| |
| |||||||
Log-Analyse und Auswertung: e.ligatus.com VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.03.2013, 14:53
| #1 | ||
| |  e.ligatus.com Virus Hallo zusammen, Ich habe seit gestern Abend ein Problem. Mein Browser (Google Chrome) öffnete sich aufeinmal, und man sah ein weißes Fenster, sonst nix. Die URL dieses Fensters war hxxp://e. ligatus. com/LigatusFallback.gif?ids=34088 (Leerzeichen wurden absichtlich von mir eingebaut). Erst dachte ich mir nichts bei, und klickte die Seite weg. Doch als sich das Fenster nach ca. 5 Minuten wieder öffnete wurde ich skeptisch und fing an im Internet zu recherchieren. Dabei fand ich her raus, dass es sich um einen Virus handeln musste. Zuerst habe ich gestern Abend noch die http://www.trojaner-board.de/51187-a...i-malware.html durchgearbeitet, und bin erst danach auf das Theme http://www.trojaner-board.de/69886-a...-beachten.html gestoßen. Dann habe ich heute Morgen auch diese ganzen Punkte durchgearbeitet. Hier meine Berichte und Logfiles: Malwarebytes Anti-Malware .txt Zitat:
OTL.txt Zitat:
Da mein Text zu lang wird und ich ihn nicht posten kann, werde ich die EXTRAS.txt und die Gmer.txt als Kommentar unter dieses Thema posten PS: ich habe schon seit längerem kein Virenschutz-Programm mehr, und von daher kann es sein das mehrere Viren gefunden wurden sind  , aber am wichtigsten ist mir jez erstmal, dass ich den e.ligatus.com Virus weg bekomme.Es wäre sehr nett wenn mir jemand helfen kann  MfG Dustin |
|
28.03.2013, 14:54
| #2 |
| | e.ligatus.com Virus Extras.txt
__________________OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.03.2013 12:46:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dustin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,39 Gb Available Physical Memory | 80,05% Memory free
15,96 Gb Paging File | 14,26 Gb Available in Paging File | 89,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,71 Gb Total Space | 361,59 Gb Free Space | 79,35% Space Free | Partition Type: NTFS
Drive D: | 455,71 Gb Total Space | 443,01 Gb Free Space | 97,21% Space Free | Partition Type: NTFS
Computer Name: DUSTIN-PC | User Name: Dustin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A9E4397-503E-4C6F-86E9-D304D4E4B174}" = lport=137 | protocol=17 | dir=in | app=system |
"{2FD75CF6-F066-4C77-8CEE-BDC0A580A6EA}" = lport=139 | protocol=6 | dir=in | app=system |
"{3BA1758A-C2E5-40D1-B5E0-06821BD6A57E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{41ADD911-F6AB-49B3-9C47-710130A3EF02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45996E59-3BAA-4A1C-8C37-95ABE9311770}" = lport=138 | protocol=17 | dir=in | app=system |
"{56804A92-40E3-4365-BD5A-E4B68C717D12}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5AE064A5-7678-48F8-829D-A7F1F06112C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B8EEB41-00EE-4BB4-8899-D4E81F4215F1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F7DC9B9-0C41-4FFD-8921-A12A7DB54092}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79E14610-C698-49D5-9DB7-759D32806469}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7FC1F8A3-11E2-4F7D-A84A-D44132D50D5F}" = rport=445 | protocol=6 | dir=out | app=system |
"{A06456B7-E9DE-486A-B2CC-155CABE9B26A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0927106-22BE-46E5-AF53-490BD9598724}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B95E4B9E-BE35-4F24-8524-C826DF8FB526}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B9F9B0C7-16BA-4EF0-B1CA-B76C83A0BF22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC6173F3-9BE8-4994-B66A-082751886F8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{BD7FBC78-B495-425E-80D2-9A6F0D7B4405}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C9016E3E-3B53-4FB7-A838-168812ECE1EE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CCFA3459-B2D9-4D48-8B33-69B29C308FB9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4157E30-8E46-4B4E-8D22-4EE73816B75C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D644B194-5F4A-4A07-BF93-BB360EBF0685}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6649FE8-32DA-4F01-9FA2-16C3F248FA56}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F7567774-EB23-4F6C-B446-5415CA1F5127}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04F59D97-48A9-41D4-B649-C934A2803815}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{06616CD8-46FC-4708-9CA8-CD3CD383B521}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{14637718-16E7-49FC-9421-89501AD43A27}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{170FA36F-D234-4A72-941E-53FCAB7A68C9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1ADE6460-7E64-4355-B5C5-95E14280DCE5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1C5F2AF7-3D99-45BE-A10F-88A19EA4702F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"{2083BE30-8B16-4801-AE64-5C7FDE0FA68D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{229C517D-5E4C-4781-91E9-36EFDD539A16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{28B9FD8A-A0FB-4BFE-889E-D7003F378B5E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2EB7C235-B88C-45C5-B1EF-104728E543C6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{33712B84-F4F5-4957-B7E1-9C29B101CDFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B2A3509-B72E-4E8D-AB54-3B886EBDB89D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{3F13D29B-BC43-473D-8D04-522C2E644546}" = protocol=6 | dir=out | app=system |
"{4154FFD6-D43E-44FB-854C-E9EDFD4AC84F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45E7A96E-63B2-4C1E-B743-D1B227B90B12}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe |
"{49C53428-5342-45A8-85EF-DC6B46B07519}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FD6002F-6068-443A-BBF6-2DF293F4E9F0}" = protocol=17 | dir=in | app=c:\program files (x86)\mail.ru\sputnik\sputnikhelper.exe |
"{64567C5C-066E-4763-9791-064576D95378}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{68963B4C-F0A0-468B-99F3-A00BC197B5B6}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{68D9F0FD-6E02-4D3F-8C3A-D21B7FCBDD6E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6B2CE08E-FBE6-494C-B359-6D9D56848472}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{72BB5A38-5963-44BC-8F41-834553003BFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{818E79F6-48DC-42F2-8FCC-3EF6AB24ED9D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81CF3A9A-C743-46CB-A062-96D4E6124A7F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{82919B58-0926-47B4-9640-15B223FD11E4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"{82CB1632-1CC0-4DA3-90B3-9C10C27325B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9CD59CA4-73B3-4E4B-ACAF-7CBE483A5717}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9CD62702-3337-4AFF-B8E5-F57A63CA0D59}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{9DDC53BC-57E5-4C9E-A789-AF6710AEBEBD}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{9EB26C07-671F-4134-BA2B-A84BD137AC90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A30DC7AA-A800-4F18-9E84-8E866F0D4FDE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A3BCD113-3FE5-41CC-A90F-184E4075F573}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AD032EC8-59D5-45C7-996F-48EA392ABFE9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{AFBBB655-2326-455F-A16E-F63CB7106B92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B27AB2B9-E50D-40B6-919B-26B1A456FAC6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B4F5240D-FE4F-444D-A6BF-129D29AD9AB1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C49B68E4-D837-4DD8-97BB-7EF19908F1C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C60797FF-7D81-4717-8AB7-88F02F9D9F20}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CC6CDB2B-F111-46CA-A081-27D80AAEF7B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D05082C0-C946-43B4-A596-89008C3BA6FA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D8DD6C43-992F-4CF5-9E68-99F358A056F7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DAAAEFD8-87B4-4136-AD53-E3CEF2760A34}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E40F2C85-99B8-401B-8858-1C466AA3865D}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold legends\strongholdlegends.exe |
"{E4D3F61C-3C9B-46E5-9B17-BFBAE15CF15A}" = protocol=17 | dir=in | app=c:\program files (x86)\mail.ru\sputnik\sputnikflashplayer.exe |
"{E869FA4A-2124-4744-A8D6-C2E1CC012D2C}" = protocol=6 | dir=in | app=c:\program files (x86)\mail.ru\sputnik\sputnikflashplayer.exe |
"{ECDA5ED1-4F68-41D4-A049-BF49A99AC753}" = protocol=6 | dir=in | app=c:\program files (x86)\mail.ru\sputnik\sputnikhelper.exe |
"{EF125F36-9B05-46E0-9A04-83480EF0BE8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F872D03D-73E9-4DA0-990E-B2743346CF65}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FCB1A0FD-395C-4C14-92A6-700313F2FE3C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0A986464-E09F-4B2E-B744-CA19005BB047}D:\game\moorhuhn_kart3.exe" = protocol=6 | dir=in | app=d:\game\moorhuhn_kart3.exe |
"TCP Query User{1464CF46-ABCA-4E2B-BC1F-7AF07C3D0FA8}D:\empire earth i\empire earth.exe" = protocol=6 | dir=in | app=d:\empire earth i\empire earth.exe |
"TCP Query User{14DBC2DA-120F-46B7-9F73-428899AC5721}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{47712C1B-CC7B-4B1F-9087-CE197D75FB18}D:\meteor blade\meteor.exe" = protocol=6 | dir=in | app=d:\meteor blade\meteor.exe |
"TCP Query User{F0F03C15-3DB7-4B21-BF99-9D911EBBA14A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FE574CB5-899A-4C12-B16F-6329AE17A203}D:\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=6 | dir=in | app=d:\die siedler ii - die nächste generation\bin\s2dng.exe |
"TCP Query User{FFD8AF45-F881-4838-AED4-E00435883130}C:\program files (x86)\virtualdj\virtualdj_home.exe" = protocol=6 | dir=in | app=c:\program files (x86)\virtualdj\virtualdj_home.exe |
"UDP Query User{372B1AA3-137E-41C8-AAA4-941DA7103CB1}D:\die siedler ii - die nächste generation\bin\s2dng.exe" = protocol=17 | dir=in | app=d:\die siedler ii - die nächste generation\bin\s2dng.exe |
"UDP Query User{402D94FB-7159-4A1D-AB9C-EB4E2D02EB4E}D:\empire earth i\empire earth.exe" = protocol=17 | dir=in | app=d:\empire earth i\empire earth.exe |
"UDP Query User{58E63181-B1F3-4979-A76E-0D81A74CC11D}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{6391CD5B-A782-4737-8E31-AAA10F866E7F}D:\meteor blade\meteor.exe" = protocol=17 | dir=in | app=d:\meteor blade\meteor.exe |
"UDP Query User{719CDD51-AD55-4714-B5FC-FB8966DFAFFB}D:\game\moorhuhn_kart3.exe" = protocol=17 | dir=in | app=d:\game\moorhuhn_kart3.exe |
"UDP Query User{A1AB1961-3117-4C89-8122-78D3343491EE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CD9AF469-7644-4035-9EA6-5FD7318D814B}C:\program files (x86)\virtualdj\virtualdj_home.exe" = protocol=17 | dir=in | app=c:\program files (x86)\virtualdj\virtualdj_home.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SearchAnonymizer" = SearchAnonymizer
"WinRAR archiver" = WinRAR 4.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = Der Hobbit
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}" = ICQ Sparberater
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46376BAF-996E-410E-82B2-5D9E61820E6D}" = Moorhuhn Kart 3
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{68AFA3A7-9265-4ABD-994A-ACA413E3715C}" = Nero Multimedia Suite 10 Essentials
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1" = Photo Frame
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.2.0.9
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B515962D-C979-44AC-9912-F7BB499B4B2C}" = VirtualDJ Home FREE
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C28D96C0-6A90-459E-A077-A6706F4EC0FC}" = Bing Bar
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D3E5A972-9A15-427D-AE78-8181A5FD943C}" = eBay Worldwide
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{ED1390DC-6910-4C77-97E2-579CAFE82F5B}" = Moorhuhn 4 Teile
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam AC-140
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Audacity_is1" = Audacity 2.0.2
"AutocompletePro3_is1" = AutocompletePro
"AVMWLANCLI" = AVM FRITZ!WLAN
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"ClipGrab Toolbar" = ClipGrab Toolbar
"EADM" = EA Download Manager
"FormatFactory" = FormatFactory 2.95
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.Mail.ru
"Hotkey Utility" = Hotkey Utility
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"iLivid" = iLivid
"InstallShield_{023FFB0A-C5DB-4930-B3E4-D48266C21738}" = DER HOBBIT
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"LogMeIn Hamachi" = LogMeIn Hamachi
"MailRuSputnik" = Mail.Ru Спутник 2.4.0.491
"McAfee Security Scan" = McAfee Security Scan Plus
"Medieval Conquest" = Medieval Conquest
"Meteor Blade" = Meteor Blade
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"PhotoScape" = PhotoScape
"PremElem90" = Adobe Premiere Elements 9
"RealPlayer 15.0" = RealPlayer
"S2TNG" = Die Siedler II - Die nächste Generation
"softonic" = Softonic toolbar on IE and Chrome
"Steam App 47400" = Stronghold 3
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinLiveSuite" = Windows Live Essentials
"WTA-09a198d5-328a-4ed0-91b0-0e0ff2a34c27" = Polar Bowler
"WTA-274a42d8-98a2-49e9-8030-e220daca6da0" = Penguins!
"WTA-2b14cb60-80ac-46c2-9d41-5da78bc20d5b" = Torchlight
"WTA-45af1ceb-3f6a-4fbf-8035-aaf680839c9e" = Plants vs. Zombies - Game of the Year
"WTA-581a02c1-6adc-473d-bd8f-bb6fcb7af7c9" = John Deere Drive Green
"WTA-5faa1114-8510-43af-a137-56072c0c440b" = Wedding Dash
"WTA-66403b39-5fa5-479d-9bd9-7f25d74d8ab5" = Mystery of Mortlake Mansion
"WTA-78c465a6-1055-4054-82ae-e5a9206974c8" = Agatha Christie - Death on the Nile
"WTA-7c4704b7-f630-4bfc-a307-dbd36cc6eb71" = Insaniquarium Deluxe
"WTA-a2b181be-6202-4b97-be04-a16ddeb47c90" = FATE
"WTA-a307f8df-ae62-4a10-ae50-1284458532c0" = Slingo Deluxe
"WTA-ad16d1aa-582b-4671-a5b2-5a44f2806c7c" = Jewel Match 3
"WTA-b5ef0e51-6dbc-47e7-92d3-b8c5b6afc94b" = Zuma Deluxe
"WTA-c377d848-7090-4e99-b365-5acda43dd113" = Virtual Villagers 4 - The Tree of Life
"WTA-ea541ed7-2634-4406-bc1d-20932acbd338" = Bejeweled 2 Deluxe
"WTA-f8bd1a89-c808-47f7-81ca-b2500df80624" = Final Drive: Nitro
"WTA-fab7622c-321f-42f2-ab82-7f6a11a02726" = Crazy Chicken Kart 2
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.10.2012 10:27:20 | Computer Name = Dustin-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 12:20:06 | Computer Name = Dustin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GuardMailRu.exe, Version: 1.0.0.453,
Zeitstempel: 0x508a9fe1 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x70612c74 ID des fehlerhaften
Prozesses: 0x754 Startzeit der fehlerhaften Anwendung: 0x01cdb6ba6348cdd9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: aa0a4d38-22ad-11e2-9205-e069958d3f47
Error - 30.10.2012 12:21:28 | Computer Name = Dustin-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 12:42:14 | Computer Name = Dustin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: S2DNG.exe, Version: 0.0.0.0, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00007277 ID des fehlerhaften Prozesses:
0x610 Startzeit der fehlerhaften Anwendung: 0x01cdb6bd7eacbdf2 Pfad der fehlerhaften
Anwendung: D:\Die Siedler II - Die nächste Generation\bin\S2DNG.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: c197d0ed-22b0-11e2-9205-e069958d3f47
Error - 30.10.2012 14:01:36 | Computer Name = Dustin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WlanNetService.exe, Version: 1.1.0.26,
Zeitstempel: 0x4cbea834 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003331f ID des fehlerhaften
Prozesses: 0x7d0 Startzeit der fehlerhaften Anwendung: 0x01cdb6ba6293e544 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\avmwlanstick\WlanNetService.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: d7f3e573-22bb-11e2-9205-e069958d3f47
Error - 30.10.2012 14:01:46 | Computer Name = Dustin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 30.10.2012 14:01:46 | Computer Name = Dustin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9984
Error - 30.10.2012 14:01:46 | Computer Name = Dustin-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9984
Error - 31.10.2012 09:25:48 | Computer Name = Dustin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GuardMailRu.exe, Version: 1.0.0.453,
Zeitstempel: 0x508a9fe1 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x70612c74 ID des fehlerhaften
Prozesses: 0x7a0 Startzeit der fehlerhaften Anwendung: 0x01cdb76b3257558a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 7b67a72e-235e-11e2-b48c-e069958d3f47
Error - 31.10.2012 09:27:05 | Computer Name = Dustin-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24.03.2013 14:42:18 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 25.03.2013 07:20:55 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 25.03.2013 12:54:47 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 26.03.2013 09:29:13 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 26.03.2013 13:11:18 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 27.03.2013 15:41:11 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 27.03.2013 17:29:21 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 27.03.2013 18:09:00 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 27.03.2013 18:24:32 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 28.03.2013 07:31:22 | Computer Name = Dustin-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Guard.Mail.ru" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report >
Gmer.txt GMER Logfile: Code:
ATTFilter GMER 2.1.19155 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-03-28 13:26:52
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.JC45 931,51GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\Dustin\AppData\Local\Temp\pxrirpow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[1100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe[1100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe[2548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe[2548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[2772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Ask.com\Updater\Updater.exe[2772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe[3284] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000768487b1 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac[3336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac[3336] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[3904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[3904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074cf1465 2 bytes [CF, 74]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074cf14bb 2 bytes [CF, 74]
.text ... * 2
---- EOF - GMER 2.1 ----
Geändert von Dustin. (28.03.2013 um 15:38 Uhr) |
|
28.03.2013, 19:18
| #3 |
| /// TB-Ausbilder  | e.ligatus.com Virus!! Hinweis an Mitlesende !! Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht. Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.  Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:  Bitte lesen:Regeln für die Bereinigung
Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Deinstallation von Programmen
Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3: Temporäre Dateien löschen mit TFC
Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
28.03.2013, 20:44
| #4 |
| | e.ligatus.com Virus Hallo ryder, erstmal vielen Dank, dass Sie mir weiter helfen . Hier sind die Loggdateien/-files AdwCleaner AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.115 - Datei am 28/03/2013 um 20:08:02 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Dustin - DUSTIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Dustin\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : ICQ Service
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Dustin\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\Dustin\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\Dustin\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gelöscht : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\searchplugins\Askcom.xml
Ordner Gelöscht : C:\Program Files (x86)\AutocompletePro
Ordner Gelöscht : C:\Program Files (x86)\ClipGrab
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Windows iLivid Toolbar
Ordner Gelöscht : C:\ProgramData\~0
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\APN
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Temp\CT2536373
Ordner Gelöscht : C:\Users\Dustin\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Dustin\AppData\LocalLow\ClipGrab
Ordner Gelöscht : C:\Users\Dustin\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Dustin\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Dustin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}
Ordner Gelöscht : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\extensions\ffxtlbra@softonic.com
Ordner Gelöscht : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\extensions\support@predictad.com
Ordner Gelöscht : C:\Users\Dustin\AppData\Roaming\OCS
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ClipGrab
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AutocompletePro
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E36DF325-3F4B-476F-8F89-123BC5D51A30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E36DF325-3F4B-476F-8F89-123BC5D51A30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2536373
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\Software\ClipGrab
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5AC7965-7808-4422-9EAA-AF2017BC113A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5AC7965-7808-4422-9EAA-AF2017BC113A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E36DF325-3F4B-476F-8F89-123BC5D51A30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78267FB9-67D9-47C5-9690-304C566B7E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E36DF325-3F4B-476F-8F89-123BC5D51A30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ClipGrab Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E36DF325-3F4B-476F-8F89-123BC5D51A30}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E36DF325-3F4B-476F-8F89-123BC5D51A30}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://de.ask.com/?l=dis&o=14597 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v10.0 (de)
Datei : C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\prefs.js
C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/406");
Gelöscht : user_pref("extensions.softonic_i.aflt", "orgnl");
Gelöscht : user_pref("extensions.softonic_i.dfltLng", "");
Gelöscht : user_pref("extensions.softonic_i.excTlbr", false);
Gelöscht : user_pref("extensions.softonic_i.id", "94398eb7000000000000e069958d3f47");
Gelöscht : user_pref("extensions.softonic_i.instlDay", "15758");
Gelöscht : user_pref("extensions.softonic_i.instlRef", "MON00001");
Gelöscht : user_pref("extensions.softonic_i.newTab", false);
Gelöscht : user_pref("extensions.softonic_i.prdct", "softonic");
Gelöscht : user_pref("extensions.softonic_i.prtnrId", "softonic");
Gelöscht : user_pref("extensions.softonic_i.smplGrp", "eng7");
Gelöscht : user_pref("extensions.softonic_i.tlbrId", "eng7");
Gelöscht : user_pref("extensions.softonic_i.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSour[...]
Gelöscht : user_pref("extensions.softonic_i.vrsn", "1.5.11.5");
Gelöscht : user_pref("extensions.softonic_i.vrsnTs", "1.5.11.521:29:43");
Gelöscht : user_pref("extensions.softonic_i.vrsni", "1.5.11.5");
Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
*************************
AdwCleaner[S1].txt - [11832 octets] - [28/03/2013 20:08:02]
########## EOF - C:\AdwCleaner[S1].txt - [11893 octets] ##########
DDS DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16470
Run by Dustin at 20:25:42 on 2013-03-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.6384 [GMT 1:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realonemessagecenter.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects\Magic-i Visual Effects.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp325.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mDefault_Page_URL = hxxp://packardbell.msn.com
uURLSearchHooks: ???????@Mail.Ru: {09900DE8-1DCA-443F-9243-26FF581438AF} -
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: ICQ Sparberater: {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: MailRuBHO Class: {8984B388-A5BB-4DF7-B274-77B879E179DB} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: ???????@Mail.Ru: {09900DE8-1DCA-443F-9243-26FF581438AF} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: ???????@Mail.Ru: {09900DE8-1DCA-443F-9243-26FF581438AF} -
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [MsgCenterExe] "c:\program files (x86)\real\realplayer\update\RealOneMessageCenter.exe" -osboot
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
mRun: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" /gui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [FixCamera] C:\Windows\FixCamera.exe
mRun: [tsnp325] C:\Windows\tsnp325.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGIC-~1.LNK - C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects\Magic-i Visual Effects.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Free YouTube to MP3 Converter - C:\Users\Dustin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: Interfaces\{123CC210-6B09-4EA1-86A7-58F19CB7E765} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://packardbell.msn.com
x64-mDefault_Page_URL = hxxp://packardbell.msn.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dustin\AppData\Roaming\Mozilla\Firefox\Profiles\z2bqnxty.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-11 55856]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-6 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-6 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-2-19 1157240]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-6 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120229.002\IDSviA64.sys [2012-3-1 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-6 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-6 405624]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-5-30 36456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-13 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-7-13 244624]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-6 138272]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-3-23 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-11 2656280]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-2-29 18688]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-4 138360]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-7-13 412264]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Guard.Mail.ru;Guard.Mail.ru;C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2012-1-21 2241128]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 avmeject;AVM Eject;C:\Windows\System32\drivers\avmeject.sys [2012-3-18 14120]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 fwlanusbn;FRITZ!WLAN N;C:\Windows\System32\drivers\fwlanusbn.sys [2012-3-18 714368]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-03-28 19:03:25 -------- d-----w- C:\Windows\System32\IO
2013-03-27 20:51:30 -------- d-----w- C:\Users\Dustin\AppData\Roaming\Malwarebytes
2013-03-27 20:51:17 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-26 13:33:58 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC32FB98-129D-4F63-86B2-877BB7C7E23B}\mpengine.dll
2013-03-26 00:07:14 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-18 18:45:49 -------- d-----w- C:\Users\Dustin\AppData\Roaming\NVIDIA
.
==================== Find3M ====================
.
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-17 00:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
============= FINISH: 20:26:35,30 ===============
Attach Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 30.12.2011 19:57:33
System Uptime: 28.03.2013 20:20:12 (0 hours ago)
.
Motherboard: Packard Bell | | ixtreme M5860
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | CPU 1 | 1598/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 363,001 GiB free.
D: is FIXED (NTFS) - 456 GiB total, 449,399 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0000
Manufacturer: LogMeIn, Inc.
Name: Hamachi Network Interface
PNP Device ID: ROOT\NET\0000
Service: hamachi
.
==== System Restore Points ===================
.
RP144: 26.02.2013 13:54:05 - Windows Update
RP145: 01.03.2013 20:48:47 - Windows Update
RP146: 05.03.2013 20:56:55 - Windows Update
RP147: 07.03.2013 15:53:58 - Konfiguriert Moorhuhn 4 Teile
RP148: 12.03.2013 13:58:34 - Windows Update
RP149: 14.03.2013 21:55:30 - Windows Update
RP150: 15.03.2013 14:03:07 - Windows Update
RP151: 16.03.2013 18:03:56 - Windows Update
RP152: 19.03.2013 21:08:53 - Windows Update
RP153: 26.03.2013 02:44:56 - Windows Update
RP154: 28.03.2013 19:58:39 - Removed Java(TM) 6 Update 18
RP155: 28.03.2013 19:59:09 - Removed Java(TM) 6 Update 31
RP156: 28.03.2013 19:59:51 - Removed JavaFX 2.0.3 SDK (64-bit)
RP157: 28.03.2013 20:00:18 - Removed JavaFX 2.0.3 (64-bit)
RP158: 28.03.2013 20:00:32 - Removed Java(TM) SE Development Kit 7 Update 3 (64-bit)
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 9
Adobe Premiere Elements 9
Adobe Reader X (10.1.5) MUI
Agatha Christie - Death on the Nile
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 2.0.2
AVM FRITZ!WLAN
Bejeweled 2 Deluxe
Bing Bar
Bonjour
CCScore
Cheat Engine 6.1
ClipGrab 3.2.0.9
Core Temp version 0.99.7
Crazy Chicken Kart 2
CyberLink MediaEspresso
D3DX10
Der Hobbit
DER HOBBIT
Die Siedler II - Die nächste Generation
Die*Sims™*3
EA Download Manager
eBay Worldwide
Elements 9 Organizer
Elements STI Installer
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
essvatgt
FATE
Final Drive: Nitro
FormatFactory 2.95
Fotogalerija Windows Live
Free YouTube to MP3 Converter version 3.10.17.221
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galeria fotogràfica del Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Chrome
Google Update Helper
Guard.Mail.ru
hama PC-Webcam AC-140
Hama Webcam Suite
Hotkey Utility
ICQ Sparberater
ICQ7.7
Identity Card
Insaniquarium Deluxe
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
iTunes
Java(TM) 7 Update 3 (64-bit)
Jewel Match 3
John Deere Drive Green
Junk Mail filter update
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare Software
KSU
LastChaosGER
LogMeIn Hamachi
Medieval Conquest
Mesh Runtime
Meteor Blade
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Klick-und-Los 2010
Microsoft Office Starter 2010 - Deutsch
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Moorhuhn 4 Teile
Moorhuhn Kart 3
Mozilla Firefox 10.0 (x86 de)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
netbrdg
No23 Recorder
Norton Internet Security
Norton Online Backup
Notifier
NVIDIA Grafiktreiber 267.85
NVIDIA HD-Audiotreiber 1.2.22.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 267.85
OfotoXMI
Packard Bell Games
Packard Bell Recovery Management
Packard Bell Registration
Packard Bell ScreenSaver
Packard Bell Updater
PCDADDIN
PCDHELP
Penguins!
Photo Frame
PhotoScape
Plants vs. Zombies - Game of the Year
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Bowler
Pošta Windows Live
Raccolta foto di Windows Live
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
S?????? f?t???af??? t?? Windows Live
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SFR
SHASTA
SKIN0001
SKINXSDK
Skype Click to Call
Skype™ 6.1
Slingo Deluxe
staticcr
Steam
Stronghold 3
Stronghold Legends
TeamSpeak 3 Client
tooltips
Torchlight
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
VirtualDJ Home FREE
VPRINTOL
Wedding Dash
Welcome Center
WildTangent Games App (Packard Bell Games)
Windows Live
Windows Live ???
Windows Live ????
Windows Live Argazki Galeria
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
WinRAR 4.11 (64-bit)
WIRELESS
Zoo Tycoon: Complete Collection
Zuma Deluxe
.
==== End Of File ===========================
|
|
28.03.2013, 21:59
| #5 |
| /// TB-Ausbilder | e.ligatus.com Virus Bevor es weitergeht: Besteht das Problem noch?
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.03.2013, 12:41
| #6 |
| | e.ligatus.com Virus Nein, die Seite tauchte gestern und heute bislang nicht mehr auf |
|
29.03.2013, 12:54
| #7 |
| /// TB-Ausbilder | e.ligatus.com Virus Gut!  Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen und werden dann deinen Computer noch auf einen sicheren Stand bringen. Da diese Scans jetzt sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten. Schritt 1: Quick-Scan mit Malwarebytes Downloade Dir bitteSchritt 2: Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!  Schritt 3: Scan mit SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.03.2013, 14:54
| #8 |
| | e.ligatus.com Virus Erledigt. Hier die Logfiles: Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.03.29.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Dustin :: DUSTIN-PC [Administrator] Schutz: Aktiviert 29.03.2013 13:07:07 mbam-log-2013-03-29 (13-07-07).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 212735 Laufzeit: 2 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=fc9f940d414f8d419abf262383d7554d
# engine=13509
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-29 01:33:09
# local_time=2013-03-29 02:33:09 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 95 4223252 127160574 0 0
# compatibility_mode=5893 16776574 100 94 8897 116193839 0 0
# scanned=299846
# found=1
# cleaned=0
# scan_time=4314
sh=65FAED9366967C25F2EFF4872C77060A03979253 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Dustin\AppData\Local\Temp\jar_cache8287463700684380593.tmp"
checkup Code:
ATTFilter Results of screen317's Security Check version 0.99.59 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.70.0.1100 Adobe Flash Player 11.3.300.270 Flash Player out of Date! Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Firefox 10.0 Firefox out of Date! Google Chrome 25.0.1364.172 Google Chrome 26.0.1410.43 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
29.03.2013, 15:06
| #9 |
| /// TB-Ausbilder | e.ligatus.com Virus Prima! Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Schritt 1: Tools deinstallieren Die Reihenfolge ist hier entscheidend.
Schritt 2: ESET deinstallieren (Optional)
Schritt 3: Update: Adobe Flash Player
Schritt 4: Update: Firefox, Addons und Plugins
Abschließend noch Tipps zu folgenden Themen:
Lesestoff:Systemupdates Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
Lesestoff:Softwareupdates Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:
Lesestoff:Sicherheitssoftware Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
Lesestoff:Sicheres Surfen Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
30.03.2013, 01:04
| #10 |
| | e.ligatus.com Virus Ich hab jetzt alles erledigt und auch keine Fragen mehr. Nochmals vielen Dank, dass Sie mir bei meinem Problem geholfen haben. MfG Dustin |
|
30.03.2013, 10:50
| #11 |
| /// TB-Ausbilder | e.ligatus.com Virus Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu e.ligatus.com Virus |
| administrator, adobe, autorun, bandoo, bho, bingbar, bonjour, browser, clipgrab, converter, cpu, e.ligatus.com, explorer, firefox, format, google, home, internet, mp3, nvidia, object, packard bell, plug-in, programme, realtek, registry, security, stick, symantec, updates, virus, wildtangent games |
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
