| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rootkit und jede Menge Adware wieder loswerden möglich?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.05.2015, 11:57
| #1 |
 |  Rootkit und jede Menge Adware wieder loswerden möglich? Hallo, nachdem ich so gute Erfahrungen mit euch gemacht habe, bat mich ein Bekannter, seinen PC mal aufzuräumen, weil der so langsam geht. Ich habe daraufhin erstmal Adwarecleaner laufen lassen und dann FRST runter geladen. Dann wollte ich einen Scan mit Malwarebytes Anti-Malware machen, jedoch wurde gemeldet, dass die Suche nach Rootkits abgebrochen wurde, was wiederum durch ein Rootkit verursachte werden könnte. Kann man hier noch was retten, oder muss formatiert/ ein neuer PC gekauft werden. (Dieser PC ist schon sehr alt.) Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by Besitzer (administrator) on IP-B6485F09248F on 30-05-2015 12:38:23
Running from C:\Dokumente und Einstellungen\Besitzer\Desktop
Loaded Profiles: Besitzer (Available Profiles: Besitzer & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVM Berlin) C:\Programme\avmwlanstick\WLanNetService.exe
() C:\WINDOWS\Installer\{E2814842-7E64-1620-06BA-B5C4E6A6BB50}\syshost.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe
(Hewlett-Packard) C:\Programme\HP\HP Software Update\hpwuSchd2.exe
(AVM Berlin) C:\Programme\avmwlanstick\WLanGUI.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP Software Update] => C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM\...\Run: [AVMWlanClient] => C:\Programme\avmwlanstick\wlangui.exe [1904640 2009-05-07] (AVM Berlin)
HKLM\...\Run: [AVG_UI] => C:\Programme\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [fst_de_187] => [X]
HKLM\...\Run: [shopperzXP] => C:\Programme\shopperz\zaeed.bat
HKLM\...\Run: [Avira Systray] => C:\Programme\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-343818398-725345543-682003330-1003\...\Run: [msnmsgr] => "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-343818398-725345543-682003330-1003\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=a908b482886147d2acf8d15679ed3f27-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CM (the data entry has 9 more characters).
HKU\S-1-5-21-343818398-725345543-682003330-1003\...\MountPoints2: {cdab8fe0-f2fc-11e3-8fa9-001f3f09d6d4} - L:\LaunchU3.exe -a
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk [2010-09-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:2077;https=127.0.0.1:2077;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnqghSCBXukdRZRnGWa1g9PXjcPnJy7827ElneFcsRSe_asKuMuGPhSoVCkdTVxHg,,
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnqghSCBXukdRZRnGWa1g9PXjcPnJy7827ElneFcsRSe_asKuMuGPhSoVCkdTVxHg,,
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
HKU\S-1-5-21-343818398-725345543-682003330-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1
URLSearchHook: HKU\S-1-5-21-343818398-725345543-682003330-1003 - Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeY0mxx7RYmg3rDDMqrAr2fYUE-228UmP07UpP9IxvdBUBJ6qFpgpHgroXkU_f0hfAnmdwvm0Z9FRwJb7by5V7Fq9zCyfC9jWN6iYcB3IyYXCf4Vl2QM9uupGUm9wa7unQ,,&q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-343818398-725345543-682003330-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll [2005-09-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\e7uck20w.default-1414927534175
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF SearchPlugin: C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\e7uck20w.default-1414927534175\searchplugins\startpage-https---deutsch.xml [2015-05-25]
FF Extension: Search Application - C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\e7uck20w.default-1414927534175\Extensions\{16cd6b36-d79c-45a4-896c-a98072e32a5e}.xpi [2014-12-24]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010-09-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-04-20]
FF HKU\S-1-5-21-343818398-725345543-682003330-1003\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-15]
CHR Extension: (Bookmark Manager) - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-15]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Locked "1ad93dd3753a1288" service could not be unlocked. <===== ATTENTION
S2 AVGIDSAgent; C:\Programme\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Programme\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Avira.OE.ServiceHost; C:\Programme\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [368640 2009-05-07] (AVM Berlin) [File not signed]
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 syshost32; C:\WINDOWS\Installer\{E2814842-7E64-1620-06BA-B5C4E6A6BB50}\syshost.exe [79872 2014-07-28] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [211224 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [4352 2009-05-07] (AVM Berlin) [File not signed]
R3 FWLANUSB; C:\WINDOWS\System32\DRIVERS\fwlanusb.sys [265088 2009-05-07] (AVM GmbH)
S3 fwlanusbn; C:\WINDOWS\System32\DRIVERS\fwlanusbn.sys [440832 2009-04-23] (AVM GmbH)
R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-25] (HP)
R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-25] (HP)
R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-25] (HP)
U5 1ad93dd3753a1288; C:\Windows\System32\Drivers\1ad93dd3753a1288.sys [35840 2014-07-28] () <===== ATTENTION Necurs Rootkit?
U4 Alerter; No ImagePath
S4 IntelIde; No ImagePath
U4 Messenger; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 12:38 - 2015-05-30 12:38 - 01147392 _____ (Farbar) C:\Dokumente und Einstellungen\Besitzer\Desktop\FRST.exe
2015-05-30 12:38 - 2015-05-30 12:38 - 00015396 _____ () C:\Dokumente und Einstellungen\Besitzer\Desktop\FRST.txt
2015-05-30 12:38 - 2015-05-30 12:38 - 00000000 ____D () C:\FRST
2015-05-30 12:35 - 2015-05-30 12:35 - 02347384 _____ (ESET) C:\Dokumente und Einstellungen\Besitzer\Desktop\esetsmartinstaller_deu.exe
2015-05-30 12:34 - 2015-05-30 12:35 - 21546080 _____ (Malwarebytes Corporation ) C:\Dokumente und Einstellungen\Besitzer\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-30 12:17 - 2015-05-30 12:17 - 00001450 _____ () C:\WINDOWS\COM+.log
2015-05-30 12:01 - 2015-05-30 12:01 - 00043677 _____ () C:\Dokumente und Einstellungen\Besitzer\Desktop\AdwCleaner[S0].txt
2015-05-30 11:54 - 2015-05-30 11:56 - 00000000 ____D () C:\AdwCleaner
2015-05-30 11:53 - 2015-05-30 11:53 - 02222592 _____ () C:\Dokumente und Einstellungen\Besitzer\Desktop\AdwCleaner_4.205.exe
2015-05-29 23:23 - 2015-05-29 23:23 - 00001287 _____ () C:\WINDOWS\setupapi.log
2015-05-29 21:01 - 2015-05-30 12:36 - 00005010 _____ () C:\WINDOWS\WindowsUpdate.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 12:38 - 2010-09-05 15:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temp
2015-05-30 12:35 - 2014-02-15 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
2015-05-30 12:33 - 2014-07-22 11:02 - 00000000 _____ () C:\Dokumente und Einstellungen\Besitzer\Ÿ9Ÿ9
2015-05-30 12:32 - 2014-07-28 11:13 - 00000228 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
2015-05-30 12:32 - 2010-09-05 16:33 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-05-30 12:32 - 2010-09-05 16:33 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-05-30 12:32 - 2010-09-05 15:54 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-30 12:31 - 2010-09-05 16:28 - 00185016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-30 12:17 - 2010-09-05 15:54 - 00032624 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-30 12:17 - 2010-09-05 15:54 - 00000300 ___SH () C:\Dokumente und Einstellungen\Besitzer\ntuser.ini
2015-05-30 12:14 - 2010-09-05 15:42 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
2015-05-30 12:13 - 2010-09-05 16:31 - 01111096 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-30 12:13 - 2010-09-05 15:42 - 00000000 ____D () C:\WINDOWS\Registration
2015-05-30 12:12 - 2010-09-05 17:01 - 00000000 ____D () C:\Programme\Microsoft Office
2015-05-30 12:11 - 2011-03-07 20:50 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-05-30 12:11 - 2010-09-05 16:41 - 00038624 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-05-30 12:09 - 2010-09-05 16:31 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-05-30 12:09 - 2010-09-05 16:31 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared
2015-05-30 12:07 - 2010-09-05 17:01 - 00000000 ____D () C:\Programme\Microsoft.NET
2015-05-30 12:07 - 2010-09-05 15:42 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\System
2015-05-30 12:07 - 2004-08-04 14:00 - 00000496 _____ () C:\WINDOWS\win.ini
2015-05-30 12:05 - 2010-09-05 16:31 - 00000000 ____D () C:\Programme
2015-05-30 12:03 - 2012-04-19 17:29 - 00000000 ____D () C:\Programme\Windows Live
2015-05-30 12:02 - 2014-07-16 18:11 - 00000000 ____D () C:\Programme\Google
2015-05-30 11:56 - 2014-11-02 13:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart
2015-05-30 11:56 - 2014-11-02 13:24 - 00000000 ____D () C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme
2015-05-30 11:54 - 2015-01-22 17:49 - 00000107 _____ () C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\WB.CFG
2015-05-30 11:51 - 2014-11-02 13:36 - 00000000 ____D () C:\Programme\Avira
2015-05-29 23:26 - 2014-12-09 19:43 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-05-29 23:23 - 2014-11-02 13:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
2015-05-29 23:23 - 2014-11-02 13:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2015-05-29 23:21 - 2012-02-24 12:28 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Adobe
2015-05-29 23:21 - 2012-02-24 12:26 - 00000000 ____D () C:\Programme\Adobe
2015-05-29 23:21 - 2012-02-24 12:26 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2015-05-29 22:26 - 2015-04-15 21:45 - 00000000 _____ () C:\Dokumente und Einstellungen\Besitzer\First Run
2015-05-29 22:22 - 2010-09-05 15:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Besitzer
2015-05-29 20:40 - 2004-08-04 14:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-08 15:00 - 2014-07-28 11:13 - 00000222 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
==================== Files in the root of some directories =======
2015-01-22 17:49 - 2015-05-30 11:54 - 0000107 _____ () C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\WB.CFG
2013-10-19 12:24 - 2013-10-19 12:24 - 0000664 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\d3d9caps.tmp
2015-01-22 17:49 - 2015-01-22 17:49 - 0234679 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\dsi1.dat
2015-01-22 17:50 - 2015-01-22 17:50 - 0161916 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\dsi2.dat
2011-11-02 23:55 - 2011-11-02 23:55 - 0000141 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
2013-08-31 12:49 - 2013-08-31 12:49 - 0002250 _____ () C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\recently-used.xbel
Some files in TEMP:
====================
C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temp\hpzmsi01.exe
C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temp\hpzscr01.EXE
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-05-2015
Ran by Besitzer at 2015-05-30 12:39:06
Running from C:\Dokumente und Einstellungen\Besitzer\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-343818398-725345543-682003330-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator
ASPNET (S-1-5-21-343818398-725345543-682003330-1004 - Limited - Enabled)
Besitzer (S-1-5-21-343818398-725345543-682003330-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Besitzer
Gast (S-1-5-21-343818398-725345543-682003330-501 - Limited - Enabled)
Hilfeassistent (S-1-5-21-343818398-725345543-682003330-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-343818398-725345543-682003330-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG update module (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 2.1.4 - Hewlett-Packard) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin)
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
C4400 (Version: 110.0.201.000 - Ihr Firmenname) Hidden
C4400_Help (Version: 110.0.201.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
Copy (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{86732AE7-CB91-4f15-B091-FBA3D3926CD6}) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HP Update (HKLM\...\{D063F201-FAC4-4D5C-B10B-615058ADE5A7}) (Version: 4.000.009.002 - Hewlett-Packard)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PanoStandAlone (Version: 110.0.180.000 - Hewlett-Packard) Hidden
PS_AIO_03_C4400_ProductContext (Version: 110.0.201.000 - Hewlett-Packard) Hidden
PS_AIO_03_C4400_Software (Version: 110.0.201.000 - Hewlett-Packard) Hidden
PS_AIO_03_C4400_Software_Min (Version: 110.0.201.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Sicherheitsupdate für Windows Media Player (KB2803821-v2) (HKLM\...\KB2803821-v2_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2964358) (HKLM\...\KB2964358) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982381) (HKLM\...\KB982381) (Version: 1 - Microsoft Corporation)
SmartWebPrinting (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB960763) (HKLM\...\KB960763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.13 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.99 (the data entry has 19 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.69 (the data entry has 19 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.3 (the data entry has 22 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79 (the data entry has 19 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.14 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.12 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.15 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.14 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.16 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.11 (the data entry has 20 more characters).
CustomCLSID: HKU\S-1-5-21-343818398-725345543-682003330-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.11 (the data entry has 20 more characters).
==================== Restore Points =========================
27-02-2015 13:24:02 Systemprüfpunkt
02-03-2015 12:39:31 Systemprüfpunkt
04-03-2015 13:57:45 Systemprüfpunkt
06-03-2015 13:23:27 Systemprüfpunkt
16-03-2015 16:32:04 Systemprüfpunkt
18-03-2015 13:41:57 Systemprüfpunkt
19-03-2015 13:48:10 Systemprüfpunkt
29-03-2015 18:48:52 Systemprüfpunkt
30-03-2015 19:10:47 Systemprüfpunkt
01-04-2015 16:45:42 Systemprüfpunkt
02-04-2015 17:46:49 Systemprüfpunkt
04-04-2015 19:37:59 Systemprüfpunkt
06-04-2015 12:53:10 Systemprüfpunkt
10-04-2015 12:31:59 Systemprüfpunkt
11-04-2015 18:41:25 Systemprüfpunkt
14-04-2015 13:12:32 Systemprüfpunkt
15-04-2015 13:37:14 Systemprüfpunkt
20-04-2015 11:05:49 Systemprüfpunkt
21-04-2015 11:24:29 Systemprüfpunkt
23-04-2015 13:14:20 Systemprüfpunkt
25-04-2015 12:22:06 Systemprüfpunkt
26-04-2015 12:26:14 Systemprüfpunkt
27-04-2015 13:36:56 Systemprüfpunkt
28-04-2015 14:15:51 Systemprüfpunkt
29-04-2015 16:41:23 Systemprüfpunkt
30-04-2015 19:13:06 Systemprüfpunkt
01-05-2015 19:51:59 Systemprüfpunkt
06-05-2015 16:21:51 Systemprüfpunkt
07-05-2015 18:18:54 Systemprüfpunkt
08-05-2015 18:54:39 Systemprüfpunkt
14-05-2015 13:33:26 Systemprüfpunkt
15-05-2015 14:13:34 Systemprüfpunkt
16-05-2015 18:59:32 Systemprüfpunkt
22-05-2015 13:08:07 Systemprüfpunkt
24-05-2015 16:25:34 Systemprüfpunkt
27-05-2015 12:09:10 Systemprüfpunkt
29-05-2015 22:48:20 Systemprüfpunkt
29-05-2015 23:21:32 Removed Adobe Reader XI (11.0.08) - Deutsch.
29-05-2015 23:25:57 Java(TM) 6 Update 22 wird entfernt
29-05-2015 23:26:52 J2SE Runtime Environment 5.0 wird entfernt
30-05-2015 12:03:44 Supprimé Windows Live FolderShare
30-05-2015 12:04:16 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
30-05-2015 12:05:52 Supprimé Microsoft Office Outlook Connector
30-05-2015 12:07:22 Microsoft Office Standard Edition 2003 wird entfernt
30-05-2015 12:09:03 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
30-05-2015 12:09:39 Microsoft Office Live Add-in 1.5 wird entfernt
30-05-2015 12:10:04 Microsoft Office Konvertierbare Testversion wird entfernt
30-05-2015 12:12:07 Microsoft Office File Validation Add-In wird entfernt
30-05-2015 12:13:04 Removed Microsoft .NET Framework 1.1
30-05-2015 12:13:59 Microsoft .NET Framework 1.1 German Language Pack wird entfernt
30-05-2015 12:15:28 Removed MSXML 4.0 SP2 (KB973688)
30-05-2015 12:16:40 Removed Visual Studio 2012 x86 Redistributables
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 14:00 - 2004-08-04 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:373E1720
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C5831B98
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-343818398-725345543-682003330-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe] => Enabled:hpqpsapp.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe] => Enabled:hpqcopy2.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqpse.exe] => Enabled:hpqpse.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe] => Enabled:hpqsudi.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
DomainProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqpsapp.exe] => Enabled:hpqpsapp.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqcopy2.exe] => Enabled:hpqcopy2.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqpse.exe] => Enabled:hpqpse.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqsudi.exe] => Enabled:hpqsudi.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
StandardProfile\AuthorizedApplications: [C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Assistent zum Übertragen von Dateien und Einstellungen
StandardProfile\AuthorizedApplications: [C:\Programme\Iminent\Iminent.exe] => Enabled:Iminent Firewall Rule
StandardProfile\AuthorizedApplications: [C:\Programme\Iminent\Iminent.Messengers.exe] => Enabled:Iminent.Messengers Firewall Rule
StandardProfile\AuthorizedApplications: [C:\Programme\AVG\AVG2014\avgmfapx.exe] => Enabled:AVG-Installationsprogramm
StandardProfile\AuthorizedApplications: [C:\Programme\speed browser\Application\browser.exe] => Enabled:speed browser
StandardProfile\AuthorizedApplications: [C:\Programme\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Programme\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22002
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Coprozessor
Description: Coprozessor
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Audio Device on High Definition Audio Bus
Description: Audio Device on High Definition Audio Bus
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Videocontroller (VGA-kompatibel)
Description: Videocontroller (VGA-kompatibel)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Videocontroller
Description: Videocontroller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2015 00:36:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avgmfapx.exe, Version 14.0.0.4569, fehlgeschlagenes Modul avgmfapx.exe, Version 14.0.0.4569, Fehleradresse 0x003d7b5e.
Das medienspezifische Ereignis für [avgmfapx.exe!ws!] wird verarbeitet.
Error: (05/30/2015 00:15:01 PM) (Source: MsiInstaller) (EventID: 1013) (User: IP-B6485F09248F)
Description: Produkt: Microsoft .NET Framework 3.0 Service Pack 2 -- Microsoft .NET Framework 3.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see hxxp://go.microsoft.com/fwlink/?LinkId=91126.
Error: (05/30/2015 00:14:42 PM) (Source: MsiInstaller) (EventID: 1013) (User: IP-B6485F09248F)
Description: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see hxxp://go.microsoft.com/fwlink/?LinkId=91126.
Error: (05/30/2015 00:05:22 PM) (Source: MsiInstaller) (EventID: 11706) (User: IP-B6485F09248F)
Description: Produkt: Microsoft Works -- Fehler 1706.Für das Produkt Microsoft Works wurde kein gültiger Quellcode gefunden. Windows Installer kann nicht fortfahren.
Error: (05/30/2015 00:02:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avgmfapx.exe, Version 14.0.0.4569, fehlgeschlagenes Modul avgmfapx.exe, Version 14.0.0.4569, Fehleradresse 0x003d7b5e.
Das medienspezifische Ereignis für [avgmfapx.exe!ws!] wird verarbeitet.
Error: (05/30/2015 00:02:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avgdiagex.exe, Version 14.0.0.4569, fehlgeschlagenes Modul avgduix.dll, Version 14.0.0.4563, Fehleradresse 0x000613f0.
Das medienspezifische Ereignis für [avgdiagex.exe!ws!] wird verarbeitet.
Error: (05/29/2015 11:28:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung Au_.exe, Version 0.0.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (05/29/2015 11:27:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung uninstall.exe, Version 0.0.0.0, fehlgeschlagenes Modul uninstall.exe, Version 0.0.0.0, Fehleradresse 0x00042bfe.
Das medienspezifische Ereignis für [uninstall.exe!ws!] wird verarbeitet.
Error: (05/29/2015 11:25:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung _iu14D2N.tmp, Version 51.52.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (05/29/2015 11:22:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung avgmfapx.exe, Version 14.0.0.4569, fehlgeschlagenes Modul avgmfapx.exe, Version 14.0.0.4569, Fehleradresse 0x003d7b5e.
Das medienspezifische Ereignis für [avgmfapx.exe!ws!] wird verarbeitet.
System errors:
=============
Error: (05/30/2015 00:33:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Avgmfx86
Error: (05/30/2015 00:33:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß gestartet.
Error: (05/30/2015 00:32:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:
%%1747
Error: (05/30/2015 00:32:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/30/2015 00:32:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst AVG WatchDog.
Error: (05/30/2015 00:32:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/30/2015 00:32:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst AVGIDSAgent.
Error: (05/30/2015 00:16:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (05/30/2015 00:16:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error: (05/30/2015 00:16:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office:
=========================
Error: (05/30/2015 00:36:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgmfapx.exe14.0.0.4569avgmfapx.exe14.0.0.4569003d7b5e
Error: (05/30/2015 00:15:01 PM) (Source: MsiInstaller) (EventID: 1013) (User: IP-B6485F09248F)
Description: Produkt: Microsoft .NET Framework 3.0 Service Pack 2 -- Microsoft .NET Framework 3.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see hxxp://go.microsoft.com/fwlink/?LinkId=91126.(NULL)(NULL)(NULL)
Error: (05/30/2015 00:14:42 PM) (Source: MsiInstaller) (EventID: 1013) (User: IP-B6485F09248F)
Description: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Microsoft .NET Framework 2.0 Service Pack 2 cannot be uninstalled because it will affect other applications that are installed. For more information, see hxxp://go.microsoft.com/fwlink/?LinkId=91126.(NULL)(NULL)(NULL)
Error: (05/30/2015 00:05:22 PM) (Source: MsiInstaller) (EventID: 11706) (User: IP-B6485F09248F)
Description: Produkt: Microsoft Works -- Fehler 1706.Für das Produkt Microsoft Works wurde kein gültiger Quellcode gefunden. Windows Installer kann nicht fortfahren.(NULL)(NULL)(NULL)
Error: (05/30/2015 00:02:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgmfapx.exe14.0.0.4569avgmfapx.exe14.0.0.4569003d7b5e
Error: (05/30/2015 00:02:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgdiagex.exe14.0.0.4569avgduix.dll14.0.0.4563000613f0
Error: (05/29/2015 11:28:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Au_.exe0.0.0.0hungapp0.0.0.000000000
Error: (05/29/2015 11:27:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uninstall.exe0.0.0.0uninstall.exe0.0.0.000042bfe
Error: (05/29/2015 11:25:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: _iu14D2N.tmp51.52.0.0hungapp0.0.0.000000000
Error: (05/29/2015 11:22:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgmfapx.exe14.0.0.4569avgmfapx.exe14.0.0.4569003d7b5e
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Percentage of memory in use: 30%
Total physical RAM: 1023.23 MB
Available physical RAM: 713.36 MB
Total Pagefile: 2460.11 MB
Available Pagefile: 2111.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.5 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:78.13 GB) (Free:62.34 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive e: () (Fixed) (Total:149.04 GB) (Free:109.8 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 56EA5D42)
Partition 1: (Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=70.9 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: FAC82514)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of log ============================
Code:
ATTFilter # AdwCleaner v4.205 - Logfile created 30/05/2015 at 11:56:11
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Besitzer - IP-B6485F09248F
# Running from : C:\Dokumente und Einstellungen\Besitzer\Desktop\AdwCleaner_4.205.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : cherimoya
[#] Service Deleted : csrcc
[#] Service Deleted : LPTSystemUpdater
[#] Service Deleted : shopperz Updater
[#] Service Deleted : Wajam Internet Enhancer Service
[#] Service Deleted : 70F4EEDB-1367-4b4f-8247-3133551A7415
***** [ Files / Folders ] *****
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Browser
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Iminent
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Registry Helper
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Systweak
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Iminent
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Wajam
Folder Deleted : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\speed browser
Folder Deleted : C:\Programme\Easy Speed Check
Folder Deleted : C:\Programme\Flowsurf
Folder Deleted : C:\Programme\Freesofttoday
Folder Deleted : C:\Programme\globalUpdate
Folder Deleted : C:\Programme\Groovorio
Folder Deleted : C:\Programme\LPT
Folder Deleted : C:\Programme\predm
Folder Deleted : C:\Programme\Probit Software
Folder Deleted : C:\Programme\Wajam
Folder Deleted : C:\Programme\speed browser
Folder Deleted : C:\Programme\shopperz
Folder Deleted : C:\Programme\rec_de_1
Folder Deleted : C:\Programme\Gemeinsame Dateien\Umbrella
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\globalUpdate
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\LPT
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\SearchProtect
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Smartbar
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\StormWatch
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Weather_Protector_LLC
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\speed browser
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\fst_de_100
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\fst_de_189
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\fst_de_190
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\rec_de_1
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Babylon
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Groovorio
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\HPAppData
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\InetStat
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Probit Software
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Systweak
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Tlapia
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\InetStat
Folder Deleted : C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\StormWatch
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
File Deleted : C:\END
File Deleted : C:\Dokumente und Einstellungen\All Users\Desktop\speed browser.lnk
File Deleted : C:\WINDOWS\system32\RegistryHelperLM.ocx
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\WINDOWS\system32\drivers\cherimoya.sys
File Deleted : C:\WINDOWS\system32\drivers\1ad93dd3753a1288.sys
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\StormWatch.lnk
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\StormWatchApp.lnk
File Deleted : C:\Programme\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\e7uck20w.default-1414927534175\searchplugins\Groovorio.xml
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\wIXKh0ha.default\searchplugins\Groovorio.xml
File Deleted : C:\Programme\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Deleted : C:\Programme\Mozilla Firefox\browser\searchplugins\webssearches.xml
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\e7uck20w.default-1414927534175\user.js
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Firefox\Profiles\wIXKh0ha.default\user.js
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\bprotector web data
***** [ Scheduled tasks ] *****
Task Deleted : RegClean Pro_DEFAULT
Task Deleted : RegClean Pro_UPDATES
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [jid1-tofUlNEIFlkUIA@jetpack]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{5081D2D4-1637-404c-B74F-50526718257D}]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Key Deleted : HKCU\Software\Classes\Applications\inetstat.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [shopperz]
Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep
Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_de_100]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_de_189]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [fst_de_190]
Key Deleted : HKCU\Software\aedcdeb634e547
Key Deleted : HKLM\SOFTWARE\aedcdeb634e547
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CF50C82-4C4B-43E9-B1B2-15CB1BD0C193}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8018C54-B702-4D52-9ACC-8CA78911E633}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C6A846C5-D67F-48B4-8552-C22354E56966}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C321541F-B22D-4593-AC1A-9634812A4E40}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\FlowSurf
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Groovorio
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InetStat
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Easy Speed Check
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\shopperz
Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Umbrella
Key Deleted : HKLM\SOFTWARE\Wajam
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\SpeedBrowser
Key Deleted : HKLM\SOFTWARE\shopperz
Key Deleted : HKU\.DEFAULT\Software\shopperz
Key Deleted : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\InetStat
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\StormWatch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Groovorio
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speed browser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5081D2D4-1637-404c-B74F-50526718257D}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16F8A832-DD84-4271-8B76-ACADE6DB3968}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rec_de_1_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InetStat
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StormWatch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Groovorio
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\speed browser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5081D2D4-1637-404c-B74F-50526718257D}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:2077;hxxps=127.0.0.1:2077;
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:2077;hxxps=127.0.0.1:2077;
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
***** [ Web browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v38.0.1 (x86 de)
[wIXKh0ha.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Groovorio");
[wIXKh0ha.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://groovorio.com/?f=1&a=grv_tuto8_14_34&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDzy0DyC0DyEtBzzzyyCtN0D0Tzu0StCtDyDzztN1L2XzutAtFyCtFtCtFtDtN1L1Czu1N1C2X1V2Z2Y2Z1Fzz[...]
-\\ Google Chrome v43.0.2357.81
*************************
AdwCleaner[R0].txt - [46160 bytes] - [30/05/2015 11:54:48]
AdwCleaner[S0].txt - [43536 bytes] - [30/05/2015 11:56:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [43596 bytes] ##########
|
|
30.05.2015, 12:08
| #2 |
| /// the machine /// TB-Ausbilder    | Rootkit und jede Menge Adware wieder loswerden möglich? hi,
__________________Dein BEkannter sollte formatieren und auf ein sicheres OS wechseln. XP ist tot. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.05.2015, 12:19
| #3 |
| | Rootkit und jede Menge Adware wieder loswerden möglich? Super wie schnell man hier Rat bekommt.
__________________ Dann werde ich das so weitergeben und gleich mal nach einem neuen Betriebssystem schauen. |
|
31.05.2015, 05:39
| #4 |
| /// the machine /// TB-Ausbilder | Rootkit und jede Menge Adware wieder loswerden möglich? ok  . Falls er doch lieber bereinigen will dann die beiden Tools von Oben laufen lassen und Logs hier posten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2015, 06:34
| #5 |
| | Rootkit und jede Menge Adware wieder loswerden möglich? Danke für das Angebot. Ich werde heute probieren Ubuntu zu installieren und so XP und den Virus loszuwerden. Mal schauen ob das klappt. |
|
31.05.2015, 14:37
| #6 |
| /// the machine /// TB-Ausbilder | Rootkit und jede Menge Adware wieder loswerden möglich? ok
__________________ --> Rootkit und jede Menge Adware wieder loswerden möglich? |
|
| Themen zu Rootkit und jede Menge Adware wieder loswerden möglich? |
| adware, avg, avira, besitzer, browser, einstellungen, help, home, iexplore.exe, install.exe, langsam, logfile, loswerden, mozilla, registry, rootkit, scan, security, services.exe, software, stick, svchost.exe, system, udp, usb, windows, windows xp |
Linear-Darstellung
