Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
BOO/TDss.A mit Virenscanner 3 xgefunden

BOO/TDss.A mit Virenscanner 3 xgefunden


Plagegeister aller Art und deren Bekämpfung: BOO/TDss.A mit Virenscanner 3 xgefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 10.02.2011, 00:10   #1
O Heinz
 
BOO/TDss.A mit Virenscanner 3 xgefunden - Standard

BOO/TDss.A mit Virenscanner 3 xgefunden


Hallo zusammen,
in letzter Zeit habe ich etwas Probleme mit meinem Rechner.
Er öffnet aufgerufene Dateien mit Verzögerung und sehr oft habe ich einen "blauen Bildschirm und er fährt dann runter und startet neu.Auch kann ich keine automatischen Updates mehr über Microsoft machen und die automatische Datensicherung wird nicht erfolgreich ausgeführt.
Dann kommt noch recht oft die Fehlermeldung"Hostprozess für Windows.Dienste wurde beendet und geschlossen".
Ich habe dann einen Scan mit meinem vorhandenen Antivir gemacht und auf jedem Laufwerk jeweils den oben genannten Eintrag bekommen und den Hinweis das er nicht entfernt werden kann.
Was man so lesen kann bedeutet das ein neuaufsetzten des Systems?Ich bin grad dabei einen Komplettscan mit Malwarebyts auf C durchlaufen.
Danach will ich noch,wie in einem anderen Beitrag gelesen,einen Scan mit OTL machen und beide Logs hier einstellen.
Das ist erstmal das was mir aufgefallen ist was nicht stimmt am Rechner.Ach ja,unter Mozilla werden einfach so irgendwelche Seiten geöffnet.
Hier einmal ein Log,ich habe diesen Abgebrochen weil ich alle festplatten ausgewählt hatte und der Scan dann sicher einen ganzen Tag benötigt.
""

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5725

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

09.02.2011 23:56:30
mbam-log-2011-02-09 (23-56-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|)
Durchsuchte Objekte: 73626
Laufzeit: 16 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{ef34404a-747c-81d8-843a-d938e181273d} (Adware.BHO.FL) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Oliver

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5725

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

10.02.2011 08:46:52
mbam-log-2011-02-10 (08-46-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 553106
Laufzeit: 3 Stunde(n), 39 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 50

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\s_-j_2l (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorNE (Rogue.RegistryDoktor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C484332-8128-2096-94A6-DA812793D493} (Adware.AdRotator) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\WINDOWS\System32\s_-j_2l.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttondown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonhot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonnor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\bottomborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\leftborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\rightborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\flv direct player\skindirectflv\skin\Window\titlepattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\program files\registry_doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1 entfernen.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.


Und hier der zweiteOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.02.2011 08:51:40 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,21 Gb Total Space | 121,89 Gb Free Space | 55,10% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 51,00 Gb Free Space | 21,90% Space Free | Partition Type: NTFS
Drive E: | 11,67 Gb Total Space | 1,65 Gb Free Space | 14,17% Space Free | Partition Type: NTFS
Drive F: | 1,89 Gb Total Space | 0,53 Gb Free Space | 27,97% Space Free | Partition Type: FAT
Drive H: | 1,99 Gb Total Space | 0,05 Gb Free Space | 2,73% Space Free | Partition Type: FAT32
 
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\WINDOWS\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files\AVG\AVGLS\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVGLS\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVGLS\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Besitzer\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\AOL 9.0 VRa\shellmon.exe (AOL, LLC.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\AOL 9.0 VRa\waol.exe (AOL, LLC.)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\aol\1231093279\ee\aolsoftware.exe (America Online, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (GameConsoleService) --  File not found
SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVGLS\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FontCache) -- C:\WINDOWS\System32\FntCache.dll (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
SRV - (WcesComm) -- C:\WINDOWS\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\WINDOWS\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avfwot) -- C:\WINDOWS\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avfwim) -- C:\WINDOWS\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (ggsemc) -- C:\WINDOWS\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (fssfltr) -- C:\WINDOWS\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (winusb) -- C:\WINDOWS\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s1018mdm) -- C:\WINDOWS\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\WINDOWS\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\WINDOWS\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\WINDOWS\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\WINDOWS\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\WINDOWS\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (silabser) -- C:\WINDOWS\System32\drivers\silabser.sys (Silicon Laboratories)
DRV - (silabenm) -- C:\WINDOWS\System32\drivers\silabenm.sys (Silicon Laboratories, Inc.)
DRV - (hwdatacard) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NETw5v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (SynTP) -- C:\WINDOWS\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (xtouch) -- C:\WINDOWS\System32\drivers\xtouch.sys ()
DRV - (seehcri) -- C:\WINDOWS\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) -- C:\Program Files\Hp\QuickPlay\000.fcl (Cyberlink Corp.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw4v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (Ser2pl) -- C:\WINDOWS\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (NWADI) -- C:\WINDOWS\System32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (smserial) -- C:\WINDOWS\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSF_DPV) -- C:\WINDOWS\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (BCM43XV) -- C:\WINDOWS\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ialm) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (eusk2par) -- C:\WINDOWS\System32\drivers\eusk2par.sys (EUTRON)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.msn.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.5.112
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.364
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {26647ca4-a2a7-4eac-8a72-761aa9141de7}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {0ae873a2-da32-8a94-9c57-7a7cc96c6c82}:4.6.6.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..keyword.URL: "hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_de&p="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVGLS\Firefox [2009.12.29 16:22:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVGLS\Toolbar\Firefox\avg@igeared [2009.12.31 17:46:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.11 22:59:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 22:59:33 | 000,000,000 | ---D | M]
 
[2009.01.04 11:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2010.06.29 17:54:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\58l2dup2.Standard-Benutzer\extensions
[2009.09.21 19:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\58l2dup2.Standard-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.18 06:27:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\58l2dup2.Standard-Benutzer\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.29 17:54:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\58l2dup2.Standard-Benutzer\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.09.21 19:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\58l2dup2.Standard-Benutzer\extensions\staged-xpis
[2011.02.10 00:16:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions
[2010.05.11 23:10:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.25 09:48:43 | 000,000,000 | ---D | M] (Freeware DE Toolbar) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7}
[2009.01.05 18:28:52 | 000,000,000 | ---D | M] (Bookmark Backup [de]) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4}
[2010.04.12 19:30:56 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.29 17:54:37 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.08.04 21:39:56 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}(211)
[2010.11.03 20:45:37 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.05.11 23:10:26 | 000,000,000 | ---D | M] ("Show my Password") -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}
[2010.03.11 01:05:57 | 000,000,000 | ---D | M] (@@toolbarname@@) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\5fj48scu.default\extensions\toolbar@ask.com
[2010.01.20 12:18:46 | 000,000,925 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\conduit.xml
[2011.02.09 00:10:23 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-1.xml
[2010.09.16 19:12:29 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-2.xml
[2010.09.20 09:37:21 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-3.xml
[2010.10.21 10:18:48 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-4.xml
[2010.10.31 10:58:49 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-5.xml
[2010.11.03 21:38:22 | 000,000,950 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin-6.xml
[2010.06.29 17:54:37 | 000,000,168 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin.gif
[2010.06.29 17:54:37 | 000,000,618 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin.src
[2010.09.02 23:15:54 | 000,001,056 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\icqplugin.xml
[2010.01.25 10:53:31 | 000,000,266 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5fj48scu.default\searchplugins\Search.xml
[2010.11.03 21:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.25 10:53:31 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{0ae873a2-da32-8a94-9c57-7a7cc96c6c82}
[2010.06.23 20:50:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.09 09:09:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009.12.29 16:22:30 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVGLS\FIREFOX
[2009.12.31 17:46:24 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="3.011.025.005" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="hxxp://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVGLS\TOOLBAR\FIREFOX\AVG@IGEARED
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  File not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -  File not found
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVGLS\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVGLS\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1231093279\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VRa\AOL.EXE (AOL, LLC.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DW6]  File not found
O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [ICQ]  File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)]  File not found
O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\T-Mobile\T-Mobile Internet Manager\T-Mobile Internet Manager.exe ()
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Program Files\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} -  File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} -  File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vw-wi {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll (TODO: <Company name>)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\Shell - "" = AutoRun
O33 - MountPoints2\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\Shell - "" = AutoRun
O33 - MountPoints2\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{18831021-c66b-11de-8719-9d4e8499ecc1}\Shell - "" = AutoRun
O33 - MountPoints2\{18831021-c66b-11de-8719-9d4e8499ecc1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{22ed21d1-1bbb-11df-9959-daedffe3e908}\Shell - "" = AutoRun
O33 - MountPoints2\{22ed21d1-1bbb-11df-9959-daedffe3e908}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{232f4d41-9852-11de-bbd0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{232f4d41-9852-11de-bbd0-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3867e77b-90ae-11de-a350-e474c5728839}\Shell - "" = AutoRun
O33 - MountPoints2\{3867e77b-90ae-11de-a350-e474c5728839}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3867e77c-90ae-11de-a350-e474c5728839}\Shell - "" = AutoRun
O33 - MountPoints2\{3867e77c-90ae-11de-a350-e474c5728839}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{3867e77f-90ae-11de-a350-e474c5728839}\Shell - "" = AutoRun
O33 - MountPoints2\{3867e77f-90ae-11de-a350-e474c5728839}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3867e782-90ae-11de-a350-ad3f831c2eab}\Shell - "" = AutoRun
O33 - MountPoints2\{3867e782-90ae-11de-a350-ad3f831c2eab}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3867e787-90ae-11de-a350-ad3f831c2eab}\Shell - "" = AutoRun
O33 - MountPoints2\{3867e787-90ae-11de-a350-ad3f831c2eab}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\Shell - "" = AutoRun
O33 - MountPoints2\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\Shell - "" = AutoRun
O33 - MountPoints2\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\Shell - "" = AutoRun
O33 - MountPoints2\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{7c84c765-cbc7-11de-8573-e50896887ff4}\Shell - "" = AutoRun
O33 - MountPoints2\{7c84c765-cbc7-11de-8573-e50896887ff4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{894f81c9-d171-11de-a0f1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{894f81c9-d171-11de-a0f1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{935bcea8-8e67-11de-ae73-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{935bcea8-8e67-11de-ae73-00038a000015}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{935bceaa-8e67-11de-ae73-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{935bceaa-8e67-11de-ae73-00038a000015}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{94b0b353-2228-11df-9dac-df4f4eb54d13}\Shell - "" = AutoRun
O33 - MountPoints2\{94b0b353-2228-11df-9dac-df4f4eb54d13}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\Shell - "" = AutoRun
O33 - MountPoints2\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a212d73d-9b2b-11de-b014-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a212d73d-9b2b-11de-b014-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{a212d79e-9b2b-11de-b014-ed454fea280e}\Shell - "" = AutoRun
O33 - MountPoints2\{a212d79e-9b2b-11de-b014-ed454fea280e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ab491527-9b22-11de-9cbd-8ab1279669e5}\Shell - "" = AutoRun
O33 - MountPoints2\{ab491527-9b22-11de-9cbd-8ab1279669e5}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac74a77e-9b12-11de-8957-a74aed332be2}\Shell - "" = AutoRun
O33 - MountPoints2\{ac74a77e-9b12-11de-8957-a74aed332be2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ac74a797-9b12-11de-8957-a74aed332be2}\Shell - "" = AutoRun
O33 - MountPoints2\{ac74a797-9b12-11de-8957-a74aed332be2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d002cff5-0e7a-11df-b623-9768c52e6d42}\Shell - "" = AutoRun
O33 - MountPoints2\{d002cff5-0e7a-11df-b623-9768c52e6d42}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\Shell - "" = AutoRun
O33 - MountPoints2\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\Shell - "" = AutoRun
O33 - MountPoints2\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{de3fc79f-d172-11de-827b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{de3fc79f-d172-11de-827b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\Shell - "" = AutoRun
O33 - MountPoints2\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\Shell\AutoRun\command - "" = K:\AutoRun.exe
O33 - MountPoints2\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\Shell - "" = AutoRun
O33 - MountPoints2\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.09 23:34:31 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2011.02.09 23:34:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.09 23:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.09 23:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.09 23:34:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.09 23:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.02.09 23:21:26 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2011.01.19 09:46:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.01.12 08:50:51 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 08:50:47 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2009.10.15 01:01:02 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe1652.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.10 08:56:02 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.10 08:50:29 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\rxqkubtm.sys
[2011.02.10 08:45:15 | 000,063,544 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.02.10 08:45:15 | 000,063,544 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.02.10 08:44:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.10 03:08:02 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 03:08:02 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 00:02:32 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.10 00:02:20 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.02.09 23:34:14 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.09 23:21:35 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2011.02.09 19:27:55 | 000,000,163 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011.02.09 19:14:24 | 3219,562,496 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.09 19:06:31 | 000,633,580 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.09 19:06:31 | 000,600,138 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.09 19:06:31 | 000,128,796 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.09 19:06:31 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.09 18:00:07 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Besitzer.job
[2011.02.09 15:25:13 | 000,363,931 | ---- | M] () -- C:\Users\Besitzer\Documents\T-SV_AUDI_A4_B5_5112.pdf
[2011.02.09 12:07:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.02.08 00:56:17 | 000,019,968 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.06 20:45:15 | 000,008,484 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\d3d9caps.dat
[2011.01.21 16:28:32 | 001,353,721 | ---- | M] () -- C:\Users\Besitzer\Documents\FiltKombmSR100.jpg
[2011.01.20 09:25:59 | 328,833,173 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.01.19 09:44:33 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.01.19 09:44:33 | 000,102,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2011.01.19 09:44:33 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.01.19 00:56:47 | 000,002,365 | ---- | M] () -- C:\Users\Besitzer\Desktop\VAG-COM 311 Deutsch.lnk
 
========== Files Created - No Company Name ==========
 
[2011.02.10 08:50:29 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\rxqkubtm.sys
[2011.02.09 23:34:14 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.09 15:25:08 | 000,363,931 | ---- | C] () -- C:\Users\Besitzer\Documents\T-SV_AUDI_A4_B5_5112.pdf
[2011.01.21 16:28:16 | 001,353,721 | ---- | C] () -- C:\Users\Besitzer\Documents\FiltKombmSR100.jpg
[2010.06.23 18:09:15 | 000,000,358 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010.02.28 19:45:08 | 000,000,067 | ---- | C] () -- C:\Windows\w313830.ini
[2010.01.05 11:39:41 | 000,083,072 | ---- | C] () -- C:\Windows\System32\drivers\xtouch.sys
[2009.07.03 19:34:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.04 14:47:42 | 000,057,856 | ---- | C] () -- C:\Windows\System32\Skeylink.dll
[2009.01.29 23:43:48 | 000,000,216 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\wklnhst.dat
[2009.01.29 13:20:56 | 000,008,484 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\d3d9caps.dat
[2009.01.23 22:01:31 | 000,000,556 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.07 11:28:47 | 000,063,544 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.01.07 11:28:47 | 000,063,544 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.01.04 17:50:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.01.04 08:44:43 | 000,019,968 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.04 08:29:13 | 000,980,184 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2008.12.29 19:10:40 | 000,027,620 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\nvModes.001
[2008.12.22 14:23:30 | 000,027,620 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\nvModes.dat
[2008.12.22 10:45:39 | 000,000,000 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\QSwitch.txt
[2008.12.22 10:45:39 | 000,000,000 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DSwitch.txt
[2008.12.22 10:45:39 | 000,000,000 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\AtStart.txt
[2008.04.27 12:47:30 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.10.22 07:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.09.07 07:33:14 | 000,000,098 | ---- | C] () -- C:\Windows\etkinst.ini
[2006.03.09 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2002.02.01 15:00:00 | 000,620,544 | ---- | C] () -- C:\Windows\System32\stlpmt45.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 685 bytes -> C:\Users\Besitzer\Documents\AW_ gewinde.eml:OECustomProperty
@Alternate Data Stream - 669 bytes -> C:\Users\Besitzer\Documents\Re_ gewinde.eml:OECustomProperty
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Documents\ogrevani_sedezi_www.planetbossi.ch.mpeg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Documents\NEW.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Documents\neuerSpannungsprüfer.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Besitzer\Documents\BegehbarerSchrank.avi:TOC.WMV
 
< End of report >
--- --- ---


Ob mir evtl. jemand nur kurz sagen kann ob ich das System neu aufsetzten muss`?Banking mache ich nichtmehr usw

Danke euch

Oliver

 

Themen zu BOO/TDss.A mit Virenscanner 3 xgefunden
adware.adrotator, adware.flvplayer, alternate, antivir, automatische, automatischen, avg security toolbar, avgntflt.sys, beendet, beendet und geschlossen, besitzer, bildschirm, boo/tdss.a, bookmark, corp./icp, dateien, datensicherung, einfach, fast start, fehlermeldung, hallo zusammen, home premium, hostprozess, iastor.sys, install.exe, intranet, laufwerk, launch, location, microsoft, mozilla, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, plug-in, probleme, programdata, prozess, rogue.registrydoctor, rogue.registrydoktor, runter, safer networking, scan, scanner, sched.exe, searchplugins, security scan, seite, seiten, start menu, startet, super, system neu, t-mobile, updates, virenscanner, öffnet


« TR/Kazy.12044.psa und HTML Scriptvirus HTML/Infected.WebPage.Gen | Spyeye Trojaner hat laut Bank meinen PC infiziert »


Ähnliche Themen: BOO/TDss.A mit Virenscanner 3 xgefunden


  1. PCK/PESpin: gefährliche Malware oder jagt der PC Virenscanner den Homeserver-Virenscanner?
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (2)
  2. BOO/TDss.O
    Plagegeister aller Art und deren Bekämpfung - 12.06.2012 (3)
  3. Boo/TDss.D
    Log-Analyse und Auswertung - 30.10.2011 (14)
  4. BOO/TDss.D
    Log-Analyse und Auswertung - 25.10.2011 (16)
  5. BOO/TDss.d
    Log-Analyse und Auswertung - 25.10.2011 (5)
  6. BOO/Tdss.M
    Log-Analyse und Auswertung - 13.10.2011 (1)
  7. boo tdss.m
    Plagegeister aller Art und deren Bekämpfung - 25.08.2011 (1)
  8. TR/TDss.17.35
    Log-Analyse und Auswertung - 25.03.2011 (9)
  9. BOO/TDss.A
    Plagegeister aller Art und deren Bekämpfung - 06.03.2011 (30)
  10. BOO/TDSS.a
    Plagegeister aller Art und deren Bekämpfung - 11.02.2011 (25)
  11. Rootkit.Win32.TDSS - Endlich "one click" Entfernung mit Virenscanner?
    Plagegeister aller Art und deren Bekämpfung - 23.04.2010 (2)
  12. Trojan.TDss!K - Packed.Win32.Tdss!IK - und wer weiß was noch alles!
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  13. TR/TDss.AT.881
    Log-Analyse und Auswertung - 07.02.2009 (9)
  14. BDS/TDSS.adb, BDS/TDSS.JW und einiges mehr
    Log-Analyse und Auswertung - 14.01.2009 (28)
  15. Rootkit RKIT/TDss.G.22 Backdoorprogramm BDS/TDSS.adb und Trojaner TR/Proxy.GHY
    Log-Analyse und Auswertung - 21.12.2008 (28)
  16. Backdoor.TDSS.asz und TDSS.atb gefunden
    Mülltonne - 28.11.2008 (0)
  17. Virenscanner als Virenscanner unzulässige Win32 Anwendung, mrofinu1386.exe
    Plagegeister aller Art und deren Bekämpfung - 05.03.2008 (48)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BOO/TDss.A mit Virenscanner 3 xgefunden - Hallo zusammen, in letzter Zeit habe ich etwas Probleme mit meinem Rechner. Er öffnet aufgerufene Dateien mit Verzögerung und sehr oft habe ich einen "blauen Bildschirm und er fährt dann - BOO/TDss.A mit Virenscanner 3 xgefunden...
Archiv
Du betrachtest: BOO/TDss.A mit Virenscanner 3 xgefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131