Internet Explorer öffnet sich von selbst mit Werbung (Promi News)

Nanaya · 23.09.2011, 01:26

Hallo miteinander!

Ich habe seit einigen Tagen das Problem, dass sich mein Internet Explorer, ohne mein Zutun mit Werbung öffnet (immer die gleiche Werbung, genannt "Promi News"). Ich benutze den Internet Explorer grundsätzlich nicht, sondern Opera (welcher auch mein Standardbrowser ist).

Sowohl Malwarebytes, der Windows Defender als auch mein Antivirenprogramm (avast) haben nichts Auffälliges beim Scan finden können. Ich hoffe, Ihr könnt mir irgendwie weiterhelfen, da ich wirklich nicht darauf komme, woran das Problem liegen könnte und ich scheine - nach gründlichem googlen - nicht alleine zu sein. Vor allem hat eine Freundin von mir dasselbe Problem, denn ihr Internet Explorer öffnet sich mit der exakt gleichen Werbung, ohne dazu aufgefordert worden zu sein.

Hier das Log file von OldTimer (Tut mir leid, wenn der Beitrag wegen dem file ellenlang wird, ist das erste Mal, dass ich hier etwas poste ^^"):

OTL logfile created on: 23.09.2011 00:49:37 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Thuong\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,87 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 56,45% Memory free
3,98 Gb Paging File | 2,80 Gb Available in Paging File | 70,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,10 Gb Total Space | 68,82 Gb Free Space | 46,47% Space Free | Partition Type: NTFS
Drive D: | 73,07 Gb Total Space | 68,01 Gb Free Space | 93,07% Space Free | Partition Type: NTFS

Computer Name: THUONG-PC | User Name: Thuong | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.09.23 00:30:32 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Thuong\Desktop\OTL.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.06.22 10:25:22 | 002,648,184 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.11.04 16:41:46 | 000,009,728 | ---- | M] (Deutsche Telekom AG) -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009.07.27 04:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2006.11.22 18:31:26 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

========== Modules (No Company Name) ==========

MOD - [2011.08.10 15:58:12 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll
MOD - [2011.08.10 15:57:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll
MOD - [2011.08.10 15:57:41 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll
MOD - [2011.08.10 15:57:22 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011.08.10 15:57:08 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011.08.10 15:56:53 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll
MOD - [2011.08.10 15:56:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll
MOD - [2011.08.10 15:56:41 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011.08.10 15:56:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2011.06.21 15:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011.06.20 15:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011.06.20 13:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011.06.20 13:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011.06.20 13:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011.06.20 13:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011.05.26 11:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011.05.26 11:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
MOD - [2009.03.29 21:42:14 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.29 21:42:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.09.18 11:38:25 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2589.34534__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2007.09.18 11:38:25 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2589.34592__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2007.09.18 11:38:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2589.34570__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2007.09.18 11:38:25 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2589.34591__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2007.09.18 11:38:25 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2589.34555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2007.09.18 11:38:24 | 001,671,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2589.34579__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l
MOD - [2007.09.18 11:38:24 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2589.34821__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2007.09.18 11:38:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2589.34808__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2007.09.18 11:38:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2589.34761__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2007.09.18 11:38:24 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2589.34693__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2007.09.18 11:38:23 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2589.34851__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2007.09.18 11:37:53 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2589.34857__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:53 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2589.34549__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:52 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2589.34776__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:52 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2589.34843__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll
MOD - [2007.09.18 11:37:52 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2589.34781__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2007.09.18 11:37:52 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2589.34773__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2589.34842__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:51 | 000,909,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2589.34815__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:51 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2589.34707__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:51 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2589.34606__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2007.09.18 11:37:51 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2589.34557__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll
MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2589.34795__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2007.09.18 11:37:51 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2589.34748__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:51 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2589.34613__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2007.09.18 11:37:51 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2589.34599__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:51 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2589.34728__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2007.09.18 11:37:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2589.34703__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2589.34727__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2007.09.18 11:37:51 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2589.34612__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2007.09.18 11:37:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2589.34747__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:50 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2589.34698__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2007.09.18 11:37:50 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2589.34694__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:50 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2589.34702__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2007.09.18 11:37:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2007.09.18 11:37:50 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2560.25961__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007.09.18 11:37:49 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2560.25971__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2537.29860__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2007.09.18 11:37:49 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2560.25959__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007.09.18 11:37:49 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2560.26040__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2560.25964__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2007.09.18 11:37:49 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2560.25973__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2560.25968__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2560.25974__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2560.26001__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2560.26002__90ba9c70f846762e\DEM.OS.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2560.25997__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2531.19989__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2007.09.18 11:37:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2560.26001__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2007.09.18 11:37:48 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2560.25986__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2560.26001__90ba9c70f846762e\APM.Foundation.dll
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2560.25960__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2007.09.18 11:37:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2531.19989__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2007.09.18 11:37:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2007.09.18 11:37:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2560.25970__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2007.09.18 11:37:43 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2589.34827_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2007.09.18 11:37:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2589.34878__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2007.09.18 11:37:42 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2589.34565__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2007.09.18 11:37:42 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2589.34827__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2007.09.18 11:37:42 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2589.34834__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007.09.18 11:37:42 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2589.34833__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007.09.18 11:37:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2560.25980__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2007.09.18 11:37:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2560.25964__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007.09.18 11:37:42 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2560.26010__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2560.25982__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007.09.18 11:37:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2560.25966__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2007.09.18 11:37:41 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2589.34533__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2007.09.18 11:37:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2560.25981__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2007.09.18 11:37:40 | 001,404,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2589.34543__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2007.09.18 11:37:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2560.25970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2007.09.18 11:37:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2560.26004__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.09.18 11:37:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2589.34533__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2007.09.18 11:37:39 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2589.34532__90ba9c70f846762e\AEM.Server.dll
MOD - [2007.09.18 11:37:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.09.18 11:37:39 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2589.34834__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007.02.02 16:01:32 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.01.19 17:23:44 | 000,016,384 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2006.11.22 18:31:30 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2006.11.22 18:31:30 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2006.11.22 18:31:28 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2006.11.22 18:31:28 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2006.11.22 18:31:28 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011.09.22 00:31:43 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.11.04 16:41:46 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2010.05.20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2006.12.08 10:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

========== Driver Services (SafeList) ==========

DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.05.18 20:12:07 | 000,019,192 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.09.16 17:02:33 | 000,035,040 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys -- (TelekomNM3)
DRV - [2010.06.23 10:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.05.20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009.09.05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.10.09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007.02.02 16:09:42 | 002,385,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.22 18:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.07.14 14:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://email.freenet.de/Email/View/Index [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.daemon-search.com/startpage
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Adobe Reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.20 18:10:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.21 13:45:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.09.21 13:45:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thuong\AppData\Roaming\mozilla\Extensions
[2011.09.21 13:45:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011.09.03 08:18:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.03 02:19:44 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.03 02:13:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.03 02:19:44 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.03 02:19:44 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.03 02:19:44 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.03 02:19:44 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.09.20 18:33:59 | 000,000,761 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_Plugin.exe (Adobe Systems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Reg Error: Key error. (Java Plug-in 1.4.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFFF449A-ED19-4D5E-BC7C-0CCC77B87282}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3BB9DE0-2AD6-4225-9C24-D26B30D33C84}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Thuong\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Thuong\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5e029d02-7958-11e0-94d1-00030d75589e}\Shell - "" = AutoRun
O33 - MountPoints2\{5e029d02-7958-11e0-94d1-00030d75589e}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: ccc-core-static - msiexec /fums {C61E8F12-31F1-C2E6-DC0C-505CBF2BEE57} /qb

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.09.23 00:30:29 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Thuong\Desktop\OTL.exe
[2011.09.22 22:39:56 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Thuong\Desktop\HiJackThis204.exe
[2011.09.22 16:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series
[2011.09.22 16:39:02 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2011.09.22 16:37:23 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011.09.22 16:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series Benutzerregistrierung
[2011.09.22 12:44:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011.09.21 19:02:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2011.09.21 13:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011.09.20 19:06:25 | 000,000,000 | ---D | C] -- C:\Users\Thuong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011.09.20 18:46:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.09.19 22:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.09.19 22:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.09.19 17:50:14 | 000,000,000 | ---D | C] -- C:\Users\Thuong\AppData\Roaming\Malwarebytes
[2011.09.19 17:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.09.19 17:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.19 17:49:58 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.18 20:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.09.18 20:04:04 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.09.18 20:04:04 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.09.18 20:03:58 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.09.18 20:03:57 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.09.18 20:03:54 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011.09.18 20:03:53 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.09.18 20:03:26 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.09.18 20:03:25 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.09.18 20:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.09.18 12:30:46 | 000,000,000 | ---D | C] -- C:\Users\Thuong\AppData\Roaming\VSRevoGroup
[2011.09.18 00:31:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.09.17 16:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.09.17 16:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.09.17 12:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011.09.02 16:22:05 | 000,000,000 | ---D | C] -- C:\Users\Thuong\AppData\Local\Cisco
[2011.09.02 16:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2011.09.02 16:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2011.09.02 16:20:21 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011.09.02 03:03:17 | 000,000,000 | ---D | C] -- C:\Users\Thuong\Documents\Pokemon-Online Logs
[2011.09.01 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Thuong\AppData\Roaming\Pokemon Online
[2010.04.17 14:10:56 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

========== Files - Modified Within 30 Days ==========

[2011.09.23 00:34:45 | 001,110,476 | ---- | M] () -- C:\Users\Thuong\Desktop\7z920.exe
[2011.09.23 00:32:34 | 000,302,592 | ---- | M] () -- C:\Users\Thuong\Desktop\1nr5rvgh.exe
[2011.09.23 00:30:32 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Thuong\Desktop\OTL.exe
[2011.09.23 00:22:09 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.23 00:22:09 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.22 22:39:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Thuong\Desktop\HiJackThis204.exe
[2011.09.22 22:24:34 | 000,146,822 | ---- | M] () -- C:\Users\Thuong\Desktop\Unbenannt.jpg
[2011.09.22 19:40:35 | 000,630,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.22 19:40:35 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.22 19:40:35 | 000,127,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.22 19:40:35 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.22 16:40:43 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
[2011.09.22 16:22:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.22 16:19:18 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP550 series Benutzerregistrierung.LNK
[2011.09.21 18:11:25 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2011.09.21 18:11:10 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2011.09.21 18:09:44 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011.09.21 18:09:22 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP550 series Online-Handbuch.lnk
[2011.09.21 13:45:43 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.20 19:06:25 | 000,000,561 | ---- | M] () -- C:\Users\Thuong\Desktop\Revo Uninstaller.lnk
[2011.09.20 18:33:59 | 000,000,761 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.09.20 18:33:17 | 000,000,761 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110920-183359.backup
[2011.09.19 22:12:41 | 000,000,717 | ---- | M] () -- C:\Users\Thuong\Desktop\Spybot - Search & Destroy.lnk
[2011.09.19 17:50:03 | 000,000,574 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.18 20:04:05 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.09.18 20:03:53 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.09.18 19:54:49 | 000,002,153 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.09.18 19:43:46 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.09.18 19:43:46 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.09.18 19:43:29 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.09.18 02:33:28 | 000,061,952 | ---- | M] () -- C:\Users\Thuong\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.16 19:00:08 | 000,441,634 | ---- | M] () -- C:\Users\Thuong\Desktop\47e05cc9df7d8a85855fb5bcb4203751-d49fhb3.jpg
[2011.09.16 14:05:58 | 000,412,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.10 14:38:50 | 000,000,680 | ---- | M] () -- C:\Users\Thuong\AppData\Local\d3d9caps.dat
[2011.09.08 02:12:03 | 000,328,327 | ---- | M] () -- C:\Users\Thuong\Desktop\mac-nt4.pdf
[2011.09.06 22:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.09.06 22:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.09.04 15:20:44 | 000,013,891 | ---- | M] () -- C:\Users\Thuong\Desktop\http___univis.uni-erlangen 3.pdf
[2011.09.03 16:27:00 | 000,842,054 | ---- | M] () -- C:\Users\Thuong\Desktop\HaWo-Netzwerk-Anleitung.de.pdf
[2011.09.01 16:48:42 | 001,780,838 | ---- | M] () -- C:\Users\Thuong\Desktop\6000001612_F_174_nichtdtsch_Antragsteller.pdf
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.26 23:22:50 | 000,327,703 | ---- | M] () -- C:\Users\Thuong\Desktop\1314393524529 KFW antrag.pdf

========== Files Created - No Company Name ==========

[2011.09.23 00:34:45 | 001,110,476 | ---- | C] () -- C:\Users\Thuong\Desktop\7z920.exe
[2011.09.23 00:32:34 | 000,302,592 | ---- | C] () -- C:\Users\Thuong\Desktop\1nr5rvgh.exe
[2011.09.22 22:24:34 | 000,146,822 | ---- | C] () -- C:\Users\Thuong\Desktop\Unbenannt.jpg
[2011.09.22 16:40:43 | 000,001,882 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
[2011.09.21 18:12:26 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP550 series Benutzerregistrierung.LNK
[2011.09.21 18:11:25 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2011.09.21 18:11:10 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2011.09.21 18:09:22 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP550 series Online-Handbuch.lnk
[2011.09.21 13:45:43 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.19 22:12:41 | 000,000,717 | ---- | C] () -- C:\Users\Thuong\Desktop\Spybot - Search & Destroy.lnk
[2011.09.19 17:50:03 | 000,000,574 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.18 20:04:05 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.09.18 19:43:29 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.09.18 00:33:51 | 000,002,153 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.09.16 19:00:08 | 000,441,634 | ---- | C] () -- C:\Users\Thuong\Desktop\47e05cc9df7d8a85855fb5bcb4203751-d49fhb3.jpg
[2011.09.08 02:12:03 | 000,328,327 | ---- | C] () -- C:\Users\Thuong\Desktop\mac-nt4.pdf
[2011.09.04 15:20:44 | 000,013,891 | ---- | C] () -- C:\Users\Thuong\Desktop\http___univis.uni-erlangen 3.pdf
[2011.09.03 16:27:00 | 000,842,054 | ---- | C] () -- C:\Users\Thuong\Desktop\HaWo-Netzwerk-Anleitung.de.pdf
[2011.08.26 23:26:40 | 001,780,838 | ---- | C] () -- C:\Users\Thuong\Desktop\6000001612_F_174_nichtdtsch_Antragsteller.pdf
[2011.08.26 23:22:50 | 000,327,703 | ---- | C] () -- C:\Users\Thuong\Desktop\1314393524529 KFW antrag.pdf
[2011.06.21 02:24:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.06.21 02:22:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.06.21 02:22:58 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.06.20 23:06:34 | 000,017,408 | ---- | C] () -- C:\Users\Thuong\AppData\Local\WebpageIcons.db
[2011.03.19 14:46:21 | 000,009,309 | ---- | C] () -- C:\Windows\mozver.dat
[2011.01.23 13:53:31 | 000,000,680 | ---- | C] () -- C:\Users\Thuong\AppData\Local\d3d9caps.dat
[2009.12.09 23:34:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.03 10:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.04.06 14:21:26 | 000,036,557 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008.10.19 12:45:41 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2008.09.27 12:53:53 | 000,103,024 | ---- | C] () -- C:\Windows\Unwise.exe
[2008.02.10 14:25:48 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.23 15:28:33 | 000,031,007 | ---- | C] () -- C:\Users\Thuong\AppData\Roaming\UserTile.png
[2007.12.18 21:39:32 | 000,061,952 | ---- | C] () -- C:\Users\Thuong\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.14 22:07:07 | 000,007,558 | ---- | C] () -- C:\Users\Thuong\AppData\Roaming\wklnhst.dat
[2007.12.14 21:23:15 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2007.12.14 21:12:35 | 000,002,081 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.09.18 20:39:57 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007.09.18 11:34:37 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.09.18 11:34:37 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.09.18 11:34:37 | 000,128,813 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.02 17:33:31 | 000,630,842 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,127,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,412,232 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,598,096 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,105,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll

========== LOP Check ==========

[2010.11.13 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Amazon
[2011.09.22 16:43:17 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Canon
[2011.05.08 19:39:28 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\DAEMON Tools Lite
[2011.09.17 19:05:56 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Desktopicon
[2010.10.25 19:48:33 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.25 18:49:17 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\gtk-2.0
[2011.09.23 00:35:50 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\ICQ
[2011.08.06 15:11:07 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\IObit
[2010.02.06 00:48:43 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\OpenOffice.org
[2011.04.13 19:50:47 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Opera
[2011.09.20 00:02:35 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Pokemon Online
[2011.04.16 13:30:54 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Schnellstart-DVD
[2007.12.14 22:07:08 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\Template
[2011.09.18 12:30:46 | 000,000,000 | ---D | M] -- C:\Users\Thuong\AppData\Roaming\VSRevoGroup
[2011.09.22 16:20:45 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2008.04.03 16:42:37 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.21 02:57:50 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.09.20 19:28:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.12.14 20:58:34 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2007.09.18 11:41:39 | 000,000,000 | R--D | M] -- C:\DRIVER
[2007.12.14 21:05:02 | 000,000,000 | ---D | M] -- C:\FirstSteps
[2007.09.18 11:45:13 | 000,000,000 | ---D | M] -- C:\Google
[2007.09.18 11:41:39 | 000,000,000 | R--D | M] -- C:\MANUAL
[2008.02.10 14:21:17 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2007.09.18 11:51:31 | 000,000,000 | ---D | M] -- C:\MSWorks
[2011.06.21 01:54:53 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.22 16:37:23 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.22 16:26:45 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.23 00:53:51 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2007.09.19 02:11:45 | 000,000,000 | ---D | M] -- C:\tmp
[2011.09.21 13:45:10 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.22 16:39:02 | 000,000,000 | ---D | M] -- C:\Windows
[2007.09.18 10:46:53 | 000,000,000 | ---D | M] -- C:\x86

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >

< MD5 for: EXPLORER.EXE >
[2009.04.07 11:04:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.07 11:04:25 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.07 11:04:24 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.07 11:24:56 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009.04.07 11:24:55 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.07 11:04:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.18 23:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008.01.18 23:33:26 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.18 23:33:26 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[2006.11.02 11:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.18 23:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WININIT.EXE >
[2008.01.18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-20 20:37:47

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BEB15613

< End of report >

Betriebssystem: Windows Vista Home Premium
32-Bit-Betriebssystem

Im Anhang befinden sich das Log file von OldTimer Extras.txt und das Log file von Gmer.

Ich bedanke mich schon mal herzlichst im Voraus und einen schönen Abend/Morgen noch.

LG Nanaya

Internet Explorer öffnet sich von selbst mit Werbung (Promi News)

Plagegeister aller Art und deren Bekämpfung: Internet Explorer öffnet sich von selbst mit Werbung (Promi News)

Internet Explorer öffnet sich von selbst mit Werbung (Promi News)

Ähnliche Themen: Internet Explorer öffnet sich von selbst mit Werbung (Promi News)