| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop plötzlich langsam gewordenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.11.2012, 17:10
| #31 |
 |  Laptop plötzlich langsam geworden Et voilá... |
|
04.11.2012, 19:04
| #32 |
| /// TB-Ausbilder  | Laptop plötzlich langsam geworden Das sieht aber eigentlich sauber aus.
__________________Jetzt kreisen wir das Problem weiter ein: Was passiert denn, wenn du versuchst AVG zu entfernen? Hast du versucht AVG im abgesicherten Modus zu entfernen?
__________________ |
|
04.11.2012, 20:21
| #33 |
| | Laptop plötzlich langsam geworden der avg deinstallierer öffnet sich, hängt sich aber irgendwie auf... versuche es mal im abgesicherten modus.
__________________hier ist eine liste der zuletzt abgerufenen Internet-seiten (Chrome-Verlauf), bevor der computer ins koma gefallen ist (ich glaube zumindest, dass sie es waren)... vielleicht kommt ja von dort der trojaner, bzw vielleicht hilft ja das datum... Code:
ATTFilter
Samstag, 29. September 2012
11:19
Showtime movies - I am live - ilive.to - better live streaming platform
www.ilive.to
11:18
AdF.ly - shrink your URLs and get paid!
adf.ly
11:18
adf.ly - shrink your URLs and get paid!
adf.ly
11:18
Watch Showtime Movies Live Stream | PHSTREAM
www.phstream.com
11:17
Watch Showtime Movies Live Stream | PHSTREAM
www.google.de
11:17
LiveTvCafe.net - Watch Live Tv Channels Online Free - Showtime (Powered by FreeTvAll)
livetvcafe.net
11:17
FreeTvAll.com - Watch Free All Live Tv Channels Online Anywhere - Showtime (Powered by FreeTvAll)
freetvall.com
11:16
Californication (TV Series 2007) - IMDb
www.imdb.com
11:16
IMDb - Movies, TV and Celebrities
www.imdb.com
11:15
showtime live stream dexter - Google-Suche
www.google.de
11:15
Google
www.google.de
11:15
SHOWTIME Live Stream | USA Television
www.stream2watch.me
11:14
Google
www.google.de
11:14
Where can I watch Dexter live online for free.? - Yahoo! Answers
answers.yahoo.com
Geändert von VHSK (04.11.2012 um 21:02 Uhr) |
|
04.11.2012, 21:21
| #34 |
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Die Daten oben helfen leider nicht. Hast du es jetzt im abgesicherten Modus probiert? Hast du schon den richtigen Remover probiert? Link Suche dir bitte das richtige raus - ich vermute mal es wird AVG2012 64bit remover sein. Probier ob du es damit gekillt bekommst und berichte mir.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
05.11.2012, 06:55
| #35 |
| | Laptop plötzlich langsam geworden So, im abgesicherten Modus dachte ich, es hätte geklappt, dann sehe ich aber, als ich ihn normal neu gestartet habe, dass es doch noch drauf ist. Also probier ich es nochmal (im normalen modus) und diesmal bleibt er nicht hängen (computer war diesmal auch von vornherein viel schneller). Es öffnete sich eine Internetseite (anhang) und am Ende erschien eine Fehlermeldung (anhang). Bei der internetseite find ich einfach nur interessant zu sehen, dass als erste Option Verlangsamung aufgeführt wird, ich scheine also nicht der einzige zu sein... Hier die Protokolle vom Deinstallationsfehler: (insg. 7 folgen) |
|
05.11.2012, 07:17
| #36 |
| | Laptop plötzlich langsam geworden Ehrlich gesagt weiß ich nicht wie ich sie posten soll, sie sind alle über 97 kb groß... und als code hat das eine auch nicht funktioniert.. ? Jedenfalls hab ich danach noch mal mit dem remover probiert: Code:
ATTFilter "Running zap for product code {41B19F41-8A6F-4422-AD69-CF3B408F382C}:05.11.2012 6:52:30,87"
D:\>C:\Users\Vincent\AppData\Local\Temp\avg-69c32039-7b8d-4d36-9c1d-ae5857c0bf10.exe TW! {41B19F41-8A6F-4422-AD69-CF3B408F382C} /nologo
***** Zapping data for user S-1-5-18 for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C} cached package. . .
Removed file: C:\Windows\Installer\7da7eca.msi
Searching for install property data for product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Removed \14F91B14F6A82244DA96FCB304F883C2\InstallProperties
Searching for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data in the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key. . .
Removed \{41B19F41-8A6F-4422-AD69-CF3B408F382C}
Searching user's global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Removed upgrade code '14F91B14F6A82244DA96FCB304F883C2' at HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Removed \Features
Removed \Patches
Removed \Usage
Removed \Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching old global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Classes\Installer\UpgradeCodes...
Removed upgrade code '14F91B14F6A82244DA96FCB304F883C2' at HKLM\Software\Classes\Installer\UpgradeCodes
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Removed \Media
Removed \Net
Removed \SourceList
Removed \Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2
Searching HKLM\Software\Classes\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Removed \Software\Classes\Installer\Features\14F91B14F6A82244DA96FCB304F883C2
Searching for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} in per-user managed location. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\sc.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\HtmLayout.dll
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\sb.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgatupd.stp
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgupdx.dll
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgatend.stp
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\sb.dat.xcd
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\js.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\awacs\rules.cat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\dfncfg.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\awacs\rules.js
Reduced shared DLL count to 999 for: C:\ProgramData\AVG2012\IDS\config\internalList.zip
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgmfarx.dll
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\cf.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\sb2.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\sc.dat.xcd
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\ph.dat
Reduced shared DLL count to 999 for: C:\Program Files (x86)\AVG\AVG2012\avgupd.sig
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Removed client of component 00FB2164D4C9EF64E96205401125F844
Removed client of component 02AD614616FB1364ABCE294CCDB95629
Removed client of component 03417262F87C7FE4AAD0D2FBFC7CB9F3
Removed client of component 07CE8F8306921AF42913F56E54DC7413
Removed client of component 0821F183D66E67D4A9649309B1067635
Removed client of component 08DB6088F9C4056418835141AD119791
Removed client of component 09215B2FA3729F847A6DC2511E60575F
Removed client of component 09F2282E0658E444784FD26E7E3B5FF3
Removed client of component 0A1D4D6BBE0F207409B178F74BE460D7
Removed client of component 0B38EF98AB1581443AD249C5C90AA6EA
Removed client of component 0BF9C5167FECCDF4E939E29821860CBD
Removed client of component 0C147B9CA63DE654493881ED171092DE
Removed client of component 0CDB03255FAA29D43A726311EE9B39AF
Removed client of component 0DE2D1B6F75A35E48857357C5EA46A30
Removed client of component 0E6682D66C458F9478A0C1EE51131927
Removed client of component 0F6C8A71566ED1C409B6F2442C2CE6E6
Removed client of component 10DC689E3D5C9E04E956C34BB9DA72FC
Removed client of component 115C55E4B299C9746B953DCF0F1C0498
Removed client of component 11DE9CEFE7D23224E82D4F60D277B03D
Removed client of component 1203663EA1581DC40801EB20CD813A69
Removed client of component 121A520F1B8E3C24F9636D8ACE286485
Removed client of component 12EA08C024899B0418292DEE7024C6E3
Removed client of component 148EF1ED58C99B4429282C1CF4322243
Removed client of component 1497D8EA46597E649ADA96A94F10BCB8
Removed client of component 14F579201201E2C428B6A2406E05F571
Removed client of component 15C4F60261D177A4D822789C4F3088AC
Removed client of component 1662F5426903BEE4792329B714BA4962
Removed client of component 16B9439A9B6F09441924A8B28B421AF6
Removed client of component 1741A9E1E8A32C0488F1BE21E8AD42F9
Removed client of component 1888CBFD4D7EFBC428B2BE5BC4473322
Removed client of component 1AD80ED741F46F446997319B1985292B
Removed client of component 1D1F9947603921C488D8BB5DA1332053
Removed client of component 1D37CBEDE1A9A5844B092474FCDACDB0
Removed client of component 1D6A32B776F45E44F8BC652F38790B72
Removed client of component 1E9A06E17F2CBFC42908A7AD66EF5401
Removed client of component 1EED469A4C5F7C745827D50BBB8C1761
Removed client of component 1F13D34635D3E9644A9F79DE7DD15BB5
Removed client of component 1FA006F2081767D44B10AA2BE4A3080A
Removed client of component 1FE27B552F13FD14DAA834D775074A1A
Removed client of component 20258851324DE6248912A1D161CC9E1E
Removed client of component 209B86F6EA1A22D4CB6594EA4A18F6A2
Removed client of component 21885EF92FD91A740833A822F2C0B764
Removed client of component 219F767E8BB90164696322370C445571
Removed client of component 21C9AA2100231834DAB660767EB6DA28
Removed client of component 23321D2744275A94FAB6E858B432CC92
Removed client of component 24C4B793138411F4EA0FAEBD5F54CAE4
Removed client of component 25585AAE2D9E5C34C9C766C9BFA16652
Removed client of component 262DEC570D5E8684483BE95DDA53E376
Removed client of component 26433751F7DE54E43818C88786A3874C
Removed client of component 2714DC615D53E6C4C86D2E300D8BF9BA
Removed client of component 274FD6D88AE9D6B42A6EB295F153EA50
Removed client of component 276B0AEEF5496BF45A7EC616C2498B09
Removed client of component 289FAF5C09777004F8CC38C673AFB580
Removed client of component 29D64A3EC8128F74D8BDBFE31FB7EB1A
Removed client of component 2A2017D405FF9D54C8BDB5B2DC29C084
Removed client of component 2A69AB43A7F78014AA8A9459CA47DEF3
Removed client of component 2BA0382DE34CA844E981D04A6081C2D8
Removed client of component 2BF2207A456F58B47A19FE0FA93DDB2B
Removed client of component 2C7FAF9742A3D5049BA5E463E6019EEF
Removed client of component 2D56CCBB52263F141A29BD9F3755DA87
Removed client of component 2DEE2ED50096FB346A9E531D24B28336
Removed client of component 2E27E9A619A76BB4B99F42D2DF921A9E
Removed client of component 2E73953AFC387D045A6333EF2164BFC4
Removed client of component 2EF2BE8D0D3E0684393AFD5FA2B94CD5
Removed client of component 2F391EB72F3A0F44798692F96613B5A0
Removed client of component 2FE417FA6A399D9419D61D1F330B1286
Removed client of component 3284BC44EA4F61F4A8E619DD6234CF8E
Removed client of component 32BF6E9B62140814AA76BD323D3CE4A0
Removed client of component 332B9B84ED6857845A093CA461B64AAB
Removed client of component 33C46B3013C4D2C4BACC7F32A99F271F
Removed client of component 35134CB9D14722C46A34A57A68CD647C
Removed client of component 359ECDCCD3B03434DABDD3C9B108D6EA
Removed client of component 35FEB4B81DAE148419059119525359D2
Removed client of component 361C254CFBC214D418730C8805F52801
Removed client of component 3629EB64CCA6C464796EA6C4DDCBB43F
Removed client of component 37DD841F8FA18154BB25FDCF9DB27243
Removed client of component 380B39FF82221C041BE2ECDA2D982C09
Removed client of component 384BF1A9E63DD6D4FB3D4C9B35875889
Removed client of component 38D8E24252DD37F45B5698BC3C078DE2
Removed client of component 394161B2A1C20964E80259487AFC3936
Removed client of component 3CB9A374886ED3A4B817E5D16761CE91
Removed client of component 3CE94E96BD39D0E43A6DF1CB6A6A1649
Removed client of component 3F556399007B345478CBC58CFA411D60
Removed client of component 3FE89B386F54AD2429446EE2A1137750
Removed client of component 3FEDF976F5D0D7C4E979FBAE976F1552
Removed client of component 402F35A3489E5B644986A7D64AFA2F5E
Removed client of component 405A397C9FCBDC24CBFCEAD25B8E3706
Removed client of component 413B72E1505931D4AB8BC921148F7CC5
Removed client of component 41802A8770B2683428FB5EE35B3B269E
Removed client of component 41BA0F7DB7E9C5D418B7996C5735D37F
Removed client of component 41ED20A6906033F43860CECF0824F36F
Removed client of component 425C9CCBFC9B0134FABF2D69D5739792
Removed client of component 42880575DF40D6342B4D6C02576F4287
Removed client of component 43D9C93C7646D3C42B404B86C43108D6
Removed client of component 459698D21314E98439782135FF08F092
Removed client of component 4611225D7FCC9E844B2BFB9BC814C8FF
Removed client of component 46C2D78ADEC65254580D82C6F4F0B78D
Removed client of component 47267D11CB256E640ADFDCA61B72D247
Removed client of component 48A5A8E6552A6F64D807824201D768B2
Removed client of component 48C98A705FC92794A96FA37B77B5A0A8
Removed client of component 4ACD1363AD02ECD448DF9F76CFA51166
Removed client of component 4CC657C6C8A669C42B42CC5AB2D0A504
Removed client of component 4D993D550A7310F44AE0F52C79DE37BD
Removed client of component 4E8D3C51ED202E04CA884A731359977E
Removed client of component 4EDDFD314B6538744B43B77B3D101812
Removed client of component 511E1388C85CF06498FF6BDF2F0D60D5
Removed client of component 52354C62716F2254F86F43DC3CDF632A
Removed client of component 527B10DD57CA4094BB0A5433F4E18A65
Removed client of component 5438510F6DD36AD47AC992410BE5BE09
Removed client of component 549FC47537CCFC14B95101FE728BDCE0
Removed client of component 54B29B682E4733D4CA8A84B05913AFDE
Removed client of component 54F221F94B0A52845A61BFE5AE13458D
Removed client of component 550D8EF204542CF47A1444F7F82C896C
Removed client of component 5522F383C5285CC459238472161300DA
Removed client of component 56A11469197931347B2EF54F3C912959
Removed client of component 57D6D738457BD5D40B4E69BDFD8686DF
Removed client of component 5811995C26A8252449FD6C7ABC319EB8
Removed client of component 583CA4CF0AC7F8843A84E5D8130C367A
Removed client of component 584BA253081CE6D4093008A3EB917631
Removed client of component 588AD543883CC79409BBD79F21B599A4
Removed client of component 58BF3FBBE4EAA904F867E97E8EF73499
Removed client of component 58DE44FAC5064B9499C41C742720988E
Removed client of component 591A6CDCB390CD848B5D47ED1E3879FC
Removed client of component 5A164D82FA44BE540A6368B96DDFFDBB
Removed client of component 5B0FA21D31C5FBB438F2152432E8B9E4
Removed client of component 5BC04B484C8B06F469C1F053A437F39B
Removed client of component 5BE80BB925727C940A6CC44335537CC1
Removed client of component 5D70FD512AFFB5C459F4EB79441AB0CA
Removed client of component 5E1B2F759E7C1574D8A4E5F5C412EEF1
Removed client of component 5EA8BCD3F5B513B4FAF5770FF33F9C28
Removed client of component 60C68AE8C906D55429FC04F241915288
Removed client of component 6105B82D03B14774E8B6F59DD0B8F6A7
Removed client of component 6199430737C0E3E48A204C870714C0E6
Removed client of component 62297EFB1EAD1374A8BE37951773392E
Removed client of component 6240EB65F43EB9E46918722AA9A690F3
Removed client of component 624BB461518C0F94CB88FFBA9572EEC0
Removed client of component 654FD6FD7F74FF047BBF46A837C689F5
Removed client of component 659AFF1C9FB73FA428D29FBDFF2CEADC
Removed client of component 6610574CDE09E664DB24D0BBD59F94A8
Removed client of component 66791AB3105772941AAF175F0A6CBD84
Removed client of component 6692140C420A7034BB32511EEF6A4046
Removed client of component 6744005AEAA90224F9B2577B50A49AEB
Removed client of component 681EE1FDB0838BC4DAB9A1A93335CA91
Removed client of component 687E351671D8BC14280980A68E785258
Removed client of component 693D14B7DCD6098408467DD114548893
Removed client of component 6981AB81A4738804691A6209577B632B
Removed client of component 698AAC0801AEC994B909F8BA01702155
Removed client of component 69A6F144A153F364499AD9E627047D55
Removed client of component 6A93A02ADE963AB4EA3963505708CD0D
Removed client of component 6B73052A1DF4DEC4F82474ABD9C86A1D
Removed client of component 6BF3878AE2AA11F408E1A39F51D957BD
Removed client of component 6C3DEC6E1282CE749B91A1F90C3ADBE6
Removed client of component 6EA0D887B9A94764AA0152EC3E308725
Removed client of component 6FF641D575ACB6942AE7FF90ACC0201F
Removed client of component 707EAD4321AA99541B459CD6A88E6F9C
Removed client of component 7121893414A1B8B4BA6033E95AD2F70C
Removed client of component 714CF90045B6EF74B8455FFC5AC00F25
Removed client of component 723C2A1E41455784EB3E7504A5001051
Removed client of component 733C87EE6B7ECAF4A8DA17E45C881131
Removed client of component 7391F3C90835FB848957E90B18365F19
Removed client of component 74416286FE81BBE4882ECC9746CBF7BD
Removed client of component 749369BC0D2AAA14ABFA36894681D87F
Removed client of component 74D38C06420EEC94AAA13DD9EC0E0096
Removed client of component 76113BD4CDB4CDD42B914765E5971681
Removed client of component 768C888C1F369C94EA721FCEE3930603
Removed client of component 76A63CD6BDF1430468269ED964B57273
Removed client of component 770E95C8DE80B324499FFC89718EA6AA
Removed client of component 77B1698BE23CB0D40ADF0D5C841A5B3F
Removed client of component 7807090397DF2BE4785478B73671B0FB
Removed client of component 780BCF6A96755FA40A0C1970B8C39541
Removed client of component 792EAE80B02653045A0688B229664084
Removed client of component 7A8D8B33104478F4B89E2D816396013A
Removed client of component 7AE8A4C6FA6F1144EB0A7F8EDC02E54C
Removed client of component 7B9D1CBE18CC60241A55D03838468C56
Removed client of component 7C615F9D79C89CE4DA7FD8F6178C5978
Removed client of component 7C9EEBB866FA8854297217E0C91407EF
Removed client of component 7F165CCEE2D6A754CBF1A33B3690B35D
Removed client of component 7F6A9E3A59E21424383B679FA8B12056
Removed client of component 8064306BD59432B4BA00AF9AFDB3E00D
Removed client of component 80982D461CE8DFD4AAC4E11EC5A69794
Removed client of component 8108A82209BEC1044AE571A90EA62CC4
Removed client of component 81F0D4C6159E8064F9CBE6CD6BB15963
Removed client of component 8387317AED1A0D64C8F39A05D3E5ADE2
Removed client of component 839749C7DE6C0FB4D92038E653899CEB
Removed client of component 84A020F387925634F9769E7BFE004F20
Removed client of component 85078668E396D1B4199D13221660DCF5
Removed client of component 85CCEB323E53F5E4FBC9850ED9532E70
Removed client of component 85EC1D8B7BE494A4A9DE14D2271176C6
Removed client of component 85F0B0B76FD63E9429923C033DF8F498
Removed client of component 879764956D4F84346A5BD47A168A5173
Removed client of component 8B3876962B20F634B894D96B6E6F5B3E
Removed client of component 8B5BC1C170CABFA4D85081BEEA06E6A9
Removed client of component 8BA53390B6D77D14FACBC84BD234C32C
Removed client of component 8BD6E5805034D7A4E86B315BA3C5454A
Removed client of component 8BE35A0BBF201A24EA4DB8197F34134B
Removed client of component 8D1E989ED0C81B44B8BE9B0BE8C58EC5
Removed client of component 8D28B2E7EC7B56B468FC62AD25220867
Removed client of component 8D9E99A44477C6648A00D7F548844749
Removed client of component 8F3EDF98BC3E58941A7473BC41B43F5F
Removed client of component 8FBFB03FE5F2E9549BE954CE52B78FB9
Removed client of component 902357776D756434099161F48CB7EB99
Removed client of component 92312A030BCF97341979ACF99F2C15D2
Removed client of component 9238717B266ADD643AD39013EA460A97
Removed client of component 9294A456131736745852BDD8BDC475E1
Removed client of component 934CE06719A1AF642959CEF8686B15C5
Removed client of component 9368A939062BF934199093B2E6403F9F
Removed client of component 936B3CE721A634E48846EA0BB0842EFB
Removed client of component 94BC40A46E5A5144788CC24648AEC8BC
Removed client of component 964A33E77500CC34B8D3F5DEAD6212A6
Removed client of component 9665D78DA1469094383ECF47A9D8D84C
Removed client of component 9799070EAD4A1524C88683DB56D1584E
Removed client of component 97BAE971E7A56FA47BA1118B0F8B6747
Removed client of component 97EDF8697F32F24439BF8526C9E8BD68
Removed client of component 97FBC35B48854B347BFB2DBEF203CBAF
Removed client of component 9825CB7F5ACA03142B83118BDD627D7F
Removed client of component 99CC2F1A7F8FC3F448D74BDC23AB8E68
Removed client of component 9AC0785E3BC2A5D44BCAA40E283576B7
Removed client of component 9ADDD90BBDEDE824C807D5DB9B992F66
Removed client of component 9B656E919AA389B4CBCF0C57D33E1E29
Removed client of component 9B90AA0CAE1D3E147BEF2CF6797EFA1E
Removed client of component 9BDF2516394B58A4D9C6C12CC9E099BB
Removed client of component 9C7780973C9B9BC448B7FA598B68AD4E
Removed client of component 9CBF7FC1F7873ED49862F04CA10B8FDE
Removed client of component 9D14327F34F93E64480FD3DC6E97131C
Removed client of component 9D92789C51EDF8F4EB3FB8325179F2FB
Removed client of component 9D9F23382CA2E684A89A5BFC1D227137
Removed client of component 9DDDC04E1C3AF3B438EE7F7FDA6461ED
Removed client of component 9E444D35BC85EFF41BBA156CC0E491B2
Removed client of component 9EE57B10911F35A438636C79A6DE2033
Removed client of component 9FAA3A8AA9064C94BAFDA0B4BA6ADCB8
Removed client of component A0066271D79C6F24F8728D6D2EF36308
Removed client of component A0513AEF7C219284DA9518167EE77082
Removed client of component A1134359B7955984A9B6A1FC0EEB7EBE
Removed client of component A18413103C8272F4D8E50C5C1A599BC7
Removed client of component A1C0147BB35C38246A6BED808A6048BC
Removed client of component A20C63B2F09022B42BD78DB6F97EDC19
Removed client of component A29CCD0EF2F170C4A820E901B1D05C94
Removed client of component A2DCC9330C5A5B343B4A9178986A421A
Removed client of component A32CD0EC4A8FBA1478BD2CB031145A85
Removed client of component A349FB85ED23A94429528A9DE2707EBD
Removed client of component A3512A90D4B94F44E8CBD76F01988E13
Removed client of component A356DB03D439C944BA8E4936AF9FA85C
Removed client of component A4DF15DF1AEF0BC4194959FAC3C8D515
Removed client of component A5640AD18AA0ADB46B742389583CC79A
Removed client of component A692E78D59122C34BA02F3029493BADD
Removed client of component A754AE0AE1C52EC498470B0914896271
Removed client of component A82D93DE5E568404E98115D545346EC6
Removed client of component A866FECCC2EDFAB4081ED457B0F19F21
Removed client of component AABE34F4E0B29BE4E99FABF43E3EFDC5
Removed client of component AC0F0309298BE894EA35BF369DCC9049
Removed client of component AC5CF863E3B0F8044BE4AE5ECF29A8AE
Removed client of component AC7A2A3DB8930B84DAA78C1B6DE74526
Removed client of component AD995495EC471EA4AB014AA2F1A81080
Removed client of component AEA16B55A833DBE4784A89E373C82EF0
Removed client of component AEC4428EA000C324181FE263620DA9F7
Removed client of component B180763B6DDA19E46AA65D1F707172AB
Removed client of component B2D2DF1A281EEF74F8C86A47D02A1959
Removed client of component B2D4B1005E2356142A5D234551CD547B
Removed client of component B39B28FC21842DD4793DB5C281490DF7
Removed client of component B5967C94AD2608E4BA9ABBAD47838116
Removed client of component B6240439242E4BC4E8F83A199AC2AEE2
Removed client of component B6D0804A314D9794CB2DC1CA9447CC87
Removed client of component B6D7DD87E66F85440920466D71991278
Removed client of component B6DC47FEE7E55504C8A108B06F6BD2BB
Removed client of component B7F49CBF0544C7C4D9030FDD1C8477C8
Removed client of component B8B0C5D47B9497C4291ADB123BCE0EB9
Removed client of component B9F995C22DB895E46A259E9A0561EF65
Removed client of component BBD32FBAD07C36442BCF603DFF0C3D75
Removed client of component BC79836E536DA7A41809ECBCF974116B
Removed client of component BD1B0C29845DCE94B9B1D6F759947C16
Removed client of component BDD8855D45FB10646861C79AFEBF86C5
Removed client of component BE3DDB414A5C2D04D925C0BF406D6710
Removed client of component BF85F3119F70FE94D8DD866825A8C6A9
Removed client of component BFB0077CB3DD6D74BBBDEF827EC83942
Removed client of component C105182B53D91C940A0777CE3399CE17
Removed client of component C23101620A7410C448718DE31C4D5A35
Removed client of component C31468550121A4A40BEBE793CE231D3E
Removed client of component C3FE241C5BF96A94D885409117ECBABB
Removed client of component C4CB18365C8AF1045B7D4B7F9A0C006B
Removed client of component C4CCD9C1528D29C4BBF611EFFE3B6D08
Removed client of component C4CFB718387E9EB45B407A8E4B14264A
Removed client of component C4EC6DD7180AC9840AFA49EE52C3C4F0
Removed client of component C60211C610823404FB10F01F02ABCB9B
Removed client of component C66BDDF209F3AD645AB634C50DE7F7ED
Removed client of component C67820A22FB21F649A904D85ECF3EDF7
Removed client of component C6DBD13D059CC794E83445EFD03AE076
Removed client of component C70B0D249FA09DC42B111492CFD6BBBB
Removed client of component C7EE74E5D2941974BAA3E1A37B8C55C9
Removed client of component C886527D8FC6F67409CC1785EAD83508
Removed client of component C8F648C5E8F27B6488CEEED1CF683B8B
Removed client of component C9416FA855A98BF4792271554BFDAABB
Removed client of component CAEE8C192FDFB13479C32862C650F4D6
Removed client of component CAEF0206AA1A04A43AE31A5CC20C5444
Removed client of component CBBE5F8AE6A8DE247A8A775E67E44B3C
Removed client of component CBD102EF66D93CB4A8C6AA14FD2335B3
Removed client of component CC1D0B74289CF904BA9F1CBE306F7354
Removed client of component CC970BF39E3E738478706ACF972F52AE
Removed client of component CD1C323D312570945A884F5D7DCEFEBB
Removed client of component CD2FFF4DC65728149A096E258856F692
Removed client of component CD43BEA39CA1DB64490673C012F18BFE
Removed client of component CDBC84CC8E7CC8F4AB4F381572014A94
Removed client of component CDD48CDF1DAE2384C968BF53CC3B8B4C
Removed client of component CE45FE7787028E24D8D4066125F6B64C
Removed client of component CE6D544924D09E84F8042BAD38A60F78
Removed client of component CE79C231997464846920C2A6994F757B
Removed client of component CEA9A6D8B5FDFB34B875367D1065891A
Removed client of component CFA46696AFCE1CB4AAE0B3D8E3B65217
Removed client of component D074E81EF0C5EEF48AB9E05FE98AF421
Removed client of component D0DF41036523CEE4C9C4116142AB5939
Removed client of component D0F185BFF8CCDA14AA98CB4961AABE45
Removed client of component D41591240BFD6E34589254139C8E0177
Removed client of component D47DF81D063677C4386D5C3A38D9ECC5
Removed client of component D511310E193FB924691EE8E4899281E7
Removed client of component D55441B1479F59740AFBE9FDD2740122
Removed client of component D62BA8D870EDB2B40B2ED662BBD084C1
Removed client of component D729A26097AD7FB4DBADCB4B54B996A3
Removed client of component D75A3BC0A55667A488F4DF8B37461E87
Removed client of component D866A5DABB6C36B438BE5CF5BA28B211
Removed client of component D86F5EDBB77274E4A92AD98FCA215919
Removed client of component D88DEAD01DF0D8C4082F327D910AA736
Removed client of component D9BBD8AF64DB9DF4EB40EF79BC7C4E81
Removed client of component DB21340018319B0438D1FC0DF8C7776B
Removed client of component DB23D2363BF5F754B9AAD07ED74C14F5
Removed client of component DBB119042F602E149A1828A6C50B517D
Removed client of component DC1A862FADBE0874DA7DB986505EA7B0
Removed client of component DC548F66804580044BA742BF5DEF7E9A
Removed client of component DC6F9B8AB0594174DB1A8418F5D31D10
Removed client of component DCE7FD9ADD3FE4C43A0B0BDBB5FF3A9D
Removed client of component DD4C58965EE9CD74097AE4D52BC38174
Removed client of component DD8AA62319076AD469EA56D4E2CB2EC9
Removed client of component DEDA8A433CD021642BE1DD3AE45EC550
Removed client of component DEE4BD0922B59024AB720BF0B16A00B6
Removed client of component DF7426EFFD9735C458D348B69EEE0542
Removed client of component E1AE7BF52C8D76444B4750ACAA8D255B
Removed client of component E2A454327BA2AE245BF287EA51DED8EC
Removed client of component E36DD787A29FC5B4FB3983B7881B81FB
Removed client of component E41B494CC536D2140A47BF7060989593
Removed client of component E433AA04A91C4F34F859AD4629343519
Removed client of component E4353913FE8BD564EAF1B7F4DA9F2528
Removed client of component E44FA2B654640724596D61083C5FD4A4
Removed client of component E583759B13F5D054B801210C67780086
Removed client of component E8461EE0E9D58394FBA5BDBCDAD0F722
Removed client of component EB06BD404D6EB77448B48C83D896EEAE
Removed client of component EB66A40157026C34FB66DEAF92622EBF
Removed client of component ECF0C86740A17A242981A461D7A40328
Removed client of component ECFF7FD6E6A8EFC4AA259E9173B34B94
Removed client of component ED90795236E27C24CB18D231731F1FB2
Removed client of component EE362632BDE7F53468931017C9FE9F58
Removed client of component EEEAB3C9702367644B8F522093D5B83C
Removed client of component EEF4F7070057EFC44BCD0A4ECA1D63A6
Removed client of component EF8141EDBC3732A4AA5CF0443DA8C6BF
Removed client of component EFFE8EEEBDB6CC34FB81DD7C7DB2FF15
Removed client of component F061708F3225D9D4D906120730B2AC2D
Removed client of component F0839BF88786D904D842E3A12C0E09FD
Removed client of component F0BD53C72928ED34596E716A52B8BBC0
Removed client of component F17FC484AAB8919449542D896C9BCB4F
Removed client of component F1C570715109D3A4A99BE27ED26855D8
Removed client of component F2A8FCE0C74359D4093F67EC7D6E1500
Removed client of component F325D7BB7989D8F4D876651E5811E2A6
Removed client of component F330C824EC6536D4DB1652975923033F
Removed client of component F37F0F0B9EB84E34F8C7B8CAC4467074
Removed client of component F3D629045F6B8E347B0846334E5D3D92
Removed client of component F48C37897CBAF324483D3A82EB1ECE9D
Removed client of component F4DCC2F4D1D87034C8DE335A424D092B
Removed client of component F549D72EB97BFC34DBFE85252BE316DB
Removed client of component F5762A04D23DFDF409B143E6F80B36E0
Removed client of component F59EFE50136030B4E87919A92806215B
Removed client of component F5E1BB41968CC1B4788EAF61AA9B07D4
Removed client of component F6904A4EC8AA6824AA98B30B170A1B7A
Removed client of component F74CF95EF80320246A95AC7A43EEBAE9
Removed client of component F757A89A2E3212C4EBD744B8D6F0A3CC
Removed client of component F762B380CA9EA734F9DDC58C6F2F3ACB
Removed client of component F77A4F94E03B00F429651D643688C183
Removed client of component F7AF2723EF90BA64D9B9E2C7C0A24D21
Removed client of component F8168FD8729B88343B63BBB823EB8CE0
Removed client of component F86CE24379AECA5439A24CF0FCB467B1
Removed client of component F8E8B4C854C050D4B8D12A8CDA1340C8
Removed client of component F915FD4BFE14BD84E8D6CF7EA80B9D4F
Removed client of component F94CEB5132A64074B8AB5E041D59BD43
Removed client of component F9D680E815490724A9868C09AB5057E9
Removed client of component FA116E182F95B5B49896E51E3DDEF167
Removed client of component FA28C090436E045469BD279915C49FB4
Removed client of component FADA742E8571AEB48BEF171FE7BDCBCC
Removed client of component FBD5E45BC65F74F4A954A75074B73E72
Removed client of component FC1A52BFAAA60D54BB9F3B852AAA5F9D
Removed client of component FC359DF5AC8E6F9468823167B72DCDE6
Removed client of component FCF7479C6905AA0459397D1D1F6827CB
Removed client of component FCFA7ABAD5FCFE646BBA4CDCA19C3633
Removed client of component FE69A3AD1FFCBFF40AE3F850520FB704
Removed client of component FE6B425CFD173B84EBF82724F0EF5FCD
Removed client of component FEE91B250D6F8EC4A9DB588DF789E9E8
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Searching for Installer files and folders associated with the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgabout.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgamnot.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgapia.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgapix.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgapps.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcclia.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcclix.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcerta.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcertx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcfga.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcfgex.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcfgx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgchcla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgchclx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgchjwa.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgclita.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgclitx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcmgr.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcsla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcslx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcsrva.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgcsrvx.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgdecider.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgdiagex.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgdumpa.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgdumpx.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgemca.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgidpmx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgidpsdkx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\AVGIDSAgent.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgld.cat
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgld.inf
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgldx64.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgldx86.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avglnga.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avglngx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgloga.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avglogx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avglscanx.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmf.cat
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmf.inf
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmfx64.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmfx86.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmvfla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgmvflx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgnsa.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntdumpa.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntdumpx.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntopenssla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntopensslx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntsqlitea.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgntsqlitex.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgopenssla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgopensslx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgpostinstx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgpp.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgppa.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgresf.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrk.cat
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrk.inf
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrkta.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrkx64.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrkx86.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgrsa.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgscana.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgscana.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgscanx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgscanx.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsched.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgse.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsea.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsrma.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsrmaa.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsrmax.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsrmx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssff5.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssff6.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssff7.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssff8.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssff9.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssie.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgssiea.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsysa.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgsysx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\AVGTBInstall.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgtdi.cat
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgtdi.inf
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgtdia.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgtdix.sys
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgtray.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgui.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avguiadv.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avguires.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgutila.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgutilx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgvva.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgvvx.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgwd.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgwdsvc.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgwdwsc.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgwebui.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgwsc.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgxpl.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\avgxpla.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\AxBrowsers.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\axioo.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\DiskCleanerHelper.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\DiskDefragHelper.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\fixcfg.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\helper.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\localizer.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\MicroScanner.exe
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\MicroScannerElevation.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\RegistryCleanerHelper.dll
Removed file: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901\RescueCenterHelper.dll
Removed folder: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2\12.0.1901
Removed folder: C:\Windows\Installer\$PatchCache$\Managed\14F91B14F6A82244DA96FCB304F883C2
***** Zapping data for user S-1-5-18 for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C} cached package. . .
Searching for install property data for product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching user's global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching old global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Classes\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} in per-user managed location. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Searching for Installer files and folders associated with the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder
***** Zapping data for user S-1-5-21-1655660024-2649062184-858687661-1000 for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} *****
MsiZapInfo: Performing operations for user S-1-5-21-1655660024-2649062184-858687661-1000
Searching for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C} cached package. . .
Searching for install property data for product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching user's global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1655660024-2649062184-858687661-1000\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1655660024-2649062184-858687661-1000\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1655660024-2649062184-858687661-1000\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching old global config location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-machine location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching HKLM\Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Classes\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching old per-user location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKCU\Software\Classes\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKCU\Software\Classes\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching per-user location for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKCU\Software\Microsoft\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKCU\Software\Microsoft\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching for product {41B19F41-8A6F-4422-AD69-CF3B408F382C} in per-user managed location. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1655660024-2649062184-858687661-1000\Installer\UpgradeCodes...
Searching for patches for product 14F91B14F6A82244DA96FCB304F883C2 in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1655660024-2649062184-858687661-1000\Installer\Products\14F91B14F6A82244DA96FCB304F883C2\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1655660024-2649062184-858687661-1000\Installer\Products\14F91B14F6A82244DA96FCB304F883C2 for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1655660024-2649062184-858687661-1000\Installer\Features\14F91B14F6A82244DA96FCB304F883C2 for product feature data. . .
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 14F91B14F6A82244DA96FCB304F883C2. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Searching for product 14F91B14F6A82244DA96FCB304F883C2 client info data. . .
Searching for Installer files and folders associated with the product {41B19F41-8A6F-4422-AD69-CF3B408F382C}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder
 Jetziger Stand: (Nach 1. Versuch im abg. Modus 2. Versuch im normalen Modus 3. vermutlicher Erfolg im normalen Modus mit remover) Computer wieder normal schnell, man kann wieder gut mit ihm arbeiten, jedoch hängt er ab und zu für kürzere Zeit manche Programme auf (z.B. sowohl Chrome als auch Firefox, sobald man versucht, den Verlauf anzugucken..). Was mache ich jetzt mit micr security essentials? Drauf lassen oder anderes Virenprogramm (außer avg ) installieren?Weiteres Vorgehen? Geändert von VHSK (05.11.2012 um 07:32 Uhr) |
|
06.11.2012, 14:24
| #37 |
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Ich perönlich kenne MSE nicht sondern nutze seit längerem Avast. Damit komme ich gut zurecht. Beobachte das jetzt bitte erstmal und mache in neues OTL-Log. Vielleicht sehen wir da ja noch ein paar Überreste, die wir entfernen müßten. Kontrollscan mit OTL
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
07.11.2012, 16:57
| #38 |
| | Laptop plötzlich langsam geworden Mein word funktioniert irgendwie nicht mehr... Gehts auch als code? OTL Logfile: Code:
ATTFilter OTL logfile created on: 11/7/2012 7:36:02 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vincent\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.80 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 64.42% Memory free 7.60 Gb Paging File | 6.18 Gb Available in Paging File | 81.29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 296.09 Gb Total Space | 223.25 Gb Free Space | 75.40% Space Free | Partition Type: NTFS Computer Name: LIFEBOOK-A530 | User Name: Vincent | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/11/01 23:38:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/07/25 10:28:02 | 000,101,288 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe PRC - [2011/11/24 16:31:18 | 001,837,568 | ---- | M] (TerraTec Electronic GmbH) -- C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe PRC - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2010/04/14 16:40:00 | 000,235,579 | ---- | M] () -- C:\Program Files (x86)\Lion\Lion.exe PRC - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/10/09 21:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe PRC - [2009/10/08 20:44:54 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe ========== Modules (No Company Name) ========== MOD - [2012/09/15 09:49:38 | 000,766,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\ca507030bb77d2c58f5cebca8b4de7f0\log4net.ni.dll MOD - [2012/09/15 09:49:38 | 000,117,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeskUpdateNotifier\82cf810ac24ee22f99a0a1a7a752947c\DeskUpdateNotifier.ni.exe MOD - [2012/06/15 20:27:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll MOD - [2012/06/15 20:26:56 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll MOD - [2012/05/15 17:06:10 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll MOD - [2012/05/15 17:06:06 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll MOD - [2012/05/15 17:06:04 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll MOD - [2012/05/15 17:05:59 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll MOD - [2010/04/14 16:40:00 | 000,235,579 | ---- | M] () -- C:\Program Files (x86)\Lion\Lion.exe ========== Services (SafeList) ========== SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/06/23 17:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [On_Demand | Stopped] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService) SRV:64bit: - [2009/12/24 12:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService) SRV:64bit: - [2009/07/30 10:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/11/05 07:42:28 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/14 13:24:08 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/09/15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater) SRV - [2010/09/13 12:58:24 | 000,399,944 | ---- | M] (Elgato Systems GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe -- (EyeTV Netstream) SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/10/16 16:18:17 | 000,759,072 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.ScreenshotReader.9.0) SRV - [2008/07/04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/01/03 16:28:54 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2012/01/03 16:28:47 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP) DRV:64bit: - [2012/01/03 16:28:47 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap) DRV:64bit: - [2011/08/02 15:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011/03/31 18:32:00 | 001,424,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/04/12 08:09:08 | 000,131,144 | ---- | M] (ABILIS Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AbilisBdaTuner.sys -- (AbilisT) DRV:64bit: - [2010/03/04 21:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/12/18 11:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/11/27 05:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2009/11/06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/11/02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009/11/01 17:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009/07/14 01:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/03/17 10:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2006/11/01 17:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3) DRV:64bit: - [2006/11/01 17:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{916F2051-FF46-4C6C-B0CC-5621E68CBCFE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{916F2051-FF46-4C6C-B0CC-5621E68CBCFE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectd [Binary data over 200 bytes] IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\SearchScopes\{72C07153-7FE4-4370-A10E-899B5605130B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 00:13:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/08/29 20:08:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 00:13:38 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/25 22:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\Extensions [2012/11/01 16:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\Firefox\Profiles\9u0eqmus.default\extensions [2012/11/01 16:19:41 | 000,048,118 | ---- | M] () (No name found) -- C:\Users\Vincent\AppData\Roaming\mozilla\firefox\profiles\9u0eqmus.default\extensions\GlassMyFox@ArisT2_Noia4dev.xpi [2012/09/12 22:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/09/07 00:13:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012/09/12 22:52:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/11/03 16:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions [2012/11/03 17:02:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/11/03 16:57:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012/11/03 16:58:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/09/07 00:13:38 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/09/06 22:34:59 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/09/06 22:34:59 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/09/06 22:34:59 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/09/06 22:34:59 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/09/06 22:34:59 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/09/06 22:34:59 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Wetter (Erweiterung) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Grooveshark Germany unlocker = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\ CHR - Extension: Grooveshark Germany unlocker = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig CHR - Extension: Regentropfen(Non-Aero) = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpagcfbbmlebfnkeogkigellbgmfkjfg\1.0.0.2_0\ CHR - Extension: AdBlock = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\ CHR - Extension: Smooth Scrollerator = C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmicgfcegednlkdhgbhgickcgndjeeig\1.1.1_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [BthSyncServ] "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe" File not found O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc) O4:64bit: - HKLM..\Run: [CSRBIP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe (CSR, plc) O4:64bit: - HKLM..\Run: [CSRFTP] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe (CSR, plc) O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc) O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [DeskUpdateNotifier] C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions) O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000..\Run: [ABBYY Screenshot Reader Retail] File not found O4 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000..\Run: [Remote Control Editor] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe (TerraTec Electronic GmbH) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoHotkey.ahk - Verknüpfung.lnk = C:\Users\Vincent\Documents\Library\AutoHotkey.ahk () O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lion.lnk = C:\Program Files (x86)\Lion\Lion.exe () O4 - Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynTPEnh.exe (Synaptics Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1655660024-2649062184-858687661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F44BEA7-67FF-46D6-A274-D71A7952D06B}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F70A030-AB0A-40A3-848F-93F0CB9B9048}: DhcpNameServer = 10.129.32.1 10.111.81.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9B66E02-0BE1-4EBD-AA23-CCB8CBC5B727}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{8ec7cabf-2f68-11e1-83af-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8ec7cabf-2f68-11e1-83af-806e6f6e6963}\Shell\AutoRun\command - "" = F:\tools\shelexec.exe html\index.htm O33 - MountPoints2\{aca35bed-ee1f-11e1-9d8d-e0ca945063e8}\Shell - "" = AutoRun O33 - MountPoints2\{aca35bed-ee1f-11e1-9d8d-e0ca945063e8}\Shell\AutoRun\command - "" = D:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aca35bf4-ee1f-11e1-9d8d-e0ca945063e8}\Shell - "" = AutoRun O33 - MountPoints2\{aca35bf4-ee1f-11e1-9d8d-e0ca945063e8}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/11/05 06:41:48 | 000,000,000 | ---D | C] -- C:\Users\Vincent\Desktop\avg-protokoll [2012/11/05 06:26:28 | 000,000,000 | ---D | C] -- C:\Users\Vincent\AppData\Roaming\AVG2012 [2012/11/04 16:55:07 | 000,000,000 | ---D | C] -- C:\FRST [2012/11/04 15:49:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/11/04 14:09:37 | 000,000,000 | ---D | C] -- C:\Users\Vincent\Desktop\alt [2012/11/03 00:50:18 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\79859503.sys [2012/11/01 23:36:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/11/07 08:04:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/11/07 07:43:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/11/07 07:33:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000UA.job [2012/11/07 07:33:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000Core.job [2012/11/07 07:31:56 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/11/07 07:31:56 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/11/07 07:31:49 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/11/07 07:31:49 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/11/07 07:31:49 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/11/07 07:31:49 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/11/07 07:31:49 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/11/07 07:27:19 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/11/07 07:24:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/11/07 07:24:08 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys [2012/11/03 01:39:57 | 000,013,833 | ---- | M] () -- C:\Users\Vincent\Desktop\fatal.JPG [2012/11/03 00:50:47 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\79859503.sys [2012/11/01 23:38:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vincent\Desktop\OTL.exe [2012/11/01 23:38:07 | 000,000,000 | ---- | M] () -- C:\Users\Vincent\defogger_reenable [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/11/03 01:37:59 | 000,013,833 | ---- | C] () -- C:\Users\Vincent\Desktop\fatal.JPG [2012/11/01 23:38:07 | 000,000,000 | ---- | C] () -- C:\Users\Vincent\defogger_reenable [2012/09/16 19:53:35 | 000,010,045 | ---- | C] () -- C:\Users\Vincent\AppData\Local\recently-used.xbel [2012/05/23 18:28:04 | 006,607,360 | ---- | C] () -- C:\Program Files\LuPO_NRW_SV.exe [2012/03/03 20:13:33 | 000,006,656 | ---- | C] () -- C:\Users\Vincent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/20 00:00:48 | 000,007,606 | ---- | C] () -- C:\Users\Vincent\AppData\Local\Resmon.ResmonCfg [2012/01/07 05:55:32 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011/11/03 09:57:42 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011/11/03 09:57:42 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2011/11/03 09:57:42 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2011/11/03 09:57:42 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2011/11/03 09:57:41 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2011/04/15 06:37:26 | 001,641,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2008/06/23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008/05/23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/03/20 19:52:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\ACD Systems [2012/09/14 21:40:50 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Ashampoo [2012/11/05 06:26:28 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\AVG2012 [2012/02/05 20:07:54 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoft [2012/02/05 20:07:14 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\DVDVideoSoftIEHelpers [2011/12/25 20:22:10 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Fujitsu [2012/07/18 07:35:48 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\gtk-2.0 [2012/01/26 23:06:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\HTC [2012/02/06 23:26:38 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Music Liberator 10.5 Release 1.1 [2012/08/24 19:46:24 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\MyPhoneExplorer [2012/02/20 12:51:46 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Need for Speed World [2012/04/14 15:16:08 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Opera [2012/09/16 18:50:01 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\PanoramaStudio2 [2012/01/22 12:30:19 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Remote PC Server [2012/01/10 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\SoftGrid Client [2012/05/07 09:18:17 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Sony [2012/01/07 07:36:25 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Synaptics [2012/09/11 15:23:33 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Teeworlds [2012/06/24 09:06:20 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TerraTec [2012/01/08 16:36:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Thunderbird [2011/12/25 23:44:51 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\TP [2012/09/10 20:20:11 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Vodafone [2012/01/31 21:42:43 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows Live Writer [2012/02/19 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Windows SideBar [2012/02/07 00:14:53 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\WindSolutions [2012/09/15 12:27:29 | 000,000,000 | ---D | M] -- C:\Users\Vincent\AppData\Roaming\Zoner ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:DBC416F8 < End of report > |
|
07.11.2012, 17:03
| #39 | ||||
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Nein das sieht alles gut aus. Wir machen hier mal Schluss. Wenn du wieder Probleme hast, dann mache bitte ein neues Thema auf. Prima!  Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Hinweis: Solltest du Defogger benutzt haben, kannst du jetzt re-enable drücken. Schritt 1: Systemwiederherstellungspunkte löschen mit OTL Schritt 2: Toolbereinigung mit OTL Schritt 3: AdwCleaner entfernen Schritt 4: ESET deinstallieren (Optional) Abschließend noch Tipps zu folgenden Themen:
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
07.11.2012, 18:32
| #40 |
| | Laptop plötzlich langsam geworden aber er ist doch noch gar nicht wieder normal.. jedenfalls zb firefox hat probleme mit mehreren tabs und videos. |
|
07.11.2012, 18:38
| #41 |
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Was Malware angeht, sehe ich zumindest nichts mehr, was da Probleme machen könnte. Beschreib bitte die Probleme die du noch hast.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
07.11.2012, 19:43
| #42 |
| | Laptop plötzlich langsam geworden Microsoft Office funktioniert nicht (kann nicht gestartet werden). Computer allgemein langsam. Firefox hängt sich ungefähr jede Minute ein mal auf. Z. T. merkwürdige Geräusche bei Musikwiedergabe. |
|
07.11.2012, 19:49
| #43 | ||
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Wir können noch einen Scan machen um auszuschliessen, dass es sich um einen Schädling handelt und dann würde ich dich zu den Kollegen von der Hard- und Software überweisen  Scan mit Combofix
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
07.11.2012, 21:54
| #44 |
| | Laptop plötzlich langsam gewordenCode:
ATTFilter ComboFix 12-11-06.03 - Vincent 07.11.2012 20:28:08.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3893.1858 [GMT 1:00]
ausgeführt von:: c:\users\Vincent\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-07 bis 2012-11-07 ))))))))))))))))))))))))))))))
.
.
2012-11-07 19:47 . 2012-11-07 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-07 19:01 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45FA7450-3BE5-4F5F-B4A8-A3BE3851CE63}\mpengine.dll
2012-11-07 15:49 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-06 16:12 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-06 16:12 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-06 16:12 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-05 05:26 . 2012-11-05 05:26 -------- d-----w- c:\users\Vincent\AppData\Roaming\AVG2012
2012-11-04 15:55 . 2012-11-04 15:55 -------- d-----w- C:\FRST
2012-11-04 14:49 . 2012-11-04 14:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-04 14:47 . 2012-11-04 14:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-03 16:01 . 2012-09-06 21:35 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\msvcr100.dll
2012-11-03 16:01 . 2012-09-06 21:35 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\msvcp100.dll
2012-11-03 16:00 . 2012-11-03 16:02 816608 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\mozsqlite3.dll
2012-11-03 16:00 . 2012-11-03 16:02 2295264 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\mozjs.dll
2012-11-03 16:00 . 2012-11-03 16:02 124384 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\mozglue.dll
2012-11-03 16:00 . 2012-11-03 16:02 15840 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\mozalloc.dll
2012-11-03 16:00 . 2012-11-03 16:02 192600 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\maintenanceservice_installer.exe
2012-11-03 15:59 . 2012-11-03 16:02 115168 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\maintenanceservice.exe
2012-11-03 15:59 . 2012-11-03 16:02 416224 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\libGLESv2.dll
2012-11-03 15:59 . 2012-11-03 16:02 80864 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\libEGL.dll
2012-11-03 15:58 . 2012-11-03 16:02 2560480 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\gkmedias.dll
2012-11-03 15:58 . 2012-11-03 16:02 258528 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\freebl3.dll
2012-11-03 15:58 . 2012-11-03 16:02 917984 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\firefox.exe
2012-11-03 15:55 . 2012-09-06 21:35 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\d3dx9_43.dll
2012-11-03 15:55 . 2012-09-06 21:35 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\D3DCompiler_43.dll
2012-11-03 15:55 . 2012-11-03 16:02 116192 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\crashreporter.exe
2012-11-03 15:55 . 2012-11-03 16:02 261600 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2012-11-03 15:54 . 2012-11-03 16:02 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2012-11-03 15:54 . 2012-11-03 16:02 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2012-11-02 23:50 . 2012-11-02 23:50 208216 ----a-w- c:\windows\system32\drivers\79859503.sys
2012-11-01 14:57 . 2012-10-03 15:10 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{956EE1EA-9CD4-466F-8C1B-59E41AEA4404}\gapaengine.dll
2012-10-14 17:13 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-14 17:13 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-14 17:13 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-14 17:13 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-14 17:13 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-14 17:13 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-04 14:47 . 2012-07-19 21:20 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-11-04 14:47 . 2012-01-22 11:27 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-15 17:03 . 2011-12-26 18:41 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-14 12:24 . 2012-04-19 20:51 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-14 12:24 . 2011-12-25 21:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-03 15:10 . 2012-10-02 22:55 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 11:15 . 2012-09-22 09:08 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 09:08 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 09:09 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 09:09 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 09:09 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 09:09 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 09:09 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 09:08 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 09:09 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 09:08 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 09:08 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 09:08 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 09:09 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 09:09 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 09:09 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 09:09 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 09:08 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 09:09 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 09:09 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 09:09 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 09:09 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 09:09 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 09:21 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 09:21 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 09:21 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 09:21 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 18:58 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-09-15 20:09 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-12-26 00:31 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-12-26 00:31 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-14 17:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-05-23 17:28 . 2012-05-23 17:28 6607360 ----a-w- c:\program files\LuPO_NRW_SV.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Remote Control Editor"="c:\program files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" [2011-11-24 1837568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-08 36712]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-09 47976]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DeskUpdateNotifier"="c:\program files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2012-07-25 101288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AutoHotkey.ahk - Verknüpfung.lnk - c:\users\Vincent\Documents\Library\AutoHotkey.ahk [2012-1-23 1811]
Lion.lnk - c:\program files (x86)\Lion\Lion.exe [2012-1-11 235579]
SynTPEnh.exe [2011-3-31 2735400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AbilisT;EyeTV DTT Deluxe (2009) Service;c:\windows\system32\DRIVERS\AbilisBdaTuner.sys [2010-04-12 131144]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-06-23 330240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-01-03 37480]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-30 1255736]
R4 ABBYY.Licensing.FineReader.ScreenshotReader.9.0;ABBYY.Licensing.FineReader.ScreenshotReader.9.0;c:\program files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [2008-10-16 759072]
R4 EyeTV Netstream;EyeTV Netstream;c:\program files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [2010-09-13 399944]
R4 ScrybeUpdater;Scrybe-Updateprogramm;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R4 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2009-07-30 63336]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-01 2314240]
S2 VFPRadioSupportService;Unterstützung für Bluetooth-Funktionen;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-12-24 145840]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [2006-11-01 7296]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-11-01 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-11-27 244736]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-01-03 37480]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 12:24]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 16:32]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 16:32]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000Core.job
- c:\users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12 06:12]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1655660024-2649062184-858687661-1000UA.job
- c:\users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12 06:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-12 410136]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2009-07-30 188264]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-15 157544]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-15 35176]
"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-12-24 535440]
"CSRSkype"="c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe" [2009-12-24 431504]
"CSRFTP"="c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe" [2009-12-24 463264]
"CSRBIP"="c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRBipPushResponder.exe" [2009-12-24 419752]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\9u0eqmus.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - ExtSQL: 2012-09-12 23:52; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-ABBYY Screenshot Reader Retail - (no file)
Toolbar-Locked - (no file)
HKLM-Run-BthSyncServ - c:\program files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DIB\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.bmp.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ICO\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.ico.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JFIF\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPE\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPEG\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.jpg.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PNG\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.png.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIF\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIFF\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.tif.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WDP\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLive.PhotoGallery.wdp.15.4"
.
[HKEY_USERS\S-1-5-21-1655660024-2649062184-858687661-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-1655660024-2649062184-858687661-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-11-07 21:47:26
ComboFix-quarantined-files.txt 2012-11-07 20:47
.
Vor Suchlauf: 12 Verzeichnis(se), 254.070.628.352 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 254.977.937.408 Bytes frei
.
- - End Of File - - BF147D9A601DB606EB1F624E7A2E127C
|
|
07.11.2012, 22:08
| #45 |
| /// TB-Ausbilder | Laptop plötzlich langsam geworden Nix. Also wir haben jetzt Malwaremässig alles untersucht. Daran liegt es meiner Meinung nicht. Du solltest Combofix jetzt deinstallieren und dann einen Thread in der "Rund um Windows"-Ecke aufmachen, damit man dir dort weiter helfen kann. Combofix deinstallieren
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Laptop plötzlich langsam geworden |
| aktualisieren, brauch, deinstallieren, firefox, funktioniert, gen, hochfahren, hängen, hängt, internetseite, kostenlose, langsam, laptop, minuten, neustart, plötzlich, programme, seite, seiten, total, trojaner?, unbekannte, unterwegs, version, windows, öffnen |
Textbox.
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
