| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC Performer Manager eingefangen und dann versucht ihn mit Spyhunter zu beseitigenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.06.2013, 13:38
| #1 |
 |  PC Performer Manager eingefangen und dann versucht ihn mit Spyhunter zu beseitigen Hallo zusammen, obwohl ich kein Newbie bin habe ich mich selten dämlich angestellt!  Zuerst habe ich mir den lästigen PC Performer Manager eingefangen, wie genau kann ich nicht sagen. Als ich dann merkte, wie mein Rechner ziemlich lahmte, habe ich nach Lösungsmöglichkeiten gegoogelt und bin dabei auf das Problem PC Performer gestossen. Doch dummerweise bin ich dabei auf verschiedenen Seiten gelandet, die alle zur Beseitigung die gleiche "einfache" Softwarelösung empfohlen haben und die bestand in Spyhunter. Dieser Spyhunter meldete bei einem Scan etliche Probleme. Erst als beim Versuch, diese Probleme zu beseitigen die Aufforderung kam, die Vollversion zu kaufen dämmerte mir, dass ich da wohl den Teufel mit dem Beelzebub austreiben wollte!  Jetzt bitte ich hier um eure Hilfe beim Beseitigen dieser lästigen Plagegeister. Ich hoffe, ich habe die benötigten Informationen und Scans richtig laufen lassen und bekomme sie hier korrekt gepostet. OTL.txt habe ich gezippt anhängen müssen, da die Logfiles zu groß waren. Extras.txt: Code:
ATTFilter OTL Extras logfile created on: 30.06.2013 02:47:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pooly\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,98 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,07% Memory free
7,96 Gb Paging File | 5,77 Gb Available in Paging File | 72,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1811,92 Gb Total Space | 1688,45 Gb Free Space | 93,19% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 25,47 Gb Free Space | 50,95% Space Free | Partition Type: NTFS
Drive E: | 1,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive J: | 931,28 Gb Total Space | 685,75 Gb Free Space | 73,63% Space Free | Partition Type: FAT32
Computer Name: POOLY-PC | User Name: Pooly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-239419753-1080600804-101104263-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00CD6417-B9C3-45DF-B0D3-0076CC40509B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{06CA7039-7F35-4229-AB4A-89E4A45219B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0B62B67A-14BA-4569-A979-F18033F297B7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BB604AA-9CAD-4A58-A964-EA43B321D79E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C03794C-0BA8-4B4B-B3A6-F3557C3690FD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E3D509F-2AE4-4983-ACB0-ADF2F314D35C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25422746-A780-470D-B3DA-039B85A7428D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2BCCFDAD-3DA6-4FFD-891B-7EC043E2E2E8}" = rport=139 | protocol=6 | dir=out | app=system |
"{311EC8F9-6669-48D3-AD8F-8624B7CB19E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3A9D733F-5EC6-4750-BFF1-5FE5673B83A5}" = lport=138 | protocol=17 | dir=in | app=system |
"{3BE5203E-E85E-4F56-8D24-096BBD01B687}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port |
"{409F0B87-C049-421E-90EC-D6FB7F0D37F6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4E06C5A0-DD8E-45B7-BF32-D8BAF8EF280C}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 |
"{55C1EA9A-971E-41A9-BE0F-99CE5F0A09ED}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 |
"{61A79E05-28AC-492A-857E-9207FB809A7B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69F620D5-78A5-4BED-8C92-413A49B39000}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp1\wnt500x64\rpcsandrasrv.exe |
"{70AA039D-8D5E-4F35-B0BF-D95E8C752762}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{89305781-FD8A-4A9B-B260-2135CA988536}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90061D85-0A6E-493F-BCE2-ED135951BB10}" = lport=53 | protocol=6 | dir=in | name=rtldns-port |
"{A4A04FD5-C39E-462E-8FF0-DB8AA04A26FA}" = rport=138 | protocol=17 | dir=out | app=system |
"{BF989B9E-0B4F-4C82-AD16-92D05625C7CC}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8742CC4-CA13-4488-BC51-0B5FF2E468C1}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{CEEC5E97-F169-4A85-A433-80CAB4E35945}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D286020A-3F28-44A9-877D-AE91A55024BB}" = rport=137 | protocol=17 | dir=out | app=system |
"{D2D728A4-B6AC-4D3D-A097-BC07E6FA1A23}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4989ACE-D711-413F-B969-28B3C770E7E1}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{D752BEE1-8A60-433D-B4E6-9E718D5E51B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC30766A-B0E1-4BBC-B9C6-D0C5E205C882}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{DE918BE6-0777-4623-BEDF-4EFD36BA7F65}" = lport=139 | protocol=6 | dir=in | app=system |
"{DFD82233-6AB0-4DE7-9E34-463BAA0495C5}" = lport=137 | protocol=17 | dir=in | app=system |
"{E860F687-ACF6-4A17-80D1-5BFA50B679DE}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp1\rpcagentsrv.exe |
"{EB52C4AB-EDE3-418B-BFED-5FA3E01324E2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{FF7BDF46-EC69-4678-854E-C08E7D3BC198}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03EAF41D-9EFE-4E65-B43D-E5C6D1210B71}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B8F701E-47D6-40A5-A7C5-104265D86B14}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{15BC3DB2-B386-4B26-8D62-F930643328C4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1CA8CBB6-B927-4491-8374-F3DB8A8662FE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1E9941FD-E724-491C-8FC8-23F8521B4D41}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2086F8C9-7636-4E9B-9A47-4ACAB9B3618D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{21F1B7B5-EF9A-4116-845B-DD9976AE42E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{28EB9F9F-9B00-44BA-AC5A-4E05BF2A81E6}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{2E26B0F9-A9BF-434C-98A5-EBB6AFEB15EA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2F98984C-BCB1-436D-A90E-AC771DBB2283}" = protocol=6 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser.exe |
"{323B3E79-96DC-4C7E-AA47-95767F02400C}" = protocol=6 | dir=in | app=c:\ph-shop\adobe version cue cs2\bin\versioncuecs2.exe |
"{32F3ED34-530D-46CC-8911-606122C53BF8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{357B0CC7-4D6E-43BC-B4D0-97C1E2321D87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3958A5FD-99D7-4B08-902A-9A0B3BE8AA7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3BCF67AF-AA14-416E-BD22-2C85D0D82DFD}" = protocol=17 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser.exe |
"{46307F7B-B9BF-4943-8897-27DE6FCF8A4C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{49183AAB-B5B6-4C3D-9F1A-CE168239E18C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4A467E52-D70F-42B6-8BA7-AAE1C79DD436}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5549D867-4091-4C32-B0E1-7BA41B938ECE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{5A8D9204-61CB-4750-BF8D-CC2CA34C1CC7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{6BB69473-947C-4CE3-8A3B-0D46DABA6B84}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7527C1CA-1E2D-4D4E-BD0D-E9D4DFE9E62C}" = dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtldhcp.exe |
"{80936326-7EFF-4C88-9C16-B69EEEAB6F70}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84EB0877-5A20-4262-B54F-9D85CDE0EE3B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{853C972C-D29E-470C-A280-12CB9202D5F4}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{87254A6D-091C-4A96-8520-B2784146A0FF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{909FD7B5-40CD-4655-8BF0-1EED4A2B9A59}" = protocol=6 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser_nodd.exe |
"{97622819-7B1F-45EA-8A43-FDEBF311E4AD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A42126E2-9F15-4230-9E33-8FE9D5A5267C}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{A525D2BC-4F11-4859-97D0-F3D1F086A8E3}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{AE0C0281-F340-48D1-BDBC-9892D2E349C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AFD3C62D-CB07-46D0-931F-BAFF90B268D2}" = protocol=6 | dir=out | app=system |
"{C61FACA3-1EC9-4D94-8283-E24BACC36A2B}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{CEA8785F-508B-4629-8735-5CD99E2D69C4}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{D072A819-748F-4316-AD0A-0E1DA81F16BB}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{D07DF7D3-201D-44FF-8B6A-93539DB49EA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5B9E6CB-6906-4710-B7FC-44FF349B1447}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{D60271B5-B482-4A25-AD29-96AE1AD4F237}" = protocol=17 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser_nodd.exe |
"{DB5B2BEB-A473-4EFD-8C2A-4201CC366B51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7035F7F-631E-495C-84A7-B76D692F73E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF326660-E6E6-493A-B435-676C2FF31634}" = protocol=17 | dir=in | app=c:\ph-shop\adobe version cue cs2\bin\versioncuecs2.exe |
"{FA27D4EF-C38B-4908-9524-6BC6F7C7B826}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FAEC80C0-196F-40D1-949B-9EFF21678BC9}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{FEF5A4EF-3249-4589-87BF-BA46DA0EF48A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{4F1E33E4-ABAB-49F6-BB38-1C7F74BCF522}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{76917E20-BE79-4907-91DC-F74575773B32}C:\program files (x86)\milouz corp\milouz market\milouz market.exe" = protocol=6 | dir=in | app=c:\program files (x86)\milouz corp\milouz market\milouz market.exe |
"UDP Query User{7CF79AA5-B7EA-488F-AF02-114786186AF1}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{B22B8DF8-4EA0-4A6A-AF96-25362C535098}C:\program files (x86)\milouz corp\milouz market\milouz market.exe" = protocol=17 | dir=in | app=c:\program files (x86)\milouz corp\milouz market\milouz market.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D42BF0-ED08-463f-8A28-99EB6FEE962B}" = ZTE Handset USB Driver
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2012.SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = ZTE Handset USB Driver
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Process_Hacker2_is1" = Process Hacker 2.30 (r5267)
"Recuva" = Recuva
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11 WM Edition
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1AD2EC5E-9A73-452B-8C87-43D2E32C3831}" = Fritz11 WM Edition
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{36A19DE0-7C35-41E3-9BA6-DB85C74B3021}" = SlimDrivers
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"{47E5588F-C3A0-11DE-9857-005056C00008}" = Paragon Partition Manager™ 12 Free
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{875FD277-1D33-4321-BDD8-5D776DE81117}" = Windows Internet Explorer 10
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = REALTEK Wireless LAN Driver and Utility
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{AD1C7ACE-30DC-4107-B6A7-9495D12DC846}" = TinEye Internet Explorer plugin 1.2
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BD528233-D102-4CA6-93AB-EE4FE4941C37}" = Milouz Market
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C7A8AA10-B632-42F8-9F57-A16FDCE0601E}" = Clock Screen Saver
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CF652E2D-6128-49E9-833E-F131C4FC42CA}" = ChessBase 10
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D5B11428-F4C4-4FC2-AF89-4D2163BD1D28}" = ChessBase 10
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"ALDI SÜD Mah Jong" = ALDI SÜD Mah Jong
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Ashampoo WinOptimizer 2012_is1" = Ashampoo WinOptimizer 2012 v.8.1.4
"Avira AntiVir Desktop" = Avira Free Antivirus
"BurnAware Free_is1" = BurnAware Free 6.3
"CBReader " = CBReader
"EdenCity Download" = EdenCity Download
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"Google Chrome" = Google Chrome
"InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Kill-ID für Chrome_is1" = Kill-ID 1.2.4.0 für Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Full)
"Licking Dog Screen Clean Screensaver" = Licking Dog Screen Clean Screensaver
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myMugle3.0.0.0" = myMugle
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"PlayChess" = PlayChess
"Sim AQUARIUM 2_is1" = Sim AQUARIUM 2
"SopCast" = SopCast 3.5.0
"TeamViewer 7" = TeamViewer 7
"tvbrowser" = TV-Browser 3.3a
"Visual Subst" = Visual Subst
"VLC media player" = VLC media player 2.0.7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-239419753-1080600804-101104263-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.02.2013 11:38:30 | Computer Name = Pooly-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 05.02.2013 11:38:30 | Computer Name = Pooly-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 05.02.2013 11:38:30 | Computer Name = Pooly-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 05.02.2013 11:38:30 | Computer Name = Pooly-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 05.02.2013 18:06:12 | Computer Name = Pooly-PC | Source = Application Hang | ID = 1002
Description = Programm ChessProgram11.exe, Version 0.0.0.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: f64 Startzeit: 01ce03b7fc6845d8 Endzeit: 16 Anwendungspfad:
C:\Program Files (x86)\ChessBase\ChessProgram11\ChessProgram11.exe Berichts-ID:
Error - 15.02.2013 09:57:29 | Computer Name = Pooly-PC | Source = Application Hang | ID = 1002
Description = Programm avscan.exe, Version 13.6.0.584 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 112c Startzeit:
01ce0b7da0650271 Endzeit: 60000 Anwendungspfad: c:\program files (x86)\avira\antivir
desktop\avscan.exe Berichts-ID: 78a32c48-7777-11e2-b5bd-8c89a56d6f00
Error - 15.02.2013 13:05:09 | Computer Name = Pooly-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 15.02.2013 13:05:09 | Computer Name = Pooly-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16.02.2013 09:51:58 | Computer Name = Pooly-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Pooly\Downloads\SoftonicDownloader_fuer_cat-licking-screensaver.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 19.02.2013 15:55:00 | Computer Name = Pooly-PC | Source = Application Hang | ID = 1002
Description = Programm avscan.exe, Version 13.6.0.584 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d5c Startzeit:
01ce0ed59e9dd08d Endzeit: 54070 Anwendungspfad: C:\program files (x86)\avira\antivir
desktop\avscan.exe Berichts-ID: 1b3a6b75-7ace-11e2-9fa4-742f68a87d52
[ Media Center Events ]
Error - 29.06.2013 07:44:31 | Computer Name = Pooly-PC | Source = MCUpdate | ID = 0
Description = 13:44:25 - Fehler beim Herstellen der Internetverbindung. 13:44:25
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 28.06.2013 05:45:28 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 28.06.2013 19:25:06 | Computer Name = Pooly-PC | Source = DCOM | ID = 10010
Description =
Error - 29.06.2013 07:43:52 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 29.06.2013 07:43:52 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 29.06.2013 12:09:00 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Realtek11nSU erreicht.
Error - 29.06.2013 12:11:21 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 29.06.2013 12:11:21 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 29.06.2013 15:05:19 | Computer Name = Pooly-PC | Source = DCOM | ID = 10010
Description =
Error - 29.06.2013 15:09:04 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 29.06.2013 15:09:04 | Computer Name = Pooly-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-30 13:41:24
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST2000DL rev.CC45 1863,02GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Pooly\AppData\Local\Temp\kwdoapod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80003806000 63 bytes [00, 00, 21, 02, 41, 4C, 50, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 624 fffff80003806040 1 byte [08]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[924] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!free 0000000075ad9894 5 bytes JMP 000000010a90d2d0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!malloc 0000000075ad9cee 5 bytes JMP 000000010a90d230
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!??3@YAXPAX@Z 0000000075adb0b9 5 bytes JMP 000000010a90d2d0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!??2@YAPAXI@Z 0000000075adb0c9 5 bytes JMP 000000010a90d480
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!realloc 0000000075adb10d 5 bytes JMP 000000010a90d2b0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!calloc 0000000075adc456 5 bytes JMP 000000010a90d270
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_msize 0000000075adf43b 5 bytes JMP 000000010a90d2e0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_aligned_free 0000000075af5942 5 bytes JMP 000000010a90d2d0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_aligned_malloc 0000000075b0028d 5 bytes JMP 000000010a90d3c0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_aligned_offset_malloc 0000000075b002a9 5 bytes JMP 000000010a90d3e0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!?set_new_handler@@YAP6AXXZP6AXXZ@Z 0000000075b2bfd1 5 bytes JMP 000000010a90d500
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_aligned_offset_realloc 0000000075b2bfe1 5 bytes JMP 000000010a90d420
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_aligned_realloc 0000000075b2c16b 5 bytes JMP 000000010a90d400
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_expand 0000000075b2c18a 5 bytes JMP 000000010a90d3a0
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapadd 0000000075b2dd03 5 bytes JMP 000000010a90d550
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapchk 0000000075b2dd17 5 bytes JMP 000000010a90d560
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapset + 1 0000000075b2de16 4 bytes {JMP 0xffffffff94ddf76b}
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapmin 0000000075b2de1f 5 bytes JMP 000000010a90d650
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapused 0000000075b2df05 5 bytes JMP 000000010a90d620
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\msvcrt.dll!_heapwalk 0000000075b2df18 5 bytes JMP 000000010a90d590
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Ph-Shop\Adobe Version Cue CS2\bin\VersionCueCS2.exe[1856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1884] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[1544] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[1544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[1544] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\PDF Architect\HelperService.exe[2052] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\PDF Architect\HelperService.exe[2052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\PDF Architect\HelperService.exe[2052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\PDF Architect\ConversionService.exe[2192] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\PDF Architect\ConversionService.exe[2192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\PDF Architect\ConversionService.exe[2192] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2232] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2232] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2232] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe[2260] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe[2260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe[2260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2332] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2332] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Ph-Shop\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe[2456] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Ph-Shop\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe[2456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Ph-Shop\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe[2456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe[2772] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe[2772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe[2772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[2816] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[2816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[2816] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2992] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[3136] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[3136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\ProgramData\PC Performer Manager\2.6.1339.144\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe[3136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe[3716] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe[3716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe[3716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[1344] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[1344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[1344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[2228] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3692] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 000000007734000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3692] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 00000000773cf85a 5 bytes JMP 000000017737d571
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3692] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[1036] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Google\Drive\googledrivesync.exe[1036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4404] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Ph-Shop\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe[4428] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Ph-Shop\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Ph-Shop\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4596] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4596] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[4604] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[4604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[4604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe[4616] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe[4616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe[4616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5804] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5892] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4028] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4028] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4028] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
.text C:\Users\Pooly\Downloads\gmer_2.1.19163.exe[528] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 0000000075c0cfca 5 bytes JMP 00000001749b4bb0
.text C:\Users\Pooly\Downloads\gmer_2.1.19163.exe[528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000753e1465 2 bytes [3E, 75]
.text C:\Users\Pooly\Downloads\gmer_2.1.19163.exe[528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000753e14bb 2 bytes [3E, 75]
.text ... * 2
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Files - GMER 2.1 ----
File C:\Users\Pooly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E6DG1NM\clients[1].txt 0 bytes
---- EOF - GMER 2.1 ----
Danke schon mal im Voraus für eure Hilfe!  |
| Themen zu PC Performer Manager eingefangen und dann versucht ihn mit Spyhunter zu beseitigen |
| 7-zip, adobe reader xi, avira, beseitigen, beseitigung, desktop, error, excel, fehler, filescout.exe, flash player, google, home, homepage, hängen, iexplore.exe, install.exe, mozilla, ntdll.dll, pc performer, picasa, problem, programm, realtek, recuva, registry, richtlinie, rundll, scan, security, spy hunter 4, svchost.exe, tcp, udp, usb, windows, windows internet |
Baum-Darstellung