Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.01.2010, 14:05   #1
Schlüti
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Hallo, ich habe seit kurzem ein Netbook der Firma Asus mit Windows 7 Starter als OS. Seit kurzem öffnen sich immer mal wieder Werbefenster von Casinos etc. wenn ich nach einer Google-Suche auf ein Suchergebnis klicke. Außerdem habe ich das Problem, dass bei Downloads mit Firefox oder beim Öffnen von Email-Anhängen aus Thunderbird die Dateien immer nur mit 0KB gespeichert werden und damit halt unbrauchbar sind. Dies passiert nur wenn ich Firefox benutze allerdings nicht bei Chrome. Firefox hat auch schon öfter Alarm geschlagen, wenn wieder automatisch ein Werbefenster aufging (This is a reported attack site). Avira hat auch mehrmals angeschlagen, ich habe dann immer auf löschen gedrückt wenn eine Warnung kam. Sonst habe ich noch keine Schritte unternommen außer HijackThis runtergeladen. Hier ist das Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:44:55, on 12.01.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=\\.\globalroot\systemroot\system32\userinit.exe,
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winmov32.rom,QlruNjHzIuq
O4 - HKCU\..\Run: [Antivirus System Tray Tool] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe

--
End of file - 6607 bytes

Schon mal jetzt vielen Dank für eure Hilfe. Ich hoffe ihr könnt mir weiterhelfen. Viele Grüße, Schlüti

Alt 12.01.2010, 14:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Hallo und

Bitte diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! )

Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen!


Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________

__________________

Alt 12.01.2010, 19:32   #3
Schlüti
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Hallo, schon Mal vielen Dank für die Hilfe. Habe versucht die Liste abzuarbeiten. Die ersten beiden Tools haben auch funktioniert, RSIT funktioniert leider nicht. Da kommt immer eine Fehlermeldung (Line -1: Error: Variable used without being declared). Die Fehlermeldung kommt bei dem Schritt "Listing Services and Drivers". Das Problem mit der Werbung besteht weiterhin. Hier das Log von Malwarebytes Antimalware:

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3548
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.01.2010 19:10:43
mbam-log-2010-01-12 (19-10-43).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 210491
Laufzeit: 2 hour(s), 9 minute(s), 21 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\{F9197A7E-CE10-458e-85F8-5B0CE6DF2BBE} (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mssmsgs (Backdoor.Bot) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\temp\prmq.tmp\svchost.exe (Spyware.Passwords) -> Quarantined and deleted successfully.


Vielen Dank für die Hilfe. Ich hoffe es gibt noch weitere Möglichkeiten
__________________

Alt 12.01.2010, 20:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Achja Windows7, ich glaub da funktioniert RSIT nicht
Mach stattdessen: Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.01.2010, 20:59   #5
Schlüti
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Hallo habe den OTL-Scan durchgeführt. Hier das Ergebnis:

OTL.txt:

OTL logfile created on: 1/12/2010 8:46:38 PM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Schlueti\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,015.00 Mb Total Physical Memory | 214.00 Mb Available Physical Memory | 21.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 79.07 Gb Free Space | 79.07% Space Free | Partition Type: NTFS
Drive D: | 122.87 Gb Total Space | 73.52 Gb Free Space | 59.84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SCHLUE
Current User Name: Schlueti
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Schlueti\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Stardock\MyColors\WBVista.exe ()
PRC - C:\Program Files\Stardock\MyColors\VistaSrv.exe (Stardock Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)


========== Modules (SafeList) ==========

MOD - C:\Users\Schlueti\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/rswin_3629.dll ()
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (WindowBlinds) -- C:\Program Files\Stardock\MyColors\VistaSrv.exe (Stardock Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (iaStor) -- C:\windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (AvgTdiX) -- C:\windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (cmdide) -- C:\windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.spiegel.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.5


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/22 07:44:26 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/11 14:25:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/12 15:15:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/14 00:25:44 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/14 00:25:44 | 00,000,000 | ---D | M]

[2009/12/13 23:18:00 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Extensions
[2009/12/13 23:18:00 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/01/11 22:54:32 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions
[2010/01/11 14:26:03 | 00,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/12/16 01:58:51 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/08 15:48:39 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/11 22:54:14 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/01/05 16:02:32 | 00,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/12/27 00:07:31 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\moveplayer@movenetworks.com
[2010/01/11 14:11:46 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\youtube2mp3@mondayx.de
[2010/01/11 14:26:49 | 00,001,250 | ---- | M] () -- C:\Users\Schlueti\AppData\Roaming\Mozilla\FireFox\Profiles\q1bdxqel.default\searchplugins\winamp-search.xml
[2009/12/17 21:38:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/12/21 06:47:02 | 00,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

Hosts file not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Antivirus System Tray Tool] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/12 20:45:24 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Users\Schlueti\Desktop\OTL.exe
[2010/01/12 19:17:32 | 00,000,000 | ---D | C] -- C:\rsit
[2010/01/12 15:45:22 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Malwarebytes
[2010/01/12 15:45:14 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010/01/12 15:45:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/12 15:45:08 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2010/01/12 15:45:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/12 15:23:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/01/12 13:44:20 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/01/11 23:51:05 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\Meine empfangenen Dateien
[2010/01/11 15:26:54 | 00,000,000 | ---D | C] -- C:\DVDVideoSoft
[2010/01/11 14:45:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\DVDVideoSoft
[2010/01/11 14:45:01 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/01/11 14:44:33 | 00,000,000 | ---D | C] -- C:\Program Files\MP3 Converter
[2010/01/11 14:44:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/01/11 14:32:29 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded TV
[2010/01/11 14:32:29 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded Audio
[2010/01/11 14:26:47 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll
[2010/01/11 14:25:31 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/01/11 14:25:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Winamp Toolbar
[2010/01/11 14:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar
[2010/01/11 14:24:44 | 00,000,000 | ---D | C] -- C:\ProgramData\OrbNetworks
[2010/01/11 14:24:34 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Remote
[2010/01/11 14:23:06 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Winamp
[2010/01/11 14:23:06 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp
[2009/12/30 13:41:11 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\OneNote-Notizbücher
[2009/12/30 12:48:37 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/12/29 20:49:17 | 00,000,000 | ---D | C] -- C:\windows\Minidump
[2009/12/24 00:27:13 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\Downloads
[2009/12/23 22:54:05 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Google
[2009/12/21 22:45:35 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/12/21 11:51:34 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2009/12/21 01:50:02 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Sony Ericsson
[2009/12/21 01:50:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2009/12/18 23:50:36 | 00,000,000 | ---D | C] -- C:\windows\temp
[2009/12/18 20:06:33 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\DAEMON Tools Lite
[2009/12/18 20:06:18 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2009/12/18 01:56:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/12/18 01:56:04 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/12/17 22:54:57 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2009/12/17 22:54:56 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
[2009/12/17 22:54:56 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2009/12/17 22:54:56 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2009/12/17 22:54:54 | 00,000,000 | ---D | C] -- C:\windows\System32\drivers\Avg
[2009/12/17 22:54:34 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/12/17 22:54:33 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/12/17 21:34:16 | 00,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2009/12/17 12:46:24 | 00,030,536 | ---- | C] (TuneUp Software) -- C:\windows\System32\TURegOpt.exe
[2009/12/17 12:46:24 | 00,030,024 | ---- | C] (TuneUp Software) -- C:\windows\System32\uxtuneup.dll
[2009/12/17 12:46:24 | 00,021,320 | ---- | C] (TuneUp Software) -- C:\windows\System32\authuitu.dll
[2009/12/17 12:45:55 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\TuneUp Software
[2009/12/17 12:45:41 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2009/12/17 12:44:28 | 00,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2009/12/17 12:44:17 | 00,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/12/16 23:41:53 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\IrfanView
[2009/12/16 23:41:52 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2009/12/16 15:26:28 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\ICQ
[2009/12/16 15:20:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\ICQ
[2009/12/16 15:18:59 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2009/12/16 02:08:30 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Yahoo
[2009/12/16 01:58:30 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Yahoo!
[2009/12/16 01:57:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2009/12/16 01:34:09 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll
[2009/12/16 01:34:09 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2009/12/16 01:34:08 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2009/12/16 01:34:08 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2009/12/16 01:33:19 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/12/15 23:43:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\skypePM
[2009/12/15 23:41:52 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Skype
[2009/12/15 23:20:33 | 00,054,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\fssfltr.sys
[2009/12/15 23:11:27 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2009/12/15 23:10:54 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Library
[2009/12/15 23:10:54 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\com.adobe.ExMan
[2009/12/15 23:04:36 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Tracing
[2009/12/15 01:56:46 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2009/12/15 01:45:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/12/14 19:44:30 | 00,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2009/12/14 19:44:26 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[2009/12/14 02:40:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2009/12/14 01:16:49 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\dvdcss
[2009/12/14 01:16:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\vlc
[2009/12/14 01:12:42 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/12/14 01:10:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2009/12/14 00:44:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trillian
[2009/12/14 00:25:33 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\windows\System32\pncrt.dll
[2009/12/14 00:25:33 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\rmoc3260.dll
[2009/12/14 00:25:33 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\pndx5016.dll
[2009/12/14 00:25:33 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\pndx5032.dll
[2009/12/14 00:25:21 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm
[2009/12/14 00:25:20 | 00,118,784 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm
[2009/12/14 00:25:19 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll
[2009/12/14 00:25:16 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\windows\System32\dpl100.dll
[2009/12/14 00:25:07 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcp71.dll
[2009/12/14 00:25:07 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcr71.dll
[2009/12/14 00:25:03 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/12/14 00:19:51 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\DivX
[2009/12/13 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009/12/13 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/12/13 23:17:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Thunderbird
[2009/12/13 23:17:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Thunderbird
[2009/12/13 23:12:00 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2009/12/13 23:12:00 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2009/12/13 23:11:59 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2009/12/13 23:11:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/12/13 23:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/12/13 22:53:27 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Mozilla
[2009/12/13 22:53:27 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Mozilla
[2009/12/13 22:51:26 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/12/13 22:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2009/12/13 22:46:43 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2009/12/13 22:46:33 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertEnroll.dll
[2009/12/13 22:46:32 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2009/12/13 22:46:31 | 00,507,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winload.exe
[2009/12/13 22:46:30 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\t2embed.dll
[2009/12/13 22:46:30 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll
[2009/12/13 22:46:29 | 00,442,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winresume.exe
[2009/12/13 22:46:29 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2009/12/13 22:46:27 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2009/08/19 21:30:53 | 00,035,624 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2009/08/14 10:00:08 | 00,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2010/01/12 20:54:03 | 00,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/12 20:52:04 | 01,835,008 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat
[2010/01/12 20:45:30 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\Schlueti\Desktop\OTL.exe
[2010/01/12 20:41:52 | 00,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/01/12 19:59:02 | 00,001,130 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000UA.job
[2010/01/12 19:45:47 | 00,002,022 | ---- | M] () -- C:\Users\Schlueti\Desktop\Trillian.lnk
[2010/01/12 19:26:55 | 00,781,909 | ---- | M] () -- C:\Users\Schlueti\Desktop\RSIT.exe
[2010/01/12 19:19:50 | 00,013,808 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/12 19:19:50 | 00,013,808 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/12 19:12:39 | 00,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/12 19:12:21 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/01/12 19:11:55 | 79,841,6896 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/12 19:11:07 | 01,948,629 | -H-- | M] () -- C:\Users\Schlueti\AppData\Local\IconCache.db
[2010/01/12 15:45:18 | 00,000,979 | ---- | M] () -- C:\Users\Public\Desktop\MalwarebytesAnti-Malware.lnk
[2010/01/12 15:23:54 | 00,001,831 | ---- | M] () -- C:\Users\Schlueti\Desktop\CCleaner.lnk
[2010/01/12 15:15:37 | 00,001,100 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/12 15:02:25 | 00,643,866 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2010/01/12 15:02:25 | 00,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010/01/12 15:02:25 | 00,126,394 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2010/01/12 15:02:25 | 00,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010/01/12 15:02:24 | 01,472,002 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010/01/12 13:44:23 | 00,002,039 | ---- | M] () -- C:\Users\Schlueti\Desktop\HijackThis.lnk
[2010/01/12 10:54:16 | 00,000,686 | ---- | M] () -- C:\Users\Schlueti\Desktop\Meine Dateien.lnk
[2010/01/12 10:54:10 | 00,000,642 | ---- | M] () -- C:\Users\Schlueti\Desktop\Studium.lnk
[2010/01/11 22:59:01 | 00,001,078 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000Core.job
[2010/01/11 15:26:25 | 00,001,564 | ---- | M] () -- C:\Users\Schlueti\Desktop\Youtube-MP3.lnk
[2010/01/11 14:26:57 | 00,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2009/12/30 12:51:20 | 00,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/12/28 20:26:53 | 00,001,908 | ---- | M] () -- C:\windows\diagwrn.xml
[2009/12/28 20:26:53 | 00,001,908 | ---- | M] () -- C:\windows\diagerr.xml
[2009/12/23 22:55:19 | 00,002,228 | ---- | M] () -- C:\Users\Schlueti\Desktop\Google Chrome.lnk
[2009/12/22 03:21:32 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/22 03:21:32 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/22 03:21:32 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TM.blf
[2009/12/21 22:50:38 | 00,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2009/12/20 15:45:00 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/20 15:45:00 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/20 15:45:00 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TM.blf
[2009/12/19 00:24:45 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/19 00:24:45 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/19 00:24:45 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TM.blf
[2009/12/18 04:23:02 | 00,330,264 | ---- | M] (Intel Corporation) -- C:\windows\System32\drivers\iaStor.sys
[2009/12/18 01:56:47 | 00,001,216 | ---- | M] () -- C:\Users\Schlueti\Desktop\Spybot - Search & Destroy.lnk
[2009/12/17 22:56:57 | 46,760,661 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2009/12/17 22:56:15 | 00,127,261 | ---- | M] () -- C:\windows\System32\drivers\Avg\microavi.avg
[2009/12/17 22:54:58 | 00,113,461 | ---- | M] () -- C:\windows\System32\drivers\Avg\iavichjw.avm
[2009/12/17 22:54:58 | 00,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk
[2009/12/17 22:54:57 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2009/12/17 22:54:56 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
[2009/12/17 22:54:56 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2009/12/17 22:54:56 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2009/12/17 22:54:55 | 06,061,540 | ---- | M] () -- C:\windows\System32\drivers\Avg\avi7.avg
[2009/12/17 22:54:55 | 00,492,629 | ---- | M] () -- C:\windows\System32\drivers\Avg\miniavi.avg
[2009/12/17 21:38:43 | 00,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/12/16 23:42:00 | 00,000,972 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2009/12/16 22:21:08 | 02,262,496 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2009/12/16 04:03:47 | 00,079,136 | ---- | M] () -- C:\Users\Schlueti\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/16 03:10:03 | 00,000,478 | ---- | M] () -- C:\windows\win.ini
[2009/12/16 01:33:26 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2009/12/16 01:33:25 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2009/12/16 01:33:25 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2009/12/16 01:33:24 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll
[2009/12/15 02:02:15 | 00,001,095 | ---- | M] () -- C:\Users\Schlueti\Desktop\Photoshop.lnk
[2009/12/14 23:13:11 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2009/12/14 20:14:51 | 00,001,933 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2009/12/14 01:13:16 | 00,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2009/12/13 23:32:23 | 00,004,608 | ---- | M] () -- C:\Users\Schlueti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/13 23:12:09 | 00,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2009/12/13 22:52:56 | 00,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

========== Files Created - No Company Name ==========

[2010/01/12 19:26:40 | 00,781,909 | ---- | C] () -- C:\Users\Schlueti\Desktop\RSIT.exe
[2010/01/12 15:45:18 | 00,000,979 | ---- | C] () -- C:\Users\Public\Desktop\MalwarebytesAnti-Malware.lnk
[2010/01/12 15:23:54 | 00,001,831 | ---- | C] () -- C:\Users\Schlueti\Desktop\CCleaner.lnk
[2010/01/12 15:15:37 | 00,001,100 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010/01/12 13:44:23 | 00,002,039 | ---- | C] () -- C:\Users\Schlueti\Desktop\HijackThis.lnk
[2010/01/12 10:54:16 | 00,000,686 | ---- | C] () -- C:\Users\Schlueti\Desktop\Meine Dateien.lnk
[2010/01/12 10:54:10 | 00,000,642 | ---- | C] () -- C:\Users\Schlueti\Desktop\Studium.lnk
[2010/01/11 15:26:25 | 00,001,564 | ---- | C] () -- C:\Users\Schlueti\Desktop\Youtube-MP3.lnk
[2010/01/11 14:26:57 | 00,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2009/12/30 12:51:19 | 00,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/12/30 12:49:02 | 00,001,100 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/30 12:49:01 | 00,001,096 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/28 20:08:14 | 00,001,908 | ---- | C] () -- C:\windows\diagwrn.xml
[2009/12/28 20:08:14 | 00,001,908 | ---- | C] () -- C:\windows\diagerr.xml
[2009/12/23 22:55:19 | 00,002,228 | ---- | C] () -- C:\Users\Schlueti\Desktop\Google Chrome.lnk
[2009/12/23 22:54:13 | 00,001,130 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000UA.job
[2009/12/23 22:54:13 | 00,001,078 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000Core.job
[2009/12/21 22:50:38 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/21 22:46:00 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/21 22:46:00 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/21 22:46:00 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TM.blf
[2009/12/19 01:01:49 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/19 01:01:49 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/19 01:01:49 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TM.blf
[2009/12/18 23:51:12 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms
[2009/12/18 23:51:12 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms
[2009/12/18 23:51:12 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TM.blf
[2009/12/18 01:56:47 | 00,001,216 | ---- | C] () -- C:\Users\Schlueti\Desktop\Spybot - Search & Destroy.lnk
[2009/12/17 22:54:58 | 00,113,461 | ---- | C] () -- C:\windows\System32\drivers\Avg\iavichjw.avm
[2009/12/17 22:54:58 | 00,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG.lnk
[2009/12/17 22:54:55 | 46,760,661 | ---- | C] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2009/12/17 22:54:55 | 00,492,629 | ---- | C] () -- C:\windows\System32\drivers\Avg\miniavi.avg
[2009/12/17 22:54:55 | 00,127,261 | ---- | C] () -- C:\windows\System32\drivers\Avg\microavi.avg
[2009/12/17 22:54:54 | 06,061,540 | ---- | C] () -- C:\windows\System32\drivers\Avg\avi7.avg
[2009/12/17 21:38:43 | 00,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/12/16 23:42:00 | 00,000,972 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2009/12/15 02:02:15 | 00,001,095 | ---- | C] () -- C:\Users\Schlueti\Desktop\Photoshop.lnk
[2009/12/14 20:14:51 | 00,001,933 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2009/12/14 01:13:15 | 00,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2009/12/14 00:44:58 | 00,002,022 | ---- | C] () -- C:\Users\Schlueti\Desktop\Trillian.lnk
[2009/12/14 00:25:28 | 00,178,176 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/12/14 00:25:25 | 00,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009/12/14 00:25:22 | 00,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml
[2009/12/14 00:25:18 | 00,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009/12/14 00:25:17 | 00,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009/12/14 00:25:11 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2009/12/14 00:25:10 | 00,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009/12/13 23:32:21 | 00,004,608 | ---- | C] () -- C:\Users\Schlueti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/13 23:12:09 | 00,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2009/12/13 22:52:56 | 00,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2009/08/20 05:42:43 | 00,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2009/07/14 00:51:43 | 00,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 00,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/09 09:55:58 | 00,057,904 | ---- | C] () -- C:\windows\System32\wbload.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMPFC5A2B2
< End of report >


Alt 12.01.2010, 21:01   #6
Schlüti
 
Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Standard

Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links



Und hier die zweite Log. Hat nicht in einen Thread gepasst.

Extras.txt:

OTL Extras logfile created on: 1/12/2010 8:46:38 PM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Schlueti\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,015.00 Mb Total Physical Memory | 214.00 Mb Available Physical Memory | 21.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 79.07 Gb Free Space | 79.07% Space Free | Partition Type: NTFS
Drive D: | 122.87 Gb Total Space | 73.52 Gb Free Space | 59.84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SCHLUE
Current User Name: Schlueti
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E741D13-BD2A-45EB-8342-7127233E5DAC}" = LocaleMe
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2007
"{90120000-0017-0410-0000-0000000FF1CE}_OMUI.it-it_{342281AF-B7FE-4999-BE64-29F7D6249970}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0413-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Dutch) 2007
"{90120000-0017-0413-0000-0000000FF1CE}_OMUI.nl-nl_{2E9BD56A-2290-46DA-869F-2EDCF0A24E8B}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.it-it_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.nl-nl_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.it-it_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.nl-nl_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.it-it_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.nl-nl_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.it-it_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.nl-nl_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_OMUI.it-it_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_OMUI.nl-nl_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2007
"{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0413-0000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2007
"{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2007
"{90120000-0101-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0413-0000-0000000FF1CE}" = Microsoft Office X MUI (Dutch) 2007
"{90120000-0101-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C04E7C11-A3DA-480B-9018-F292E04CA26A}" = FontResizer
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"ASUS VIBE" = ASUS VIBE
"AVG9Uninstall" = AVG Free 9.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Mozilla Thunderbird (3.0)" = Mozilla Thunderbird (3.0)
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"OMUI.it-it" = Microsoft Office Language Pack 2007 - Italian/Italiano
"OMUI.nl-nl" = Microsoft Office Language Pack 2007 - Dutch/Nederlands
"Orb" = Winamp Remote
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trillian" = Trillian
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Anwendungserkennung

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/21/2009 5:56:34 PM | Computer Name = Schlue | Source = Windows Backup | ID = 4103
Description =

Error - 12/21/2009 6:18:53 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: f24 Startzeit: 01ca82891aa79f62 Endzeit: 63 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: cc51f34d-ee7e-11de-9667-90e6ba6a45e9


Error - 12/21/2009 7:54:04 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.1.3593 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d54 Startzeit:
01ca828833aa1764 Endzeit: 55991 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
f3b1d557-ee8b-11de-9667-90e6ba6a45e9

Error - 12/21/2009 7:57:16 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.1.3593 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f4c Startzeit:
01ca829901b640e7 Endzeit: 16225 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
811fd29b-ee8c-11de-9667-90e6ba6a45e9

Error - 12/21/2009 8:05:51 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 62c Startzeit: 01ca829a022c2c0c Endzeit: 46 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 50871b99-ee8d-11de-9667-90e6ba6a45e9


Error - 12/21/2009 10:21:13 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: d54 Startzeit: 01ca82ad43de15e2 Endzeit: 20 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: a78d9f78-eea0-11de-9667-90e6ba6a45e9


Error - 12/22/2009 12:11:38 AM | Computer Name = Schlue | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.

Error - 12/22/2009 12:16:20 AM | Computer Name = Schlue | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
- search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.

Error - 12/22/2009 9:51:52 AM | Computer Name = Schlue | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: d08 Startzeit: 01ca830dd780f4b6 Endzeit: 82 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 22160a13-ef01-11de-96c0-90e6ba6a45e9


Error - 12/25/2009 5:59:09 AM | Computer Name = Schlue | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 1/5/2010 9:39:24 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001
Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 1/5/2010 12:43:10 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.

Error - 1/6/2010 4:26:36 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024
Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-536805315.

Error - 1/6/2010 4:26:36 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001
Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 1/6/2010 9:04:01 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024
Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-536805315.

Error - 1/6/2010 9:04:01 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001
Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 1/7/2010 5:17:02 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024
Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-536805315.

Error - 1/7/2010 5:17:06 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001
Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066

Error - 1/7/2010 7:45:32 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024
Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-536805315.

Error - 1/7/2010 7:45:33 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001
Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066


< End of report >

Antwort

Themen zu Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links
antivir, antivir guard, antivirus, antivirus system, avg, avg free, avira, bho, desktop, e-mail, excel, firefox, gupdate, hijack, hijackthis, hängen, internet, internet explorer, logfile, mozilla, problem, programdata, rundll, selbstsändig, software, system, toolbars, userinit.exe, warnung, werbefenster, werbung, windows, windows 7 starter



Ähnliche Themen: Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links


  1. Beim klicken auf Links öffnet sich ein neuer Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.09.2015 (10)
  2. Beim klicken auf Links öffnet sich ein neuer Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (19)
  3. Windows 8.1 64-bit GoogleChrome-Nutzer: Nach klicken auf beliebigen Link öffnet Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 12.08.2015 (27)
  4. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  5. Firefox öffnet bei klicken Werbung & und Programm "lomrdjhy" im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 12.04.2015 (3)
  6. Mozilla öffnet Fenster und Werbung troz blocker
    Plagegeister aller Art und deren Bekämpfung - 31.07.2014 (5)
  7. Mozilla Firefox öffnet bei Klick auf Links Werbefenster
    Log-Analyse und Auswertung - 26.05.2014 (7)
  8. Chrome plötzlich voll mit pop up werbung und es öffnen sich beim Klicken auf Links falsche Seiten mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (3)
  9. Win 7: Google Chrome/Mozilla firefox lässt vermehrt Werbung auf Webseiten zu & Google Suchergebnisse scheinen manipuliert zu sein
    Log-Analyse und Auswertung - 29.04.2014 (8)
  10. Werbung unten links im Mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 01.02.2014 (15)
  11. Mozilla Firefox: überall Werbung, unterstrichene Wörter mit Links, Weiterleitung zu Links
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (11)
  12. Google Links führen zu Werbung.
    Log-Analyse und Auswertung - 05.11.2012 (11)
  13. Mozilla etc I-net Browser öffnet Werbung nach Google - klick
    Log-Analyse und Auswertung - 05.06.2011 (17)
  14. Firefox Öffnet in Google falsche Links und öffnet spontan Websites in neuem Tab
    Plagegeister aller Art und deren Bekämpfung - 28.11.2010 (5)
  15. Firefox öffnet Werbung bei Links, IE öffnet selbstständig Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (1)
  16. Google Links falsch verlinkt -> Werbung
    Plagegeister aller Art und deren Bekämpfung - 07.08.2009 (4)
  17. Werbung öffnet sich ständig bei Mozilla!
    Log-Analyse und Auswertung - 11.11.2008 (0)

Zum Thema Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links - Hallo, ich habe seit kurzem ein Netbook der Firma Asus mit Windows 7 Starter als OS. Seit kurzem öffnen sich immer mal wieder Werbefenster von Casinos etc. wenn ich nach - Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links...
Archiv
Du betrachtest: Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.