Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Google meldet Malware sheapstoff.com

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.06.2012, 12:11   #1
benkk
 
Google meldet Malware sheapstoff.com - Standard

Google meldet Malware sheapstoff.com



Hallo,
ich habe mich jetzt gerade hier auf dem Board angemeldet, weil ich seit einigen Tagen/ Wochen ein Problem mit gewissen Webseiten/Avira habe,
ich danke schon mal allen die sich dem Thema annehmen, ich bin leider aber auch nicht so gut mit dem Umgang am PC, das könnte dann bedeuten das ich mehrmals nachfragen muss.
Das erste Problem was mir aufgefallen ist, ist aufgetreten als ich mir vor ca. 4 Wochen eine Externe Festplatte (Verbatim Freecom Mobile Drive XXS 1TB externe Festplatte (6,4 cm (2,5 Zoll), USB 3.0)"gekauft und angeschlossen habe.
Avira meldete dann: Autorun blockiert, zu Ihrer Sicherheit wurde der Zugriff auf die Datei G:\autorun. inf blockiert.
Daraufhin schaute ich bei Avira unter Ereignisse nach und stellte fest das Avira Malware Gefunden hat:

In der Datei 'C:\Users\Besitzer\Documents\My Photos\Device Camera Shots\100MEDIA\~MAG0015.tmp'
wurde ein Virus oder unerwünschtes Programm 'EXP/MS04-028.JPEG.A' [exploit] gefunden.
Ausgeführte Aktion: Zugriff erlauben

In der Datei 'C:\Users\Besitzer\Documents\My Photos\Device Camera Shots\100MEDIA\~MAG0072.tmp'
wurde ein Virus oder unerwünschtes Programm 'EXP/MS04-028.JPEG.A' [exploit] gefunden.
Ausgeführte Aktion: Zugriff erlauben

Ich habe dann die gesamten Bilder durchsucht und Zwei Bilder gefunden die mit dem Handy aufgenommen wurden.
Ein Bild stammt von Mai 2011 das andere Mai 2012, alle anderen Handy-aufnahmen waren nicht betroffen.

Als maßnahme Löschte ich die Bilder obwohl ich die tmp Datei nicht finden konnte.

Das Problem mit Avira Malwaremeldung trat dann nicht wieder auf.

Aber immer wenn ich die Externe Festplatte anschloss, kam die Autorun blockiert info.

Dann trat nach ein paar Tagen noch folgendes Problem auf.

Wenn ich aus meiner Lesezeichenleiste Webseiten aufrufe meldet nun Google Malware aber nicht auf jeder Seite aber immer die Gleichen.

Die Meldung lautet.

Warnung irgendwas stimmt hier nicht!
die Seite enthält Inhalte von cheapstoff.com .......
ich bekomme die Seite nicht hier reinkopiert ???

Ich hab dann Defogger laufen lassen kein Fund.

Malwarebytes Anti Malware:

www.malwarebytes.org

Datenbank Version: v2012.06.19.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Besitzer :: BENKK-PC [Administrator]

Schutz: Aktiviert

24.06.2012 18:23:31
mbam-log-2012-06-24 (18-23-31).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 217313
Laufzeit: 5 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


OTL by Old Timer.OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 24.06.2012 19:46:12 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\Besitzer\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 37,43% Memory free
7,93 Gb Paging File | 4,85 Gb Available in Paging File | 61,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,07 Gb Total Space | 101,14 Gb Free Space | 35,36% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 271,49 Gb Free Space | 91,08% Space Free | Partition Type: NTFS
Drive E: | 12,02 Gb Total Space | 1,93 Gb Free Space | 16,02% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 931,50 Gb Total Space | 590,09 Gb Free Space | 63,35% Space Free | Partition Type: NTFS
 
Computer Name: BENKK-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{76BA0ABC-08B8-4D91-BF33-BCC145C133FB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8141199D-464B-48D8-BA73-5D47C4FBE611}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{84B6C2BB-4C4B-488E-9286-89B1057CF874}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E3AC85C2-056F-469A-B7CB-4FB16F7CD42D}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{E9CFACBC-F66D-42F8-8D5E-20549040DF10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EFF5A446-CE2F-46AC-893D-3E7A77A8DF65}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{F76B79DA-B5ED-4038-BE34-71AB6BA7DEDF}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006588E7-95DD-40A4-BA29-BBADF55C3E03}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{022E9701-82FD-44CA-9026-C1250E9C486D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | 
"{05EF49F9-B972-4508-9C6B-8F9DBD2DF174}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{0BF66A3A-C6BE-48D8-BE58-8D97034FFD7C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
"{179592C2-BBC2-4190-9453-7811FABAE6EB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1981C996-453F-43E2-AC9C-3CA80D7BE16C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{1BAB97CB-EA4F-4D79-9024-7ADC3CDB3898}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1EC62FEF-C32B-40F3-9CCD-F707F949EC24}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2BB78C79-3198-4FCE-8744-0C18E4C2A093}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{2E971F04-EAC3-408B-9D7D-5310ABD90137}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{31DA026D-B353-415E-8CDE-E6D707EF194F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{37F4A6C3-458F-404A-9904-F9EE4F30F012}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe | 
"{3861F4C0-C7BB-4D66-99B2-D8E09F9F0C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft digital experience\microsoft.mdx.analyticsservice.exe | 
"{3A326875-0ADE-4628-A7A7-EB8EEC215D4D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"{3FBABF13-0762-4622-9965-7D4D907F9012}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{46345F22-0B39-475D-8525-40B126D60690}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{5048DF75-5192-41F0-AA25-3A275EC1B7D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{528C6F93-B843-4D7C-984D-95C1F9051F79}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft digital experience\microsoft.mdx.analyticsservice.exe | 
"{5C813815-7699-4E80-8EA2-896CB05E9AA9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{5DB90619-07E0-44EF-8491-82E8706C0019}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{5F2D9CB4-51E3-4754-83D0-EE2C7E08C52A}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | 
"{5F8BAB6F-0F7D-4E7F-BDA5-66F525C2871D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{63E81262-95FB-464D-B3B5-789712107A91}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{65235E09-EA12-43B7-AB44-77EFAFE57E9D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{65A0A214-C21D-4EA7-B8EB-EDFC552FDBFC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{6E2DEC60-254E-4CF5-8FB1-AA1AFC03A6A7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{6F2FBA89-A568-43BB-9863-32E14353E781}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | 
"{793F4889-0232-43C3-AD67-3A2E35EEBFF0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{81C5ABE9-A103-4E6C-8164-80A80921F101}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
"{83FC6B0E-F142-4A88-A156-84382223677E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{858821CB-87BC-4944-9B22-726AA76F13AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{87DC8231-3D73-4032-9200-F992C928C93C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{8F269C39-F58D-42F8-A5A5-9CD7DEE305E0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | 
"{91F6C27B-1611-44D6-921A-95A55705ABC2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{9306FE7D-A507-4F41-8898-0717BE2F29D3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{9CB26E8A-4D04-4813-B1F8-45305A8CAD25}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | 
"{9E5F150A-FC3D-4A3D-BF78-871F4E85291B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{9E616500-62AF-462E-9609-A5AF7A9AD42A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
"{A81A04AD-AD43-4EE7-BE1F-F8D22A007334}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{AC61DF17-F5B3-4593-B8E3-3700CF3DF344}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | 
"{ACBCE428-DE90-4F8B-9912-CE14A3DA517A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{AF929ECC-1CF1-439D-A8E1-1209B14A747E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B3D52E15-096C-4A8B-A396-C01F609E3735}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{B7D7A966-868F-4F5C-9911-07F13E941D2F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{BE10E4AC-48CF-4B79-94E1-61E4C92CA03E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe | 
"{C1394C33-5372-4B13-A211-7F5C71AEC448}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{C5D5854A-BBEA-4FD9-89B3-395E43F878CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C85CD30E-4B7F-4899-888C-52C0A6F2A8DF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{C8BFEB2E-5735-457E-AFA8-529C806BD7EF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{D0F52FA7-1A57-4FFB-A847-A996932701D6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
"{D1D94970-B24F-42F0-9F5C-DB1772CD62F4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"{D624DC7F-BBA2-4EE8-80FC-D27949637BCE}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{D74ADF61-298A-4FA8-963A-E5DD1EF41BC3}" = dir=in | app=f:\setup\hpznui40.exe | 
"{D98052EF-48CB-41AF-91AE-B08A375AD79E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E9AA6D22-F643-475F-9B49-7D2CC095D486}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{EA7BFC07-8B8D-402C-AD64-A903ABFCEBCF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
"{EEEA34B1-6D15-428F-8393-2ACCDAE696F9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{F4840FA7-C19B-4406-A06D-35D6066C0877}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
"{F900E1FF-832B-4AA8-A269-1D395D5C2702}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{FC910FEB-36DE-4B56-8B3D-DDF00393A30C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"TCP Query User{07E2E431-6201-4B59-8982-F45CD0689E14}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"TCP Query User{10531EB4-484F-4E46-9281-29FE3273C951}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{33156C2F-3BED-42E6-81A0-D934F480E269}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"TCP Query User{455B3AFB-5A8C-47DA-A2B8-7AEFFE288613}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{90008C56-328D-420E-A03C-84BDE5705677}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"TCP Query User{911A2992-0AE4-479B-875E-BDB134858BBF}C:\program files (x86)\ea games\mohaa\mohaa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\mohaa\mohaa.exe | 
"TCP Query User{B782D037-9D06-4359-B4F4-8B0EB589B051}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{CF26BB4F-1204-4FC8-AD2C-C42419E71D7F}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe | 
"TCP Query User{E0A01929-C274-4B59-A317-B50B8FAAC765}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"TCP Query User{FADC8920-AB82-4D0B-888B-A53CB27ABFCF}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe | 
"UDP Query User{1BDE8612-C9C4-4D83-89FE-329EDF2F529B}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{2A1E4CB9-A96A-40E8-86C5-FBD7FC20A9C3}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"UDP Query User{7AD0B40E-1025-4315-8BE3-55393DCC4379}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"UDP Query User{7B0AD43E-DF86-4F00-9D03-0180F7968613}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | 
"UDP Query User{91045358-00C1-409E-9823-43FF01906D0E}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe | 
"UDP Query User{A509033C-6D5E-45E8-B6F4-7FE5737723EB}C:\program files (x86)\ea games\mohaa\mohaa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\mohaa\mohaa.exe | 
"UDP Query User{B1F11784-DDD1-4997-A026-121AB3C470F2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{C7F83F44-213C-4271-9F40-6B00E0A7E77B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{E0B657B5-5A6B-488A-853D-071D84FF2905}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 1942\bf1942.exe | 
"UDP Query User{F00A12CD-A64C-49DD-AD91-DCAF82A72E47}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7F67AF0E-DF48-0198-E0F3-F1C9F7A6FC22}" = ccc-utility64
"{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{83715090-142B-D305-36EC-7538A007D336}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AA6F009F-0CCD-4DD6-A462-28419C101D54}" = HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows-Treiberpaket - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C7F8FBE-435C-34D2-6813-2A632AAC0C92}" = Catalyst Control Center Localization Greek
"{0E1F58B6-39BF-23FC-B4E5-3A2B4A0FADEB}" = CCC Help Turkish
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0EEF3E07-3971-5080-2A3F-910691DA1135}" = Catalyst Control Center Graphics Previews Vista
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{114C14EE-652A-5EF6-59B8-3E5B33D6A4DF}" = Catalyst Control Center Graphics Full New
"{116C3B09-ADE0-1B8B-2F9F-C8B09A89F9AA}" = CCC Help Thai
"{127B684B-A002-44C8-99A7-6CF8F1E26873}" = PunkBuster für Battlefield 1942
"{12C11B2C-00F3-AF06-94D4-1AAF70616507}" = Catalyst Control Center Graphics Light
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC09CDB-0674-B3D6-FCB1-7B3CE2BFF3E8}" = Catalyst Control Center Localization Danish
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{255C206B-4776-1D14-9EDD-2F9458847739}" = ccc-core-static
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{27B0C2FD-9739-8D7D-6552-307C786D9097}" = Catalyst Control Center InstallProxy
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34CFF761-7AD1-7C1A-4513-79B3E2F54290}" = CCC Help Greek
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A6F3C3C-A83C-34D5-F80A-4FDA2FBBFE2F}" = Catalyst Control Center Localization Chinese Standard
"{3DFA31F1-4747-60E4-6CA9-0060CFB99E30}" = CCC Help Spanish
"{4198AAE5-A938-B0A0-9AD2-95C2F23ED677}" = Catalyst Control Center Localization Italian
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{46345EA6-1608-2E99-B47F-D83725A5C4D9}" = CCC Help Hungarian
"{46ACB9C1-6109-088B-931F-B7A5CE735504}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51B8CA01-3E68-9993-E6F3-7F8982A0F600}" = CCC Help Finnish
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5BF08C8C-FB06-FA9A-C636-EBBB67172376}" = Avatar
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{650A275F-75B8-B71E-4C9D-04E952A63E5F}" = Catalyst Control Center Graphics Previews Common
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6756A967-2904-DE46-3265-4BB80B934904}" = Catalyst Control Center Localization Chinese Traditional
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0E28-3A8E-4ADC-A050-784064B76236}" = HP User Guides 0134
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{735DAC68-3FF4-2895-83A2-DBF135AB9F44}" = CCC Help German
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A63A35A-247E-C141-A447-8E43F22F82F7}" = Navionics Chart Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DAD42E6-BBE7-C12B-C78D-8AC8C87F4055}" = Catalyst Control Center Localization German
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90EF242A-A2ED-FBBD-2F1F-A159DB0DDAC3}" = CCC Help Chinese Traditional
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9198CC8F-8B08-6F7B-BF7D-A6594526B5DF}" = Catalyst Control Center Localization Hungarian
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93DD8BC9-ADD5-D20B-22B5-1526E45CB6C8}" = CCC Help French
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{99AF6670-F557-F4D3-3069-AE62DA675A70}" = Catalyst Control Center Localization French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B88930B-A7E7-03E5-1313-BED90FCCF72C}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DC11D9A-6DCD-4064-8363-63914A0122AB}" = C4500
"{9F19486B-B187-5A51-189F-FCCEBBB70E2E}" = Catalyst Control Center Localization Dutch
"{A019B329-BFA8-3F59-6F80-6A3714104CE9}" = CCC Help English
"{A107F928-EED3-28FC-857F-ED33FEDBA02A}" = Catalyst Control Center Localization Korean
"{A15B2786-6F7E-0B96-A222-141202F9CECC}" = CCC Help Japanese
"{A5D5CC36-6A42-6FB6-882F-90C6262C8DCA}" = CCC Help Korean
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9359BA2-B496-8E14-EDA9-923DBE8913CB}" = Catalyst Control Center Localization Thai
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B07B2D42-0080-4AA5-9551-9B8F8CF71F5D}" = Microsoft Digital Experience
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3D11644-94AB-17E7-D9CF-52EF943D9F52}" = Catalyst Control Center Localization Spanish
"{B4B199E3-4D33-4F08-688A-9BCE5920AAF6}" = Catalyst Control Center Localization Japanese
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BDDB0932-2C7F-ABB3-ED54-6F045EEF14F7}" = Catalyst Control Center Localization Swedish
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2E52B6F-E4F1-B9D6-D671-D7E2FC60C7C0}" = CCC Help Chinese Standard
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C58AED82-0DD9-DF4B-1CE7-F7EE9B1BBB83}" = CCC Help Danish
"{C61D8EF2-D9BF-B36F-4887-ADE39C924F3F}" = Catalyst Control Center Localization Polish
"{C7D02E19-07F2-8EE5-7C18-1617A656AF74}" = Catalyst Control Center Localization Turkish
"{C91CC841-7B39-9454-4A16-91C7FF300EC8}" = CCC Help Portuguese
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE60D4C0-86A7-52C8-7C8A-AFD2E99A1790}" = Catalyst Control Center Graphics Full Existing
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF408B76-8698-4298-B549-5E6A94931B64}" = PS_AIO_04_C4500_Software_Min
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6EA6018-0F5B-E4CC-C930-990412BED306}" = Catalyst Control Center Localization Czech
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D80D6A7D-A6AA-019A-12D8-CA58F76FA313}" = Skins
"{DB7DE91F-AC23-7A23-B1A7-6FD3A05534E2}" = CCC Help Czech
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFC21203-E063-A351-8027-F5D43162539D}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0FE7850-04F8-D01A-971F-C7B00F8D003A}" = Catalyst Control Center Localization Russian
"{E18407AE-614D-5B0B-9C38-5A1853E8AB5D}" = Catalyst Control Center Core Implementation
"{E1B2BA63-4023-B582-0D88-ABB528E281D9}" = Catalyst Control Center InstallProxy
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E6424D60-BBCC-4FD0-8EE5-C7FFC50F1DC9}" = HumminbirdPC
"{E651B083-2904-8342-5C27-39800B39E03B}" = CCC Help Polish
"{E6695454-03CD-146E-4A10-75FCB5AFE3FB}" = Catalyst Control Center Localization Finnish
"{E9D045D8-E31E-E3D6-004D-9AD4EE6C2747}" = CCC Help Russian
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{E9EEB277-B66C-9A72-9CF0-90AC7BFC2095}" = Catalyst Control Center Localization Norwegian
"{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1" = VshareComplete
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F98DF01D-F1C3-3878-FCE6-F749729A8949}" = CCC Help Dutch
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDBA2850-0054-7733-527B-A6286D639345}" = Catalyst Control Center Localization Portuguese
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Premium
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ElsterFormular 11.0.0 11.0.0.***unknown variable buildnummer***" = ElsterFormular 11.0.0
"ElsterFormular 11.5.0.4546" = ElsterFormular
"ElsterFormular für Privatanwender 12.2.1.6570p" = ElsterFormular-Update
"Freecom GREEN BUTTON_is1" = Freecom GREEN BUTTON 1.61
"Freecom Hard Drive Formatter_is1" = Freecom Hard Drive Formatter 1.39
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"jZip" = jZip
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Navionics World 1.1.0" = Navionics World
"navionicsChartInstaller.Air.A3B2DB703D5E0A7ECA24FBD4B07176191EDD3C63.1" = Navionics Chart Installer
"POIbase_is1" = POIbase 0.133
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"SopCast" = SopCast 3.2.9
"TuneUp Utilities" = TuneUp Utilities
"vShare.tv plugin" = vShare.tv plugin 1.3
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.05.2012 02:47:45 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 08.05.2012 02:48:11 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 08.05.2012 02:48:11 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 08.05.2012 02:48:39 | Computer Name = benkk-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.05.2012 14:24:58 | Computer Name = benkk-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 11.05.2012 10:17:19 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 12.05.2012 16:57:08 | Computer Name = benkk-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_Themes, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: uxtuneup.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4b1f9a4b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000055580002820
ID
 des fehlerhaften Prozesses: 0x3c8  Startzeit der fehlerhaften Anwendung: 0x01cd2ce65ed01737
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: uxtuneup.dll  Berichtskennung: 090d0bc0-9c75-11e1-ab83-00238beddeee
 
Error - 12.05.2012 16:59:01 | Computer Name = benkk-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.05.2012 09:00:32 | Computer Name = benkk-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 19.05.2012 04:38:27 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 19.05.2012 04:38:27 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 19.05.2012 04:38:45 | Computer Name = benkk-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 19.05.2012 04:38:53 | Computer Name = benkk-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 22.06.2012 11:04:44 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 22.06.2012 13:17:00 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 22.06.2012 15:46:28 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.06.2012 08:31:42 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.06.2012 09:11:15 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.06.2012 13:29:18 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.06.2012 15:00:11 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 23.06.2012 16:32:09 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 24.06.2012 04:03:08 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 24.06.2012 11:27:16 | Computer Name = benkk-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
[ TuneUp Events ]
Error - 19.09.2010 11:03:19 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 19.09.2010 11:03:20 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 24.09.2010 07:28:57 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 24.09.2010 07:28:58 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 25.12.2011 16:14:15 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 25.12.2011 16:14:15 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 25.12.2011 16:14:15 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 21.05.2012 04:42:39 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 21.05.2012 04:42:39 | Computer Name = benkk-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         
--- --- ---

So ich hoffe es nimmt sich jemand den Thema an,
wenn die Angaben nicht ausreichen sagt Bitte bescheid.

Vielen Dank
benkk

Oh Sorry ,
muss heißen cheapstoff

benkk

Alt 28.06.2012, 12:24   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google meldet Malware sheapstoff.com - Standard

Google meldet Malware sheapstoff.com



Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Antwort

Themen zu Google meldet Malware sheapstoff.com
aufrufe, autorun, avira malware, besitzer, blockiert, dateisystem, desktop, error, excel, fehler, festplatte, firefox, flash player, google, google earth, heuristiks/extra, heuristiks/shuriken, home, install.exe, logfile, malware, malware gefunden, malwaremeldung, microsoft office word, mozilla, office 2007, problem, programm, realtek, registry, richtlinie, rundll, searchqu toolbar, security, software, svchost.exe, usb, usb 3.0, virus, warnung



Ähnliche Themen: Google meldet Malware sheapstoff.com


  1. Malware meldet Infizierungen
    Log-Analyse und Auswertung - 09.11.2015 (9)
  2. Avast meldet Malware
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (14)
  3. Avast meldet Malware!
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (8)
  4. Avira meldet Fund, Malware bestätigt das. Was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.03.2014 (15)
  5. Malware Anti-Malware Scan meldet: pup.optional.opencandy
    Log-Analyse und Auswertung - 06.03.2014 (15)
  6. Secure Banking meldet Malware
    Plagegeister aller Art und deren Bekämpfung - 19.02.2014 (22)
  7. Avast meldet Malware bei Google-Suche
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (13)
  8. Avast meldet URL:Malware in JDownloader
    Log-Analyse und Auswertung - 17.03.2013 (1)
  9. Google Redirect - Malware - Google leitet falsch um
    Plagegeister aller Art und deren Bekämpfung - 26.12.2012 (21)
  10. Avira meldet 6 Malware immer mit /SPY
    Plagegeister aller Art und deren Bekämpfung - 18.03.2012 (1)
  11. AVIRA meldet Malware ClickMe.exe
    Plagegeister aller Art und deren Bekämpfung - 07.03.2011 (4)
  12. Malware, die Google-Suche betrifft und Malware-Entfernungsprogramme blockiert
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (2)
  13. Prevx 3.0 meldet .dll als malware
    Plagegeister aller Art und deren Bekämpfung - 06.05.2010 (4)
  14. Google meldet was muss ich tuhen
    Mülltonne - 10.09.2009 (0)
  15. Google meldet Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 05.12.2008 (3)
  16. Avira meldet Funde (Swizzor,Malware,...)
    Mülltonne - 11.08.2008 (4)
  17. AVAST meldet VBS:Malware gen
    Log-Analyse und Auswertung - 25.01.2008 (0)

Zum Thema Google meldet Malware sheapstoff.com - Hallo, ich habe mich jetzt gerade hier auf dem Board angemeldet, weil ich seit einigen Tagen/ Wochen ein Problem mit gewissen Webseiten/Avira habe, ich danke schon mal allen die sich - Google meldet Malware sheapstoff.com...
Archiv
Du betrachtest: Google meldet Malware sheapstoff.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.