)        24 KB        N/V
System        01 Minute(n), 49 Sekunde(n)        6.668 KB        N/V
smss.exe        01 Sekunde(n)        1.084 KB        N/V
csrss.exe        12 Sekunde(n)        8.028 KB        C:\Windows\system32\
wininit.exe        01 Sekunde(n)        6.076 KB        C:\Windows\system32\
csrss.exe        05 Sekunde(n)        9.160 KB        C:\Windows\system32\
services.exe        16 Sekunde(n)        9.644 KB        C:\Windows\system32\
lsass.exe        05 Sekunde(n)        3.216 KB        C:\Windows\system32\
lsm.exe        01 Sekunde(n)        6.320 KB        C:\Windows\system32\
winlogon.exe        01 Sekunde(n)        8.196 KB        C:\Windows\system32\
svchost.exe        15 Sekunde(n)        8.984 KB        C:\Windows\system32\
svchost.exe        01 Sekunde(n)        10.968 KB        C:\Windows\system32\
Ati2evxx.exe        01 Sekunde(n)        6.600 KB        C:\Windows\system32\
svchost.exe        01 Sekunde(n)        18.340 KB        C:\Windows\System32\
svchost.exe        01 Minute(n), 47 Sekunde(n)        154.556 KB        C:\Windows\System32\
svchost.exe        14 Sekunde(n)        92.864 KB        C:\Windows\system32\
audiodg.exe        01 Sekunde(n)        19.884 KB        N/V
svchost.exe        01 Sekunde(n)        7.064 KB        C:\Windows\system32\
SLsvc.exe        02 Sekunde(n)        13.856 KB        C:\Windows\system32\
svchost.exe        01 Sekunde(n)        19.344 KB        C:\Windows\system32\
svchost.exe        01 Sekunde(n)        22.408 KB        C:\Windows\system32\
Ati2evxx.exe        01 Sekunde(n)        9.940 KB        C:\Windows\system32\
spoolsv.exe        01 Sekunde(n)        17.592 KB        C:\Windows\System32\
svchost.exe        02 Sekunde(n)        26.820 KB        C:\Windows\system32\
taskeng.exe        01 Sekunde(n)        8.340 KB        C:\Windows\system32\
PhotoshopElementsFileAgent.exe        01 Sekunde(n)        2.776 KB        C:\Program Files
(x86)\Adobe\Photoshop Elements 6.0\
armsvc.exe        01 Sekunde(n)        5.964 KB        C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\
AppleMobileDeviceService.exe        01 Sekunde(n)        11.264 KB        C:\Program Files
(x86)\Common Files\Apple\Mobile Device Support\
mDNSResponder.exe        01 Sekunde(n)        6.380 KB        C:\Program Files\Bonjour\
browsemngr.exe        01 Sekunde(n)        7.224 KB        C:\ProgramData\Browser
Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\
DFInject64.exe        01 Sekunde(n)        5.036 KB        C:\Program Files
(x86)\T-Home\Dialerschutz-Software\
DTSRVC.exe        01 Sekunde(n)        5.756 KB        C:\Program Files (x86)\Common
Files\Portrait Displays\Shared\
svchost.exe        01 Sekunde(n)        7.260 KB        C:\Windows\SysWOW64\
svchost.exe        01 Sekunde(n)        10.044 KB        C:\Windows\SysWOW64\
LSSrvc.exe        01 Sekunde(n)        6.616 KB        C:\Program Files (x86)\Common
Files\LightScribe\
sqlservr.exe        01 Sekunde(n)        3.132 KB        c:\Program Files (x86)\Microsoft SQL
Server\MSSQL.1\MSSQL\Binn\
ccsvchst.exe        05 Minute(n), 03 Sekunde(n)        27.700 KB        C:\Program Files
(x86)\Norton 360\Engine\6.4.0.9\
svchost.exe        01 Sekunde(n)        4.676 KB        C:\Windows\System32\
svchost.exe        01 Sekunde(n)        4.388 KB        C:\Windows\System32\
svchost.exe        01 Sekunde(n)        6.920 KB        C:\Windows\system32\
sqlwriter.exe        01 Sekunde(n)        9.856 KB        c:\Program Files\Microsoft SQL
Server\90\Shared\
svchost.exe        01 Sekunde(n)        10.664 KB        C:\Windows\system32\
svchost.exe        01 Sekunde(n)        4.484 KB        C:\Windows\System32\
SearchIndexer.exe        02 Minute(n), 20 Sekunde(n)        81.680 KB        C:\Windows\system32\
WUDFHost.exe        01 Sekunde(n)        7.132 KB        C:\Windows\system32\
ccsvchst.exe        13 Minute(n),        26.244 KB        C:\Program Files (x86)\Norton
360\Engine\6.4.0.9\
dwm.exe        35 Sekunde(n)        97.396 KB        C:\Windows\system32\
taskeng.exe        01 Sekunde(n)        14.556 KB        C:\Windows\system32\
explorer.exe        13 Sekunde(n)        54.528 KB        C:\Windows\
browsemngr.exe        01 Minute(n), 21 Sekunde(n)        10.048 KB
C:\ProgramData\Browser
Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\
ipoint.exe        01 Sekunde(n)        14.760 KB        C:\Program Files\Microsoft IntelliPoint\
wmdSync.exe        01 Sekunde(n)        7.564 KB        C:\Windows\WindowsMobile\
sidebar.exe        01 Minute(n), 24 Sekunde(n)        68.884 KB        C:\Program
Files\Windows Sidebar\
ehtray.exe        01 Sekunde(n)        2.876 KB        C:\Windows\ehome\
dpupdchk.exe        01 Sekunde(n)        5.768 KB        C:\Program Files\Microsoft IntelliPoint\
SkyDrive.exe        02 Sekunde(n)        27.584 KB
C:\Users\Herbert\AppData\Local\Microsoft\SkyDrive\
SteganosBrowserMonitor.exe        01 Sekunde(n)        6.892 KB        C:\Program Files
(x86)\Steganos Privacy Suite 14\
hpsysdrv.exe        01 Sekunde(n)        6.284 KB        C:\hp\support\
hpwuSchd2.exe        01 Sekunde(n)        6.232 KB        C:\Program Files (x86)\HP\HP
Software Update\
MOM.exe        01 Sekunde(n)        7.612 KB        c:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\
OpWareSE4.exe        01 Sekunde(n)        6.448 KB        C:\Program Files
(x86)\ScanSoft\OmniPageSE4\
Defender64.exe        01 Sekunde(n)        5.396 KB        C:\Program Files
(x86)\T-Home\Dialerschutz-Software\
apdproxy.exe        03 Sekunde(n)        10.208 KB        C:\Program Files
(x86)\Adobe\Photoshop Elements 6.0\
dthtml.exe        07 Sekunde(n)        13.172 KB        C:\Program Files (x86)\Portrait
Displays\HP My Display\
hppusg.exe        01 Sekunde(n)        3.468 KB        C:\Program Files (x86)\HP\HP UT\bin\
LxUpdateManager.exe        01 Sekunde(n)        11.164 KB        C:\Program Files
(x86)\Common Files\Lexware\Update Manager\
pdf24.exe        01 Sekunde(n)        8.340 KB        C:\Program Files (x86)\PDF24\
iTunesHelper.exe        01 Sekunde(n)        13.644 KB        C:\Program Files (x86)\iTunes\
SteganosHotKeyService.exe        01 Sekunde(n)        6.892 KB        C:\Program Files
(x86)\Steganos Privacy Suite 14\
fredirstarter.exe        01 Sekunde(n)        5.716 KB        C:\Program Files (x86)\Steganos
Privacy Suite 14\
ehmsas.exe        01 Sekunde(n)        6.208 KB        C:\Windows\ehome\
wmpnscfg.exe        01 Sekunde(n)        7.564 KB        C:\Program Files\Windows Media Player\
CCC.exe        07 Sekunde(n)        11.052 KB        C:\Program Files (x86)\ATI
Technologies\ATI.ACE\Core-Static\
sidebar.exe        01 Sekunde(n)        27.764 KB        C:\Program Files\Windows Sidebar\
conime.exe        01 Sekunde(n)        6.584 KB        C:\Windows\SysWOW64\
kbd.exe        01 Sekunde(n)        11.796 KB        C:\hp\kbd\
svchost.exe        01 Sekunde(n)        9.480 KB        C:\Windows\system32\
iPodService.exe        01 Sekunde(n)        8.484 KB        C:\Program Files\iPod\bin\
wmpnetwk.exe        01 Minute(n), 09 Sekunde(n)        35.060 KB        C:\Program
Files\Windows Media Player\
svchost.exe        01 Sekunde(n)        11.984 KB        C:\Windows\system32\
DslMgr.exe        49 Sekunde(n)        12.272 KB        C:\Program Files (x86)\DSL-Manager\
DslMgrSvc.exe        25 Sekunde(n)        9.928 KB        C:\Program Files (x86)\DSL-Manager\
SearchProtocolHost.exe        01 Minute(n), 16 Sekunde(n)        13.860 KB
C:\Windows\system32\
dllhost.exe        01 Sekunde(n)        7.628 KB        C:\Windows\SysWOW64\
Webshots.scr        03 Minute(n), 05 Sekunde(n)        13.748 KB        C:\PROGRA~2\Webshots\
HPHC_Service.exe        01 Sekunde(n)        15.616 KB        c:\Program Files
(x86)\Hewlett-Packard\HP Health Check\
thunderbird.exe        01 Minute(n), 22 Sekunde(n)        139.988 KB        C:\Program Files
(x86)\Mozilla Thunderbird\
firefox.exe        34 Sekunde(n)        213.324 KB        C:\Program Files (x86)\Mozilla Firefox\
WINWORD.EXE        01 Sekunde(n)        32.752 KB        C:\Program Files (x86)\Microsoft
Office\Office10\
splwow64.exe        01 Sekunde(n)        11.396 KB        C:\Windows\
ielowutil.exe        01 Sekunde(n)        7.236 KB        C:\Program Files (x86)\Internet
Explorer\
SearchFilterHost.exe        01 Sekunde(n)        9.260 KB        C:\Windows\system32\
WmiPrvSE.exe        01 Sekunde(n)        14.776 KB        C:\Windows\system32\wbem\

------------------------------------------------------------------------
:confused:

Danke für Deine Hilfe !!

cosinus 19.11.2012 13:19
1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

LouLau 19.11.2012 18:07
Hallo Cosinus,

hat ein wenig gedauert, denn ich kämpfe auch noch auf anderern "Feldern"...

Logfiles sind wohl zu dick, daher als "Zipp" angehängt !


Vielen DanK für deine Hilfe....:applaus:

cosinus 19.11.2012 19:15
Ist unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

LouLau 20.11.2012 12:29
Guten Tag Cosinus !

Voila: Hier das Ergebnis....

Code:
# AdwCleaner v2.008 - Datei am 20/11/2012 um 12:24:49 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : Herbert - HP-DESKTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Herbert\Desktop\20_11_2012\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Browser Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\search@searchsettings.com
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\searchplugins\browsemngr.xml
Datei Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Program Files (x86)\Claro LTD
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\Users\Herbert\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\Local\OpenCandy
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\pdfforge
Ordner Gefunden : C:\Users\Herbert\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\Conduit
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\ConduitCommon
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\CT2269050
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Herbert\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\Claro LTD
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\Claro LTD
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\pdfforge
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gefunden : HKU\S-1-5-21-1688068568-1394201121-2249768852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1688068568-1394201121-2249768852-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_4&babsrc=HP_ss&mntrId=7047a004000000000000002215191871

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default
Datei : C:\Users\Herbert\AppData\Roaming\Mozilla\Firefox\Profiles\8318c41d.default\prefs.js

Gefunden : user_pref("CT2102572.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2102572.CTID", "CT2102572");
Gefunden : user_pref("CT2102572.CurrentServerDate", "22-11-2010");
Gefunden : user_pref("CT2102572.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2102572.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2102572.EMailNotifierPollDate", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.ExternalComponentPollDate128980152151612826", "Mon Nov 22 2010 15:45:31 GMT+010[...]
Gefunden : user_pref("CT2102572.ExternalComponentPollDate129010430308906809", "Mon Nov 22 2010 15:45:32 GMT+010[...]
Gefunden : user_pref("CT2102572.ExternalComponentPollDate129241049870851286", "Mon Nov 22 2010 15:45:32 GMT+010[...]
Gefunden : user_pref("CT2102572.FeedLastCount128731380714969334", 422);
Gefunden : user_pref("CT2102572.FeedLastCount129318697243744006", 180);
Gefunden : user_pref("CT2102572.FeedPollDate128734848660238153", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734848780081259", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734848899768760", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849162893952", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849298831492", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849447894294", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849563988162", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849694613310", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734849871644036", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850012112791", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850140238024", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734850329613306", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851254769189", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851343519240", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851486175530", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851555550653", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851626019450", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128734851705082013", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate128737465108387945", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837786", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837787", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837788", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837789", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837790", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837791", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837792", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837793", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837794", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedPollDate129318697244837795", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.FeedTTL128734849694613310", 5);
Gefunden : user_pref("CT2102572.FeedTTL128734850012112791", 30);
Gefunden : user_pref("CT2102572.FeedTTL128737465108387945", 5);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837786", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837787", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837788", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837789", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837790", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837791", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837792", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837793", 40);
Gefunden : user_pref("CT2102572.FeedTTL129318697244837795", 40);
Gefunden : user_pref("CT2102572.FirstServerDate", "22-11-2010");
Gefunden : user_pref("CT2102572.FirstTime", true);
Gefunden : user_pref("CT2102572.FirstTimeFF3", true);
Gefunden : user_pref("CT2102572.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2102572.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT2102572.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2102572.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2102572.Initialize", true);
Gefunden : user_pref("CT2102572.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2102572.InstallationAndCookieDataSentCount", 1);
Gefunden : user_pref("CT2102572.InstalledDate", "Mon Nov 22 2010 15:45:36 GMT+0100");
Gefunden : user_pref("CT2102572.InvalidateCache", false);
Gefunden : user_pref("CT2102572.IsGrouping", false);
Gefunden : user_pref("CT2102572.IsMulticommunity", false);
Gefunden : user_pref("CT2102572.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2102572.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2102572.LanguagePackLastCheckTime", "Mon Nov 22 2010 15:45:36 GMT+0100");
Gefunden : user_pref("CT2102572.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2102572.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2102572.LastLogin_2.7.1.3", "Mon Nov 22 2010 15:48:15 GMT+0100");
Gefunden : user_pref("CT2102572.LatestVersion", "2.7.2.0");
Gefunden : user_pref("CT2102572.Locale", "de");
Gefunden : user_pref("CT2102572.LoginCache", 4);
Gefunden : user_pref("CT2102572.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2102572.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2102572.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2102572.RadioIsPodcast", false);
Gefunden : user_pref("CT2102572.RadioLastCheckTime", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CT2102572.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2102572.RadioLastUpdateServer", "128929877726170000");
Gefunden : user_pref("CT2102572.RadioMediaID", "9512588");
Gefunden : user_pref("CT2102572.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2102572.RadioMenuSelectedID", "EBRadioMenu_CT21025729512588");
Gefunden : user_pref("CT2102572.RadioStationName", "Antenne%20Bayern%20Top%2040%20");
Gefunden : user_pref("CT2102572.RadioStationURL", "hxxp://channels.webradio.antenne.de/top-40");
Gefunden : user_pref("CT2102572.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2102572.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2102572.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT210[...]
Gefunden : user_pref("CT2102572.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2102572.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2102572.SearchInNewTabLastCheckTime", "Mon Nov 22 2010 15:48:15 GMT+0100");
Gefunden : user_pref("CT2102572.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2102572.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2102572.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2102572.SettingsLastCheckTime", "Mon Nov 22 2010 15:45:31 GMT+0100");
Gefunden : user_pref("CT2102572.SettingsLastUpdate", "1288262151");
Gefunden : user_pref("CT2102572.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2102572.ThirdPartyComponentsLastCheck", "Mon Nov 22 2010 15:45:31 GMT+0100");
Gefunden : user_pref("CT2102572.ThirdPartyComponentsLastUpdate", "1255348257");
Gefunden : user_pref("CT2102572.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2102572.UserID", "UN92440906239067222");
Gefunden : user_pref("CT2102572.WeatherNetwork", "");
Gefunden : user_pref("CT2102572.WeatherPollDate", "Mon Nov 22 2010 15:45:32 GMT+0100");
Gefunden : user_pref("CT2102572.WeatherUnit", "C");
Gefunden : user_pref("CT2102572.alertChannelId", "518348");
Gefunden : user_pref("CT2102572.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Gefunden : user_pref("CT2102572.clientLogIsEnabled", true);
Gefunden : user_pref("CT2102572.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2102572.myStuffEnabled", true);
Gefunden : user_pref("CT2102572.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2102572.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2102572.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2102572.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2102572.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CT2269050..clientLogIsEnabled", true);
Gefunden : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2269050.AppTrackingLastCheckTime", "Wed Jun 13 2012 09:40:32 GMT+0200");
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true);
Gefunden : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true);
Gefunden : user_pref("CT2269050.CTID", "CT2269050");
Gefunden : user_pref("CT2269050.CommunitiesChangesLastCheckTime", "0");
Gefunden : user_pref("CT2269050.CurrentServerDate", "13-11-2012");
Gefunden : user_pref("CT2269050.DSChangedManually", false);
Gefunden : user_pref("CT2269050.DSInstall", true);
Gefunden : user_pref("CT2269050.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2269050.DialogsGetterLastCheckTime", "Mon Nov 12 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2269050.EMailNotifierPollDate", "Mon Jan 23 2012 16:58:12 GMT+0100");
Gefunden : user_pref("CT2269050.EnableClickToSearchBox", false);
Gefunden : user_pref("CT2269050.EnableSearchHistory", false);
Gefunden : user_pref("CT2269050.EnableSearchSuggest", false);
Gefunden : user_pref("CT2269050.FirstServerDate", "23-1-2012");
Gefunden : user_pref("CT2269050.FirstTime", true);
Gefunden : user_pref("CT2269050.FirstTimeFF3", true);
Gefunden : user_pref("CT2269050.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT2269050.GroupingInvalidateCache", false);
Gefunden : user_pref("CT2269050.GroupingLastCheckTime", "0");
Gefunden : user_pref("CT2269050.GroupingLastServerUpdateTime", "0");
Gefunden : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2269050.HPInstall", true);
Gefunden : user_pref("CT2269050.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2269050.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://www.zdf.de/");
Gefunden : user_pref("CT2269050.Initialize", true);
Gefunden : user_pref("CT2269050.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2269050.InstalledDate", "Mon Jan 23 2012 12:32:38 GMT+0100");
Gefunden : user_pref("CT2269050.InvalidateCache", false);
Gefunden : user_pref("CT2269050.IsAlertDBUpdated", true);
Gefunden : user_pref("CT2269050.IsGrouping", false);
Gefunden : user_pref("CT2269050.IsInitSetupIni", true);
Gefunden : user_pref("CT2269050.IsMulticommunity", false);
Gefunden : user_pref("CT2269050.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2269050.IsOpenUninstallPage", false);
Gefunden : user_pref("CT2269050.IsProtectorsInit", true);
Gefunden : user_pref("CT2269050.LanguagePackLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2269050.LastLogin_3.10.0.1", "Tue Apr 24 2012 19:28:40 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.12.0.7", "Thu Apr 26 2012 12:59:53 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 08:53:16 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.13.0.6", "Wed Jun 27 2012 09:52:52 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.14.1.0", "Tue Aug 21 2012 17:28:44 GMT+0200");
Gefunden : user_pref("CT2269050.LastLogin_3.15.1.0", "Wed Nov 07 2012 16:13:04 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.16.0.3", "Tue Nov 13 2012 09:47:21 GMT+0100");
Gefunden : user_pref("CT2269050.LastLogin_3.9.0.3", "Wed Feb 15 2012 10:38:02 GMT+0100");
Gefunden : user_pref("CT2269050.LatestVersion", "3.16.0.3");
Gefunden : user_pref("CT2269050.Locale", "en");
Gefunden : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2269050.MCDetectTooltipShow", false);
Gefunden : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2269050.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2269050.OriginalFirstVersion", "3.9.0.3");
Gefunden : user_pref("CT2269050.RadioIsPodcast", false);
Gefunden : user_pref("CT2269050.RadioLastCheckTime", "Mon Jan 23 2012 16:59:39 GMT+0100");
Gefunden : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Gefunden : user_pref("CT2269050.RadioMediaID", "12473383");
Gefunden : user_pref("CT2269050.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Gefunden : user_pref("CT2269050.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Gefunden : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Gefunden : user_pref("CT2269050.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2269050.SavedHomepage", "hxxp://www.zdf.de/");
Gefunden : user_pref("CT2269050.SearchBackToDefaultEngine", false);
Gefunden : user_pref("CT2269050.SearchBoxWidth", 158);
Gefunden : user_pref("CT2269050.SearchCaption", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CT2269050.SearchEngine", "eBay||hxxp://shop.ebay.com/?_from=R40&_trksid=m38&_nkw=UCM_SEAR[...]
Gefunden : user_pref("CT2269050.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Gefunden : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Gefunden : user_pref("CT2269050.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2269050.SearchInNewTabUserEnabled", false);
Gefunden : user_pref("CT2269050.SearchProtectorEnabled", true);
Gefunden : user_pref("CT2269050.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2269050.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT2269050.ServiceMapLastCheckTime", "Tue Nov 13 2012 10:41:17 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastCheckTime", "Tue Nov 13 2012 09:47:18 GMT+0100");
Gefunden : user_pref("CT2269050.SettingsLastUpdate", "1352142245");
Gefunden : user_pref("CT2269050.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Jun 22 2012 11:26:05 GMT+0200");
Gefunden : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997");
Gefunden : user_pref("CT2269050.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050");
Gefunden : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2269050.UserID", "UN43593155779630519");
Gefunden : user_pref("CT2269050.ValidationData_Search", 2);
Gefunden : user_pref("CT2269050.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT2269050.WeatherNetwork", "");
Gefunden : user_pref("CT2269050.WeatherPollDate", "Mon Jan 23 2012 16:39:22 GMT+0100");
Gefunden : user_pref("CT2269050.WeatherUnit", "C");
Gefunden : user_pref("CT2269050.alertChannelId", "666138");
Gefunden : user_pref("CT2269050.approveUntrustedApps", true);
Gefunden : user_pref("CT2269050.autoDisableScopes", -1);
Gefunden : user_pref("CT2269050.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.:2z527", "2423");
Gefunden : user_pref("CT2269050.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D6F6B70736D737277");
Gefunden : user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473757176797379787D242F4B4947[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cj7;chgjd$nn", "247E61393F236B25717277732A212C6E414F444[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Gefunden : user_pref("CT2269050.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g>d", "6A6E706C3F7343437A7475714820744C767C257C7D527C2A25[...]
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
Gefunden : user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Gefunden : user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Gefunden : user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Gefunden : user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D464[...]
Gefunden : user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3D696C6C403E73427A6F45734A7378487D4A7C7A4D");
Gefunden : user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F6B70736D737172777A78");
Gefunden : user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
Gefunden : user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
Gefunden : user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
Gefunden : user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Gefunden : user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
Gefunden : user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Gefunden : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "66616C7365");
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "536174204A616E20323820323031322031323A[...]
Gefunden : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Gefunden : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Gefunden : user_pref("CT2269050.componentAlertEnabled", false);
Gefunden : user_pref("CT2269050.components.1000034", false);
Gefunden : user_pref("CT2269050.components.1000082", false);
Gefunden : user_pref("CT2269050.components.1000234", false);
Gefunden : user_pref("CT2269050.components.129023235807856892", false);
Gefunden : user_pref("CT2269050.components.129121052374999726", false);
Gefunden : user_pref("CT2269050.components.129351672002618989", false);
Gefunden : user_pref("CT2269050.components.129351776130744254", false);
Gefunden : user_pref("CT2269050.components.129391330693125668", false);
Gefunden : user_pref("CT2269050.components.129466585396013141", false);
Gefunden : user_pref("CT2269050.components.129466585399606892", false);
Gefunden : user_pref("CT2269050.components.129681780741097243", false);
Gefunden : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Thu Jun 21 2012 12:33:36 GMT+0200");
Gefunden : user_pref("CT2269050.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.initDone", true);
Gefunden : user_pref("CT2269050.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2269050.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2269050.isSearchProtectorNotifyChanges", false);
Gefunden : user_pref("CT2269050.myStuffEnabled", true);
Gefunden : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129466585399606892,129[...]
Gefunden : user_pref("CT2269050.revertSettingsEnabled", true);
Gefunden : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2269050.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2269050.testingCtid", "");
Gefunden : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Tue Nov 13 2012 10:41:16 GMT+0100");
Gefunden : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Mon Jun 25 2012 12:33:36 GMT+0200");
Gefunden : user_pref("CT2269050.usageEnabled", false);
Gefunden : user_pref("CT2269050.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...]
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"7ed[...]
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Herbert\\AppData\\Roaming\\Mozilla\[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Gefunden : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v3.1.0/gadget.html", [...]
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "${URL_SEARCHPAGE}");
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2102572,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2102572,CT2269050");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Nov 22 2010 15:45:33 GMT+0100");
Gefunden : user_pref("CommunityToolbar.globalUserId", "61a60e1b-2f07-4b88-ab2b-b13dafcb0843");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jun 27 2012 09:52:5[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 01 2012 12:17:27 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 01 2012 12:17:19 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "12e75efd-c167-43c9-9b28-27aa379910a0");
Gefunden : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.zdf.de/");
Gefunden : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Mon Nov 22 2010 15:45:34 GMT+0100")[...]
Gefunden : user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&Sea[...]

*************************

AdwCleaner[R1].txt - [42432 octets] - [20/11/2012 12:24:49]

########## EOF - C:\AdwCleaner[R1].txt - [42493 octets] ##########
Danke für deine Hilfe !!:daumenhoc

cosinus 20.11.2012 14:26
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

LouLau 20.11.2012 15:43
Hallo Cosinus,

Die gewünschten Files sind als "Zipp" angehängt.


Danke für deine Mühe..:abklatsch::abklatsch:

cosinus 20.11.2012 18:00
Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2012.10.30 13:01:49 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2010.11.04 21:31:22 | 000,020,531 | -H-- | C] () -- C:\ProgramData\R49LW
[2009.03.15 16:35:01 | 000,015,428 | ---- | C] () -- C:\Users\Herbert\RefEdit.exd
@Alternate Data Stream - 989 bytes -> C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr
@Alternate Data Stream - 1170 bytes -> C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ
:Files
C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

LouLau 20.11.2012 18:41
Bin wieder da.....,
Es kommt langsam Licht am Tunnelende, denn den "Mist" gibst bereits nicht mehr.
Bei Öffnen der Browser kommt bereits wieder die gewohnte Startseite, aber ich nehme an, es gibt immer noch was zu tun ???

Hier das "Fix"-Ergebnis:

Code:
All processes killed
Error: Unable to interpret <---------> in the current context!
========== OTL ==========
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\skin folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale\EN-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} folder moved successfully.
C:\ProgramData\R49LW moved successfully.
C:\Users\Herbert\RefEdit.exd moved successfully.
ADS C:\Users\Herbert\AppData\Local\Temp:eilK0WAms0xP161NJ0YHr deleted successfully.
ADS C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ:H0WxU2r6AlmAQTCeOEhPGlcjQ deleted successfully.
========== FILES ==========
C:\Users\Herbert\AppData\Local\lzSOT9AG1UGZ folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Herbert\Desktop\Trojaner-Board\15_11_2012_2\cmd.bat deleted successfully.
C:\Users\Herbert\Desktop\Trojaner-Board\15_11_2012_2\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Herbert
->Temp folder emptied: 124915087 bytes
->Temporary Internet Files folder emptied: 59082137 bytes
->Java cache emptied: 24833220 bytes
->FireFox cache emptied: 66702974 bytes
->Apple Safari cache emptied: 31791104 bytes
->Flash cache emptied: 96022 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4712177 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 403461991 bytes
 
Total Files Cleaned = 683,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Error: Unable to interpret <---------> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 11202012_181843

Files\Folders moved on Reboot...
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF406A.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF407B.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF409A.tmp not found!
File\Folder C:\Users\Herbert\AppData\Local\Temp\~DF40AA.tmp not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Danke für die Ausdauer.....:daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:04 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131