| |
| |||||||
Log-Analyse und Auswertung: Mozilla öffnet selbstsändig Werbung nach klicken von Google-LinksWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.01.2010, 14:05
| #1 |
| |  Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Hallo, ich habe seit kurzem ein Netbook der Firma Asus mit Windows 7 Starter als OS. Seit kurzem öffnen sich immer mal wieder Werbefenster von Casinos etc. wenn ich nach einer Google-Suche auf ein Suchergebnis klicke. Außerdem habe ich das Problem, dass bei Downloads mit Firefox oder beim Öffnen von Email-Anhängen aus Thunderbird die Dateien immer nur mit 0KB gespeichert werden und damit halt unbrauchbar sind. Dies passiert nur wenn ich Firefox benutze allerdings nicht bei Chrome. Firefox hat auch schon öfter Alarm geschlagen, wenn wieder automatisch ein Werbefenster aufging (This is a reported attack site). Avira hat auch mehrmals angeschlagen, ich habe dann immer auf löschen gedrückt wenn eine Warnung kam. Sonst habe ich noch keine Schritte unternommen außer HijackThis runtergeladen. Hier ist das Logfile: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:44:55, on 12.01.2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\windows\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Trillian\trillian.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=\\.\globalroot\systemroot\system32\userinit.exe, O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe winmov32.rom,QlruNjHzIuq O4 - HKCU\..\Run: [Antivirus System Tray Tool] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe -- End of file - 6607 bytes Schon mal jetzt vielen Dank für eure Hilfe. Ich hoffe ihr könnt mir weiterhelfen. Viele Grüße, Schlüti |
|
12.01.2010, 14:15
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Hallo und
__________________ Bitte diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! ) Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen! Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________ |
|
12.01.2010, 19:32
| #3 |
| | Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Hallo, schon Mal vielen Dank für die Hilfe. Habe versucht die Liste abzuarbeiten. Die ersten beiden Tools haben auch funktioniert, RSIT funktioniert leider nicht. Da kommt immer eine Fehlermeldung (Line -1: Error: Variable used without being declared). Die Fehlermeldung kommt bei dem Schritt "Listing Services and Drivers". Das Problem mit der Werbung besteht weiterhin. Hier das Log von Malwarebytes Antimalware:
__________________Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3548 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12.01.2010 19:10:43 mbam-log-2010-01-12 (19-10-43).txt Scan-Methode: Vollständiger Scan (C:\|D:\|) Durchsuchte Objekte: 210491 Laufzeit: 2 hour(s), 9 minute(s), 21 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\{F9197A7E-CE10-458e-85F8-5B0CE6DF2BBE} (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mssmsgs (Backdoor.Bot) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Windows\temp\prmq.tmp\svchost.exe (Spyware.Passwords) -> Quarantined and deleted successfully. Vielen Dank für die Hilfe. Ich hoffe es gibt noch weitere Möglichkeiten |
|
12.01.2010, 20:17
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Achja Windows7, ich glaub da funktioniert RSIT nicht  Mach stattdessen: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.01.2010, 20:59
| #5 |
| | Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Hallo habe den OTL-Scan durchgeführt. Hier das Ergebnis: OTL.txt: OTL logfile created on: 1/12/2010 8:46:38 PM - Run 1 OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Schlueti\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,015.00 Mb Total Physical Memory | 214.00 Mb Available Physical Memory | 21.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100.00 Gb Total Space | 79.07 Gb Free Space | 79.07% Space Free | Partition Type: NTFS Drive D: | 122.87 Gb Total Space | 73.52 Gb Free Space | 59.84% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SCHLUE Current User Name: Schlueti Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Schlueti\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Users\Schlueti\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging) PRC - C:\Program Files\Trillian\trillian.exe (Cerulean Studios) PRC - C:\Windows\System32\AsusService.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Stardock\MyColors\WBVista.exe () PRC - C:\Program Files\Stardock\MyColors\VistaSrv.exe (Stardock Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) ========== Modules (SafeList) ========== MOD - C:\Users\Schlueti\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/rswin_3629.dll () SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (AsusService) -- C:\Windows\System32\AsusService.exe () SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (WindowBlinds) -- C:\Program Files\Stardock\MyColors\VistaSrv.exe (Stardock Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (iaStor) -- C:\windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (AvgTdiX) -- C:\windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (cmdide) -- C:\windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (KSecPkg) -- C:\windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (LSI_SCSI) -- C:\windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vhdmp) -- C:\windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.spiegel.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2 FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.5 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/22 07:44:26 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/11 14:25:31 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/12 15:15:31 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/14 00:25:44 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/14 00:25:44 | 00,000,000 | ---D | M] [2009/12/13 23:18:00 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Extensions [2009/12/13 23:18:00 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/01/11 22:54:32 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions [2010/01/11 14:26:03 | 00,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2009/12/16 01:58:51 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010/01/08 15:48:39 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/01/11 22:54:14 | 00,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010/01/05 16:02:32 | 00,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/12/27 00:07:31 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\moveplayer@movenetworks.com [2010/01/11 14:11:46 | 00,000,000 | ---D | M] -- C:\Users\Schlueti\AppData\Roaming\mozilla\Firefox\Profiles\q1bdxqel.default\extensions\youtube2mp3@mondayx.de [2010/01/11 14:26:49 | 00,001,250 | ---- | M] () -- C:\Users\Schlueti\AppData\Roaming\Mozilla\FireFox\Profiles\q1bdxqel.default\searchplugins\winamp-search.xml [2009/12/17 21:38:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009/12/21 06:47:02 | 00,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll Hosts file not found O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [Antivirus System Tray Tool] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1 O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/01/12 20:45:24 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Users\Schlueti\Desktop\OTL.exe [2010/01/12 19:17:32 | 00,000,000 | ---D | C] -- C:\rsit [2010/01/12 15:45:22 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Malwarebytes [2010/01/12 15:45:14 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2010/01/12 15:45:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/01/12 15:45:08 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2010/01/12 15:45:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/01/12 15:23:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/01/12 13:44:20 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/01/11 23:51:05 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\Meine empfangenen Dateien [2010/01/11 15:26:54 | 00,000,000 | ---D | C] -- C:\DVDVideoSoft [2010/01/11 14:45:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\DVDVideoSoft [2010/01/11 14:45:01 | 00,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2010/01/11 14:44:33 | 00,000,000 | ---D | C] -- C:\Program Files\MP3 Converter [2010/01/11 14:44:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2010/01/11 14:32:29 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded TV [2010/01/11 14:32:29 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded Audio [2010/01/11 14:26:47 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll [2010/01/11 14:25:31 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010/01/11 14:25:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Winamp Toolbar [2010/01/11 14:25:21 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar [2010/01/11 14:24:44 | 00,000,000 | ---D | C] -- C:\ProgramData\OrbNetworks [2010/01/11 14:24:34 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp Remote [2010/01/11 14:23:06 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Winamp [2010/01/11 14:23:06 | 00,000,000 | ---D | C] -- C:\Program Files\Winamp [2009/12/30 13:41:11 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\OneNote-Notizbücher [2009/12/30 12:48:37 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/12/29 20:49:17 | 00,000,000 | ---D | C] -- C:\windows\Minidump [2009/12/24 00:27:13 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\Downloads [2009/12/23 22:54:05 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Google [2009/12/21 22:45:35 | 00,000,000 | -H-D | C] -- C:\$AVG [2009/12/21 11:51:34 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson [2009/12/21 01:50:02 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Sony Ericsson [2009/12/21 01:50:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2009/12/18 23:50:36 | 00,000,000 | ---D | C] -- C:\windows\temp [2009/12/18 20:06:33 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\DAEMON Tools Lite [2009/12/18 20:06:18 | 00,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2009/12/18 01:56:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2009/12/18 01:56:04 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2009/12/17 22:54:57 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll [2009/12/17 22:54:56 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys [2009/12/17 22:54:56 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys [2009/12/17 22:54:56 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys [2009/12/17 22:54:54 | 00,000,000 | ---D | C] -- C:\windows\System32\drivers\Avg [2009/12/17 22:54:34 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/12/17 22:54:33 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9 [2009/12/17 21:34:16 | 00,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2009/12/17 12:46:24 | 00,030,536 | ---- | C] (TuneUp Software) -- C:\windows\System32\TURegOpt.exe [2009/12/17 12:46:24 | 00,030,024 | ---- | C] (TuneUp Software) -- C:\windows\System32\uxtuneup.dll [2009/12/17 12:46:24 | 00,021,320 | ---- | C] (TuneUp Software) -- C:\windows\System32\authuitu.dll [2009/12/17 12:45:55 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\TuneUp Software [2009/12/17 12:45:41 | 00,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2009/12/17 12:44:28 | 00,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2009/12/17 12:44:17 | 00,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2009/12/16 23:41:53 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\IrfanView [2009/12/16 23:41:52 | 00,000,000 | ---D | C] -- C:\Program Files\IrfanView [2009/12/16 15:26:28 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Documents\ICQ [2009/12/16 15:20:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\ICQ [2009/12/16 15:18:59 | 00,000,000 | ---D | C] -- C:\Program Files\ICQ6.5 [2009/12/16 02:08:30 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Yahoo [2009/12/16 01:58:30 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Yahoo! [2009/12/16 01:57:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo! [2009/12/16 01:34:09 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll [2009/12/16 01:34:09 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2009/12/16 01:34:08 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2009/12/16 01:34:08 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2009/12/16 01:33:19 | 00,000,000 | ---D | C] -- C:\Program Files\Java [2009/12/15 23:43:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\skypePM [2009/12/15 23:41:52 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Skype [2009/12/15 23:20:33 | 00,054,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\fssfltr.sys [2009/12/15 23:11:27 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2009/12/15 23:10:54 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Library [2009/12/15 23:10:54 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\com.adobe.ExMan [2009/12/15 23:04:36 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\Tracing [2009/12/15 01:56:46 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2009/12/15 01:45:12 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2009/12/14 19:44:30 | 00,000,000 | ---D | C] -- C:\ProgramData\WinZip [2009/12/14 19:44:26 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip [2009/12/14 02:40:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai [2009/12/14 01:16:49 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\dvdcss [2009/12/14 01:16:21 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\vlc [2009/12/14 01:12:42 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2009/12/14 01:10:02 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2009/12/14 00:44:29 | 00,000,000 | ---D | C] -- C:\Program Files\Trillian [2009/12/14 00:25:33 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\windows\System32\pncrt.dll [2009/12/14 00:25:33 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\rmoc3260.dll [2009/12/14 00:25:33 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\pndx5016.dll [2009/12/14 00:25:33 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\windows\System32\pndx5032.dll [2009/12/14 00:25:21 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\System32\lameACM.acm [2009/12/14 00:25:20 | 00,118,784 | ---- | C] (fccHandler) -- C:\windows\System32\ac3acm.acm [2009/12/14 00:25:19 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\windows\System32\yv12vfw.dll [2009/12/14 00:25:16 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\windows\System32\dpl100.dll [2009/12/14 00:25:07 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcp71.dll [2009/12/14 00:25:07 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcr71.dll [2009/12/14 00:25:03 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2009/12/14 00:19:51 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\DivX [2009/12/13 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2009/12/13 23:35:03 | 00,000,000 | ---D | C] -- C:\Program Files\DivX [2009/12/13 23:17:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Thunderbird [2009/12/13 23:17:50 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Thunderbird [2009/12/13 23:12:00 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys [2009/12/13 23:12:00 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys [2009/12/13 23:11:59 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2009/12/13 23:11:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira [2009/12/13 23:11:56 | 00,000,000 | ---D | C] -- C:\Program Files\Avira [2009/12/13 22:53:27 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Roaming\Mozilla [2009/12/13 22:53:27 | 00,000,000 | ---D | C] -- C:\Users\Schlueti\AppData\Local\Mozilla [2009/12/13 22:51:26 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2009/12/13 22:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2009/12/13 22:46:43 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2009/12/13 22:46:33 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertEnroll.dll [2009/12/13 22:46:32 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe [2009/12/13 22:46:31 | 00,507,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winload.exe [2009/12/13 22:46:30 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\t2embed.dll [2009/12/13 22:46:30 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll [2009/12/13 22:46:29 | 00,442,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winresume.exe [2009/12/13 22:46:29 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2009/12/13 22:46:27 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL [2009/08/19 21:30:53 | 00,035,624 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [2009/08/14 10:00:08 | 00,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys ========== Files - Modified Within 30 Days ========== [2010/01/12 20:54:03 | 00,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2010/01/12 20:52:04 | 01,835,008 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat [2010/01/12 20:45:30 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\Schlueti\Desktop\OTL.exe [2010/01/12 20:41:52 | 00,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2010/01/12 19:59:02 | 00,001,130 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000UA.job [2010/01/12 19:45:47 | 00,002,022 | ---- | M] () -- C:\Users\Schlueti\Desktop\Trillian.lnk [2010/01/12 19:26:55 | 00,781,909 | ---- | M] () -- C:\Users\Schlueti\Desktop\RSIT.exe [2010/01/12 19:19:50 | 00,013,808 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/01/12 19:19:50 | 00,013,808 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/01/12 19:12:39 | 00,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2010/01/12 19:12:21 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2010/01/12 19:11:55 | 79,841,6896 | -HS- | M] () -- C:\hiberfil.sys [2010/01/12 19:11:07 | 01,948,629 | -H-- | M] () -- C:\Users\Schlueti\AppData\Local\IconCache.db [2010/01/12 15:45:18 | 00,000,979 | ---- | M] () -- C:\Users\Public\Desktop\MalwarebytesAnti-Malware.lnk [2010/01/12 15:23:54 | 00,001,831 | ---- | M] () -- C:\Users\Schlueti\Desktop\CCleaner.lnk [2010/01/12 15:15:37 | 00,001,100 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk [2010/01/12 15:02:25 | 00,643,866 | ---- | M] () -- C:\windows\System32\perfh007.dat [2010/01/12 15:02:25 | 00,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat [2010/01/12 15:02:25 | 00,126,394 | ---- | M] () -- C:\windows\System32\perfc007.dat [2010/01/12 15:02:25 | 00,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat [2010/01/12 15:02:24 | 01,472,002 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI [2010/01/12 13:44:23 | 00,002,039 | ---- | M] () -- C:\Users\Schlueti\Desktop\HijackThis.lnk [2010/01/12 10:54:16 | 00,000,686 | ---- | M] () -- C:\Users\Schlueti\Desktop\Meine Dateien.lnk [2010/01/12 10:54:10 | 00,000,642 | ---- | M] () -- C:\Users\Schlueti\Desktop\Studium.lnk [2010/01/11 22:59:01 | 00,001,078 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000Core.job [2010/01/11 15:26:25 | 00,001,564 | ---- | M] () -- C:\Users\Schlueti\Desktop\Youtube-MP3.lnk [2010/01/11 14:26:57 | 00,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2009/12/30 12:51:20 | 00,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2009/12/28 20:26:53 | 00,001,908 | ---- | M] () -- C:\windows\diagwrn.xml [2009/12/28 20:26:53 | 00,001,908 | ---- | M] () -- C:\windows\diagerr.xml [2009/12/23 22:55:19 | 00,002,228 | ---- | M] () -- C:\Users\Schlueti\Desktop\Google Chrome.lnk [2009/12/22 03:21:32 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/22 03:21:32 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/22 03:21:32 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TM.blf [2009/12/21 22:50:38 | 00,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2009/12/20 15:45:00 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/20 15:45:00 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/20 15:45:00 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TM.blf [2009/12/19 00:24:45 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/19 00:24:45 | 00,524,288 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/19 00:24:45 | 00,065,536 | -HS- | M] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TM.blf [2009/12/18 04:23:02 | 00,330,264 | ---- | M] (Intel Corporation) -- C:\windows\System32\drivers\iaStor.sys [2009/12/18 01:56:47 | 00,001,216 | ---- | M] () -- C:\Users\Schlueti\Desktop\Spybot - Search & Destroy.lnk [2009/12/17 22:56:57 | 46,760,661 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm [2009/12/17 22:56:15 | 00,127,261 | ---- | M] () -- C:\windows\System32\drivers\Avg\microavi.avg [2009/12/17 22:54:58 | 00,113,461 | ---- | M] () -- C:\windows\System32\drivers\Avg\iavichjw.avm [2009/12/17 22:54:58 | 00,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk [2009/12/17 22:54:57 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll [2009/12/17 22:54:56 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys [2009/12/17 22:54:56 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys [2009/12/17 22:54:56 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys [2009/12/17 22:54:55 | 06,061,540 | ---- | M] () -- C:\windows\System32\drivers\Avg\avi7.avg [2009/12/17 22:54:55 | 00,492,629 | ---- | M] () -- C:\windows\System32\drivers\Avg\miniavi.avg [2009/12/17 21:38:43 | 00,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/12/16 23:42:00 | 00,000,972 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk [2009/12/16 22:21:08 | 02,262,496 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2009/12/16 04:03:47 | 00,079,136 | ---- | M] () -- C:\Users\Schlueti\AppData\Local\GDIPFONTCACHEV1.DAT [2009/12/16 03:10:03 | 00,000,478 | ---- | M] () -- C:\windows\win.ini [2009/12/16 01:33:26 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2009/12/16 01:33:25 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2009/12/16 01:33:25 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2009/12/16 01:33:24 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll [2009/12/15 02:02:15 | 00,001,095 | ---- | M] () -- C:\Users\Schlueti\Desktop\Photoshop.lnk [2009/12/14 23:13:11 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys [2009/12/14 20:14:51 | 00,001,933 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk [2009/12/14 01:13:16 | 00,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2009/12/13 23:32:23 | 00,004,608 | ---- | M] () -- C:\Users\Schlueti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/13 23:12:09 | 00,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk [2009/12/13 22:52:56 | 00,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk ========== Files Created - No Company Name ========== [2010/01/12 19:26:40 | 00,781,909 | ---- | C] () -- C:\Users\Schlueti\Desktop\RSIT.exe [2010/01/12 15:45:18 | 00,000,979 | ---- | C] () -- C:\Users\Public\Desktop\MalwarebytesAnti-Malware.lnk [2010/01/12 15:23:54 | 00,001,831 | ---- | C] () -- C:\Users\Schlueti\Desktop\CCleaner.lnk [2010/01/12 15:15:37 | 00,001,100 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk [2010/01/12 13:44:23 | 00,002,039 | ---- | C] () -- C:\Users\Schlueti\Desktop\HijackThis.lnk [2010/01/12 10:54:16 | 00,000,686 | ---- | C] () -- C:\Users\Schlueti\Desktop\Meine Dateien.lnk [2010/01/12 10:54:10 | 00,000,642 | ---- | C] () -- C:\Users\Schlueti\Desktop\Studium.lnk [2010/01/11 15:26:25 | 00,001,564 | ---- | C] () -- C:\Users\Schlueti\Desktop\Youtube-MP3.lnk [2010/01/11 14:26:57 | 00,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2009/12/30 12:51:19 | 00,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2009/12/30 12:49:02 | 00,001,100 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2009/12/30 12:49:01 | 00,001,096 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2009/12/28 20:08:14 | 00,001,908 | ---- | C] () -- C:\windows\diagwrn.xml [2009/12/28 20:08:14 | 00,001,908 | ---- | C] () -- C:\windows\diagerr.xml [2009/12/23 22:55:19 | 00,002,228 | ---- | C] () -- C:\Users\Schlueti\Desktop\Google Chrome.lnk [2009/12/23 22:54:13 | 00,001,130 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000UA.job [2009/12/23 22:54:13 | 00,001,078 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-540757555-3338843806-321119232-1000Core.job [2009/12/21 22:50:38 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/12/21 22:46:00 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/21 22:46:00 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/21 22:46:00 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{1ad1812f-ee7a-11de-9667-90e6ba6a45e9}.TM.blf [2009/12/19 01:01:49 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/19 01:01:49 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/19 01:01:49 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{6182cc0d-ec31-11de-b5fb-90e6ba6a45e9}.TM.blf [2009/12/18 23:51:12 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000002.regtrans-ms [2009/12/18 23:51:12 | 00,524,288 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TMContainer00000000000000000001.regtrans-ms [2009/12/18 23:51:12 | 00,065,536 | -HS- | C] () -- C:\Users\Schlueti\ntuser.dat{b323f7a9-ec27-11de-b5ca-90e6ba6a45e9}.TM.blf [2009/12/18 01:56:47 | 00,001,216 | ---- | C] () -- C:\Users\Schlueti\Desktop\Spybot - Search & Destroy.lnk [2009/12/17 22:54:58 | 00,113,461 | ---- | C] () -- C:\windows\System32\drivers\Avg\iavichjw.avm [2009/12/17 22:54:58 | 00,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG.lnk [2009/12/17 22:54:55 | 46,760,661 | ---- | C] () -- C:\windows\System32\drivers\Avg\incavi.avm [2009/12/17 22:54:55 | 00,492,629 | ---- | C] () -- C:\windows\System32\drivers\Avg\miniavi.avg [2009/12/17 22:54:55 | 00,127,261 | ---- | C] () -- C:\windows\System32\drivers\Avg\microavi.avg [2009/12/17 22:54:54 | 06,061,540 | ---- | C] () -- C:\windows\System32\drivers\Avg\avi7.avg [2009/12/17 21:38:43 | 00,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/12/16 23:42:00 | 00,000,972 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk [2009/12/15 02:02:15 | 00,001,095 | ---- | C] () -- C:\Users\Schlueti\Desktop\Photoshop.lnk [2009/12/14 20:14:51 | 00,001,933 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk [2009/12/14 01:13:15 | 00,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2009/12/14 00:44:58 | 00,002,022 | ---- | C] () -- C:\Users\Schlueti\Desktop\Trillian.lnk [2009/12/14 00:25:28 | 00,178,176 | ---- | C] () -- C:\windows\System32\unrar.dll [2009/12/14 00:25:25 | 00,000,038 | ---- | C] () -- C:\windows\avisplitter.ini [2009/12/14 00:25:22 | 00,000,414 | ---- | C] () -- C:\windows\System32\lame_acm.xml [2009/12/14 00:25:18 | 00,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll [2009/12/14 00:25:17 | 00,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll [2009/12/14 00:25:11 | 00,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest [2009/12/14 00:25:10 | 00,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll [2009/12/13 23:32:21 | 00,004,608 | ---- | C] () -- C:\Users\Schlueti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/12/13 23:12:09 | 00,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk [2009/12/13 22:52:56 | 00,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2009/08/20 05:42:43 | 00,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2009/07/14 00:51:43 | 00,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 00,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/06/09 09:55:58 | 00,057,904 | ---- | C] () -- C:\windows\System32\wbload.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4CF61E54 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP FC5A2B2< End of report > |
|
12.01.2010, 21:01
| #6 |
| | Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links Und hier die zweite Log. Hat nicht in einen Thread gepasst. Extras.txt: OTL Extras logfile created on: 1/12/2010 8:46:38 PM - Run 1 OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Schlueti\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,015.00 Mb Total Physical Memory | 214.00 Mb Available Physical Memory | 21.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100.00 Gb Total Space | 79.07 Gb Free Space | 79.07% Space Free | Partition Type: NTFS Drive D: | 122.87 Gb Total Space | 73.52 Gb Free Space | 59.84% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SCHLUE Current User Name: Schlueti Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2E741D13-BD2A-45EB-8342-7127233E5DAC}" = LocaleMe "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007 "{90120000-0015-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007 "{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2007 "{90120000-0017-0410-0000-0000000FF1CE}_OMUI.it-it_{342281AF-B7FE-4999-BE64-29F7D6249970}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0017-0413-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Dutch) 2007 "{90120000-0017-0413-0000-0000000FF1CE}_OMUI.nl-nl_{2E9BD56A-2290-46DA-869F-2EDCF0A24E8B}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007 "{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007 "{90120000-0019-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007 "{90120000-001A-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007 "{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.it-it_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.nl-nl_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.it-it_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.nl-nl_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.it-it_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.nl-nl_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.it-it_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.nl-nl_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007 "{90120000-0044-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007 "{90120000-0044-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_OMUI.it-it_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007 "{90120000-006E-0413-0000-0000000FF1CE}_OMUI.nl-nl_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007 "{90120000-00A1-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007 "{90120000-00A1-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007 "{90120000-00BA-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007 "{90120000-00BA-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2007 "{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0413-0000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2007 "{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2007 "{90120000-0101-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0413-0000-0000000FF1CE}" = Microsoft Office X MUI (Dutch) 2007 "{90120000-0101-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C04E7C11-A3DA-480B-9018-F292E04CA26A}" = FontResizer "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "Akamai" = Akamai NetSession Interface "ASUS VIBE" = ASUS VIBE "AVG9Uninstall" = AVG Free 9.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "HijackThis" = HijackThis 2.0.2 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "Mozilla Thunderbird (3.0)" = Mozilla Thunderbird (3.0) "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "OMUI.it-it" = Microsoft Office Language Pack 2007 - Italian/Italiano "OMUI.nl-nl" = Microsoft Office Language Pack 2007 - Dutch/Nederlands "Orb" = Winamp Remote "SynTPDeinstKey" = Synaptics Pointing Device Driver "Trillian" = Trillian "TuneUp Utilities" = TuneUp Utilities "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.0.3 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "WinLiveSuite_Wave3" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Winamp Anwendungserkennung ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/21/2009 5:56:34 PM | Computer Name = Schlue | Source = Windows Backup | ID = 4103 Description = Error - 12/21/2009 6:18:53 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f24 Startzeit: 01ca82891aa79f62 Endzeit: 63 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: cc51f34d-ee7e-11de-9667-90e6ba6a45e9 Error - 12/21/2009 7:54:04 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version 1.9.1.3593 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d54 Startzeit: 01ca828833aa1764 Endzeit: 55991 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: f3b1d557-ee8b-11de-9667-90e6ba6a45e9 Error - 12/21/2009 7:57:16 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version 1.9.1.3593 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f4c Startzeit: 01ca829901b640e7 Endzeit: 16225 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: 811fd29b-ee8c-11de-9667-90e6ba6a45e9 Error - 12/21/2009 8:05:51 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 62c Startzeit: 01ca829a022c2c0c Endzeit: 46 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 50871b99-ee8d-11de-9667-90e6ba6a45e9 Error - 12/21/2009 10:21:13 PM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d54 Startzeit: 01ca82ad43de15e2 Endzeit: 20 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: a78d9f78-eea0-11de-9667-90e6ba6a45e9 Error - 12/22/2009 12:11:38 AM | Computer Name = Schlue | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error - 12/22/2009 12:16:20 AM | Computer Name = Schlue | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 12/22/2009 9:51:52 AM | Computer Name = Schlue | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d08 Startzeit: 01ca830dd780f4b6 Endzeit: 82 Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 22160a13-ef01-11de-96c0-90e6ba6a45e9 Error - 12/25/2009 5:59:09 AM | Computer Name = Schlue | Source = Google Update | ID = 20 Description = [ System Events ] Error - 1/5/2010 9:39:24 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001 Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066 Error - 1/5/2010 12:43:10 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error - 1/6/2010 4:26:36 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024 Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315. Error - 1/6/2010 4:26:36 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001 Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066 Error - 1/6/2010 9:04:01 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024 Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315. Error - 1/6/2010 9:04:01 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001 Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066 Error - 1/7/2010 5:17:02 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024 Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315. Error - 1/7/2010 5:17:06 AM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001 Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066 Error - 1/7/2010 7:45:32 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7024 Description = Der Dienst "AVG Free WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315. Error - 1/7/2010 7:45:33 PM | Computer Name = Schlue | Source = Service Control Manager | ID = 7001 Description = Der Dienst "AVG Free E-mail Scanner" ist vom Dienst "AVG Free WatchDog" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1066 < End of report > |
|
| Themen zu Mozilla öffnet selbstsändig Werbung nach klicken von Google-Links |
| antivir, antivir guard, antivirus, antivirus system, avg, avg free, avira, bho, desktop, e-mail, excel, firefox, gupdate, hijack, hijackthis, hängen, internet, internet explorer, logfile, mozilla, problem, programdata, rundll, selbstsändig, software, system, toolbars, userinit.exe, warnung, werbefenster, werbung, windows, windows 7 starter |
Linear-Darstellung
