Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Meredrop.A.5772

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.04.2011, 22:13   #1
su-sun
 
TR/Meredrop.A.5772 - Standard

TR/Meredrop.A.5772



Hallo AntiVIR hat einen Trojaner gefunden und nun weiss ich nicht, wie ich den wieder los werde . Kann mir jemand helfen?
Ich habe die LOGFILES: OTL , extra , Avira drin !OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.04.2011 21:59:53 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,89 Gb Total Space | 28,81 Gb Free Space | 38,46% Space Free | Partition Type: NTFS
Drive E: | 72,68 Gb Total Space | 14,72 Gb Free Space | 20,25% Space Free | Partition Type: NTFS
Drive F: | 669,46 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.04.10 21:42:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Susann\Desktop\OTL.exe
PRC - [2011.03.18 12:57:20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.11 13:46:35 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.11 13:46:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.11.11 14:55:46 | 000,159,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2010.10.18 21:15:07 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.05.04 13:16:49 | 000,009,728 | ---- | M] (Deutsche Telekom AG) -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.14 11:14:20 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008.03.03 15:05:04 | 000,959,976 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\ZoneAlarm\zlclient.exe
PRC - [2008.03.03 15:05:02 | 000,079,400 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2008.01.28 11:43:32 | 000,810,320 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007.08.09 19:26:42 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.01 14:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007.03.29 11:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007.03.16 01:24:02 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbccoms.exe
PRC - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006.10.05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.04.10 21:42:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Susann\Desktop\OTL.exe
MOD - [2008.01.19 09:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- -- (TOSHIBA Bluetooth Service)
SRV - [2011.03.18 12:57:20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.11 13:46:35 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.07 12:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.11.11 14:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010.11.11 14:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010.11.11 14:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010.08.13 09:12:02 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.11.09 15:20:24 | 000,371,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.11.09 15:20:24 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.10.10 10:44:14 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.10.05 17:04:12 | 000,172,032 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BCL Technologies\PixelPlanet6\bepldr.exe -- (bepldr6PixelPlanetService)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.05.04 13:16:49 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2008.03.03 15:05:02 | 000,079,400 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008.01.28 11:43:32 | 000,810,320 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:33:43 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2007.08.01 14:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007.03.29 11:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.03.16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbccoms.exe -- (lxbc_device)
SRV - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006.10.05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.03.18 12:57:21 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.11 13:46:36 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.07.26 20:49:45 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.07.26 20:48:02 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.07.26 20:48:02 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008.10.21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008.10.21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008.10.21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008.10.21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008.10.21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008.10.21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008.03.03 15:06:04 | 000,279,440 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2008.01.19 07:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2007.11.09 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.07.27 23:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.07.26 16:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007.06.19 09:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2007.06.01 13:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.04.30 13:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.04.03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007.03.21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007.01.18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006.12.06 01:39:13 | 001,964,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2006.11.30 00:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006.11.28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.30 11:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.09 15:46:42 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 6080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 6080
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.16 13:28:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.10 09:34:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2010.10.07 20:53:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011.03.10 09:34:33 | 000,000,000 | ---D | M]
 
[2010.05.14 14:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Susann\AppData\Roaming\mozilla\Extensions
[2010.05.14 14:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Susann\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.04.09 22:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Susann\AppData\Roaming\mozilla\Firefox\Profiles\rdmiy0rc.default\extensions
[2010.05.30 13:08:31 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Susann\AppData\Roaming\mozilla\Firefox\Profiles\rdmiy0rc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2011.04.09 22:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.03.06 14:35:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.03.06 14:35:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [0x017] File not found
O4 - Startup: C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - Reg Error: Key error. File not found
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (MetaStreamCtl Class)
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} hxxp://www3.snapfish.de/SnapfishActivia3.cab (Snapfish Activia3)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://express.foto.com/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.meinvz.net/photouploader/ImageUploader5.cab?nocache=1211448055 (Image Uploader Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab (Java Plug-in 1.4.1_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{17d3dd40-5f4b-11df-b56e-00038a000015}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{2e91a941-ba54-11de-aeb1-00038a000015}\Shell\AutoRun\command - "" = G:\installer.exe
O33 - MountPoints2\{9d2a71b8-e1a8-11dd-925b-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{9d2a71b8-e1a8-11dd-925b-00038a000015}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{9d2a720c-e1a8-11dd-925b-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{9d2a720c-e1a8-11dd-925b-00038a000015}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ad36e6e7-02fe-11de-ab58-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ad36e6e7-02fe-11de-ab58-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cd29e791-4b19-11dd-8b73-00038a000015}\Shell\AutoRun\command - "" = D:\starter.exe
O33 - MountPoints2\{d467c00a-69f5-11de-9803-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d467c00a-69f5-11de-9803-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 14 Days ==========
 
[2011.04.10 21:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.10 21:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011.04.10 21:42:30 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Susann\Desktop\Erunt-setup.exe
[2011.04.10 21:42:30 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Susann\Desktop\OTL.exe
[2011.04.10 21:42:30 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Susann\Desktop\TFC.exe
[2011.04.10 07:54:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.10 07:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.10 07:54:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.10 07:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.09 22:05:35 | 000,000,000 | ---D | C] -- C:\Users\Susann\AppData\Roaming\Avira
[2011.04.09 15:57:46 | 000,000,000 | ---D | C] -- C:\Users\Susann\Documents\Web Creator
[2011.03.31 14:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2011.03.31 14:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Free PDF to Word Doc Converter
[2011.03.30 06:19:12 | 000,000,000 | ---D | C] -- C:\Users\Susann\Documents\WP_000002
[2011.03.28 22:46:12 | 000,000,000 | ---D | C] -- C:\Users\Susann\Documents\kf05DE035080___2011032822443202606766901
[2009.05.15 20:29:31 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeCBCD.dll
[2008.12.21 18:23:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Susann\AppData\Roaming\pcouffin.sys
[2008.05.20 19:37:51 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbcusb1.dll
[2008.05.20 19:37:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbcinpa.dll
[2008.05.20 19:37:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbciesc.dll
[2008.05.20 19:37:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBChcp.dll
[2008.05.20 19:37:50 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbcserv.dll
[2008.05.20 19:37:49 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbcpmui.dll
[2008.05.20 19:37:49 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbclmpm.dll
[2008.05.20 19:37:49 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbcprox.dll
[2008.05.20 19:37:49 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbcpplc.dll
[2008.05.20 19:37:47 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbchbn3.dll
[2008.05.20 19:37:47 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbcih.exe
[2008.05.20 19:37:46 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbccoms.exe
[2008.05.20 19:37:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbccomc.dll
[2008.05.20 19:37:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbccomm.dll
[2008.05.20 19:37:45 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbccfg.exe
 
========== Files - Modified Within 14 Days ==========
 
[2011.04.10 22:03:33 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{41BCEC00-6076-4D3E-B508-98F337E631E7}.job
[2011.04.10 22:00:41 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.04.10 21:58:43 | 000,352,614 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2011.04.10 21:57:46 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.10 21:57:41 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.10 21:57:40 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.10 21:57:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.10 21:57:24 | 2009,157,632 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.10 21:53:59 | 000,663,006 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.10 21:53:59 | 000,623,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.10 21:53:59 | 000,136,050 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.10 21:53:59 | 000,112,302 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.10 21:48:14 | 000,000,878 | ---- | M] () -- C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.10 21:48:11 | 000,000,698 | ---- | M] () -- C:\Users\Susann\Desktop\NTREGOPT.lnk
[2011.04.10 21:48:11 | 000,000,679 | ---- | M] () -- C:\Users\Susann\Desktop\ERUNT.lnk
[2011.04.10 21:42:46 | 000,301,568 | ---- | M] () -- C:\Users\Susann\Desktop\g2m3e4r.exe
[2011.04.10 21:42:44 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Susann\Desktop\Erunt-setup.exe
[2011.04.10 21:42:40 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Susann\Desktop\TFC.exe
[2011.04.10 21:42:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Susann\Desktop\OTL.exe
[2011.04.10 21:20:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.10 19:57:10 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011.04.10 19:57:10 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011.04.10 19:43:48 | 000,002,339 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.10 07:54:05 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.09 22:15:27 | 000,000,953 | ---- | M] () -- C:\Users\Susann\Desktop\Web Creator 3.lnk
[2011.04.08 13:13:00 | 000,143,715 | ---- | M] () -- C:\Users\Susann\Documents\vog9143483.pdf
[2011.04.04 21:43:39 | 000,015,708 | ---- | M] () -- C:\Users\Susann\Documents\überweisungen.odt
[2011.04.04 20:58:25 | 000,087,201 | ---- | M] () -- C:\Users\Susann\Documents\Sgiend0400111040411120.pdf
[2011.04.03 12:13:08 | 000,019,659 | ---- | M] () -- C:\Users\Susann\AppData\Local\internal.grp
[2011.03.31 14:15:23 | 000,040,625 | ---- | M] () -- C:\Users\Susann\kaufvertrag.pdf
[2011.03.31 14:10:12 | 000,000,827 | ---- | M] () -- C:\Users\Susann\Desktop\Free PDF to Word Doc Converter.lnk
[2011.03.30 06:19:12 | 001,828,356 | ---- | M] () -- C:\Users\Susann\Documents\WP_000002.zip
[2011.03.30 05:55:58 | 196,104,213 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.03.28 22:52:29 | 000,032,673 | ---- | M] () -- C:\Users\Susann\vollmacht_2005.pdf
[2011.03.28 22:47:17 | 000,028,867 | ---- | M] () -- C:\Users\Susann\Documents\kf05DE035080___2011032822443202606766901.pdf
[2011.03.28 22:46:12 | 000,033,033 | ---- | M] () -- C:\Users\Susann\Documents\kf05DE035080___2011032822443202606766901.zip
[2011.03.28 09:23:00 | 000,000,680 | ---- | M] () -- C:\Users\Susann\AppData\Local\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
[2011.04.10 21:48:14 | 000,000,878 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.10 21:48:11 | 000,000,698 | ---- | C] () -- C:\Users\Susann\Desktop\NTREGOPT.lnk
[2011.04.10 21:48:11 | 000,000,679 | ---- | C] () -- C:\Users\Susann\Desktop\ERUNT.lnk
[2011.04.10 21:42:30 | 000,301,568 | ---- | C] () -- C:\Users\Susann\Desktop\g2m3e4r.exe
[2011.04.10 19:57:10 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2011.04.10 19:57:10 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011.04.10 07:54:05 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.09 22:15:27 | 000,000,953 | ---- | C] () -- C:\Users\Susann\Desktop\Web Creator 3.lnk
[2011.04.08 13:12:57 | 000,143,715 | ---- | C] () -- C:\Users\Susann\Documents\vog9143483.pdf
[2011.04.04 21:42:13 | 000,015,708 | ---- | C] () -- C:\Users\Susann\Documents\überweisungen.odt
[2011.04.04 20:58:23 | 000,087,201 | ---- | C] () -- C:\Users\Susann\Documents\Sgiend0400111040411120.pdf
[2011.03.31 14:15:22 | 000,040,625 | ---- | C] () -- C:\Users\Susann\kaufvertrag.pdf
[2011.03.31 14:10:12 | 000,000,827 | ---- | C] () -- C:\Users\Susann\Desktop\Free PDF to Word Doc Converter.lnk
[2011.03.30 06:18:44 | 001,828,356 | ---- | C] () -- C:\Users\Susann\Documents\WP_000002.zip
[2011.03.28 22:52:29 | 000,032,673 | ---- | C] () -- C:\Users\Susann\vollmacht_2005.pdf
[2011.03.28 22:47:17 | 000,028,867 | ---- | C] () -- C:\Users\Susann\Documents\kf05DE035080___2011032822443202606766901.pdf
[2011.03.28 22:46:10 | 000,033,033 | ---- | C] () -- C:\Users\Susann\Documents\kf05DE035080___2011032822443202606766901.zip
[2010.09.29 13:43:00 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.08.23 11:12:47 | 000,019,659 | ---- | C] () -- C:\Users\Susann\AppData\Local\internal.grp
[2010.08.23 11:08:05 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit.INI
[2010.08.23 10:54:09 | 000,004,753 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010.04.11 18:22:15 | 000,000,121 | ---- | C] () -- C:\Windows\Winamp.ini
[2010.03.17 20:27:27 | 000,087,184 | ---- | C] () -- C:\Windows\NSUninst.exe
[2010.03.17 20:27:05 | 000,087,184 | ---- | C] () -- C:\Windows\GREUninstall.exe
[2010.03.17 20:27:03 | 000,009,606 | ---- | C] () -- C:\Windows\mozver.dat
[2009.07.22 16:18:51 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.04.05 18:26:14 | 003,361,136 | ---- | C] () -- C:\Program Files\pplivesetup_1.9.23.exe
[2009.02.24 19:22:10 | 000,057,763 | ---- | C] () -- C:\Program Files\anmeldung_2008.pdf
[2009.02.19 16:15:02 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.01.26 17:46:49 | 029,066,112 | ---- | C] () -- C:\Program Files\TE4XP_Trial_4.6.3.268_setup_de.exe
[2008.12.21 18:26:12 | 000,000,671 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\vso_ts_preview.xml
[2008.12.21 18:23:54 | 000,087,608 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\inst.exe
[2008.12.21 18:23:54 | 000,007,887 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\pcouffin.cat
[2008.12.21 18:23:53 | 000,001,144 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\pcouffin.inf
[2008.09.23 10:10:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.09.23 10:10:14 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.09.07 13:56:46 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2008.07.03 22:56:12 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.07.01 12:15:37 | 000,000,680 | ---- | C] () -- C:\Users\Susann\AppData\Local\d3d9caps.dat
[2008.06.22 14:50:13 | 000,000,016 | -H-- | C] () -- C:\Users\Susann\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.06.22 14:50:13 | 000,000,016 | -H-- | C] () -- C:\Users\Susann\AppData\Local\mxfilerelatedcache.mxc2
[2008.06.12 17:15:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2008.06.12 17:15:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2008.06.12 17:15:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2008.06.12 17:15:40 | 000,049,152 | ---- | C] () -- C:\Windows\VFind.exe
[2008.06.12 11:19:21 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2008.06.11 02:07:20 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.06.10 13:38:19 | 000,408,576 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2008.06.10 13:38:18 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2008.06.10 13:38:18 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe
[2008.06.10 13:38:18 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2008.06.10 13:38:18 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2008.06.10 13:38:18 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008.06.05 06:46:44 | 000,000,094 | ---- | C] () -- C:\Users\Susann\AppData\Local\fusioncache.dat
[2008.05.31 13:57:35 | 000,000,343 | ---- | C] () -- C:\Windows\Lexstat.ini
[2008.05.28 13:04:31 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2008.05.23 00:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008.05.20 19:37:52 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXBCinst.dll
[2008.05.20 19:37:51 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbcutil.dll
[2008.05.15 17:33:35 | 000,002,779 | ---- | C] () -- C:\Windows\tm.ini
[2008.04.08 08:54:12 | 000,167,275 | ---- | C] () -- C:\Program Files\rechnung öl.xps
[2008.04.07 09:56:39 | 002,782,994 | ---- | C] () -- C:\Program Files\DeepBurner19.exe
[2008.03.15 15:00:43 | 000,000,311 | ---- | C] () -- C:\Windows\pdf2word.INI
[2008.03.14 10:48:31 | 000,024,206 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\UserTile.png
[2008.03.04 13:50:39 | 000,000,245 | ---- | C] () -- C:\Windows\BUHL.INI
[2008.03.04 12:57:34 | 000,000,633 | ---- | C] () -- C:\Windows\wiso.ini
[2008.02.11 23:36:22 | 000,000,039 | ---- | C] () -- C:\Users\Susann\AppData\Roaming\AVSDVDPlayer.m3u
[2008.01.22 20:30:27 | 000,243,200 | ---- | C] () -- C:\Users\Susann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.18 16:08:59 | 113,658,554 | ---- | C] () -- C:\Program Files\OOo_2.3.1_Win32Intel_install_de.exe
[2008.01.09 12:52:58 | 000,796,048 | ---- | C] () -- C:\Windows\System32\libeay32_0.9.6l.dll
[2008.01.09 12:40:06 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008.01.08 20:16:02 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.09.14 10:27:05 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.09.14 10:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.09.14 10:00:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.09.14 10:00:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.09.14 10:00:46 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.09.14 10:00:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.09.14 09:59:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.09.14 09:59:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.09.14 09:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.09.14 09:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.09.14 09:59:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.09.14 09:59:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.09.14 09:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007.09.14 09:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007.09.14 09:40:24 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.09.14 08:25:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.09.14 08:24:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.09.14 08:24:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.09.14 08:23:59 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbccoin.dll
[2006.12.05 13:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 17:33:31 | 000,663,006 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,136,050 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,295,664 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,623,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,112,302 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.22 21:05:46 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2005.10.25 14:51:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbcvs.dll
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[1996.08.22 03:07:02 | 000,000,640 | ---- | C] () -- C:\Windows\TBINSDT.DAT
 
< End of report >
         
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.04.2011 21:59:53 - Run 1[/B]
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Susann\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,89 Gb Total Space | 28,81 Gb Free Space | 38,46% Space Free | Partition Type: NTFS
Drive E: | 72,68 Gb Total Space | 14,72 Gb Free Space | 20,25% Space Free | Partition Type: NTFS
Drive F: | 669,46 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3360111819-2263618658-1332504136-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"systenn.exe" = C:\windows\systenn.exe
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30A2B623-674A-42B3-B8E3-0D933527B868}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3132DF9E-03B4-4825-827C-D549640BE97B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3D5D851B-754A-4772-A615-27988C4F6A03}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3D6625F8-6F7E-45D8-B578-8EBD2A50818D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{42081C80-9875-4074-9864-C5E1346380A4}" = rport=137 | protocol=17 | dir=out | app=system | 
"{7A6280AE-421E-4364-98CC-3F1C391FED1A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7A9C53CE-0092-447B-85CB-61FF22E1DE22}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B337163A-D901-49EE-972F-878F4EF87784}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | 
"{BCAD06FD-7CEB-422B-AEC0-C63CBA369DBD}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E0778833-6CFD-4D39-9D00-0B98DA07DDA1}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F9A0036B-20C0-4255-84CB-5E2E3F842407}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E34FDE-18A1-48B4-BC10-5CFD2154B467}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
"{172F4723-64F5-42A6-AEE6-DE7BE9142968}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{1DEDC93A-0555-4A16-AAC9-9BB02E7A2EB0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{1FF923A9-EE67-456A-B6D0-DD7DFA3E9C80}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{24A89DCD-D559-4390-ADF7-CA3A606401BC}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe | 
"{24B2FC84-C6D8-45C3-8EC0-5EB7BE7E7701}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{2CDBF62E-007B-439D-BA04-6D1A4A96CF79}" = protocol=17 | dir=in | app=c:\program files\pplive\pplive.exe | 
"{308A0276-CF53-4BB2-9B68-E1F7E3E3C181}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{35306BE2-70D9-4CC9-B77B-F2500FAA4880}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{3B0ECA59-C4BC-4375-B40D-5846BB06597F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3D54378E-0E72-43D2-83DE-31EC69107F5D}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{402C5A27-F4D2-4E37-86D7-97375DA196EA}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1199816171\ee\aolsoftware.exe | 
"{4B81009B-F4BA-43F6-938E-79733FE25E63}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe | 
"{5454707C-3726-4549-BE72-A13E745EA083}" = protocol=6 | dir=in | app=c:\program files\pplive\pplive.exe | 
"{56F2EC18-CCF8-4D4B-854E-4051E60EBF97}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{5FA8BDBD-9F68-452E-A51D-6FBDBBA672C4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6489DCE9-F311-48D0-9E27-1D1B964B7B56}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1199816171\ee\aolsoftware.exe | 
"{69479054-940C-4DB9-B1FC-D630557C06E3}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{6BB2C04F-BC5F-45DE-A644-4C794B046B70}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{6F1DE195-125B-4525-9F46-C31E76D43A98}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe | 
"{7991B07D-23F4-4CA5-99EE-B8820AE58C95}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{7C0F198A-1048-4E12-A5D0-79294D05CCAA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{7CA58D73-527E-469E-A569-CA6F8AC07B5F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{813DB451-C147-47BB-95BE-90B2C97DEE47}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{8B524476-AC73-4681-B937-946978FFC401}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{93326E4A-212D-4956-8211-688DA0EBCBF9}" = protocol=17 | dir=in | app=c:\users\susann\appdata\roaming\dropbox\bin\dropbox.exe | 
"{957C71FF-57DC-4EB2-AC3D-29B5F0963FDA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{97136286-6785-4EAD-822F-22B949D37D86}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{9DC0FD6B-02C5-4090-BC4B-57D63CD0FD72}" = protocol=6 | dir=in | app=c:\windows\system32\lxbccoms.exe | 
"{9EBBC401-3917-45E4-94A6-287D99A32C6D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{A193B8E6-A99B-4808-8A4F-455A9BF64DA8}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe | 
"{A3010856-3964-442C-AEE2-D33093AB49BD}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{B0992DE4-7636-43AF-BA29-5AF36672D66B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B49D00C1-4110-4C64-B4DA-621C2A1D7DFB}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe | 
"{BFB3F9B4-A936-4E09-AAA0-DE013384C688}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{C031F72A-172D-4343-9553-FCEE3DC46DB5}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | 
"{CACA90E3-497B-4EEA-ABF6-D6964AB10176}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe | 
"{CB1E1004-E32C-4F5C-A1FC-8F7CA7AD8B6A}" = protocol=6 | dir=in | app=c:\users\susann\appdata\roaming\dropbox\bin\dropbox.exe | 
"{D38E3764-5175-4968-9149-16E1BF77B24B}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{D3F30AC7-2F66-44BF-911A-BFCE9D7A12F7}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe | 
"{DB1E069A-CA74-41E3-89BF-3DFFD361765F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbcpswx.exe | 
"{DD8212AF-24E4-46F4-A572-95BDD858F684}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{DFA263E9-7B26-4789-BB6D-CDDF451CE8B7}" = protocol=17 | dir=in | app=c:\windows\system32\lxbccoms.exe | 
"{E2C4C8E7-6384-48D8-AEBF-986CC107B784}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{E3D9E956-33FC-48B6-990A-C0CD54BF23F7}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | 
"{EEF0A9FF-A7BF-493E-A502-54C46A9F6B57}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{FC1A901F-B417-4D46-B540-90D58676DB44}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Steuer 2009
"{0221A397-962E-6D84-F786-64E445617999}" = CCC Help English
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{08CB1B3E-D42C-3ED5-7896-F8BC31839315}" = Catalyst Control Center Localization Czech
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C9B3E29-3B8B-295E-773B-82F3516F17DD}" = CCC Help Thai
"{0D99E1E9-D28C-6806-0820-13E10082CE7B}" = CCC Help Italian
"{0DC5B855-1CE2-9EA3-AA12-78C8939F68EF}" = Catalyst Control Center Core Implementation
"{0E2C948E-44D6-9A1C-54E7-05217E7DCC13}" = CCC Help Dutch
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{17B2670B-DB33-4F5E-9273-0E5CDF39DA5F}" = Windows Phone Intro Video (DEU)
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B5AB0D6-4F7C-9B93-5323-9037F1E61142}" = CCC Help Chinese Standard
"{21EA2A28-3146-E63D-16EE-0BF9FA3D6F5E}" = Catalyst Control Center Localization German
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}" = TOSHIBA Supervisor Password
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{2D7D9D86-923A-41A8-919F-437332AB1031}" = Nero 7 Ultra Edition
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 5.009.00
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{31C97472-E522-A760-F46D-FC0648F77E9C}" = CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{40E3BE50-51A6-F8A0-DB5F-7C2698FA5E1F}" = CCC Help Spanish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{432DC370-01EF-F2D8-34C3-27DCC9B13083}" = CCC Help Norwegian
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{44151656-ECAC-99DC-1AC5-1F06A1A62939}" = Catalyst Control Center Graphics Light
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{454AB369-FABF-EB84-FBC1-CA4E8FBD3926}" = Catalyst Control Center Localization Hungarian
"{46008F4B-A8C3-4282-ACE3-73821F860911}" = OpenOffice.org 2.4
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{497268C1-AE62-4A1D-1129-1D03183538B0}" = Catalyst Control Center Localization Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CE6623E-C867-81B3-8B94-A4FE021782BF}" = CCC Help Portuguese
"{55FE1E6B-4E8A-0F2B-5B36-8F4363A0AEBC}" = Catalyst Control Center Localization Chinese Traditional
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{59DC42FB-13A7-45E1-BCC3-37CE5977951E}" = CCC Help Japanese
"{59DF97C6-3144-FA5A-4380-6B891BB44812}" = CCC Help German
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5BBE3EAB-D749-0560-2C39-53DC8531CB01}" = Catalyst Control Center Localization Korean
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{608738F2-51B4-CD53-C1CC-220363513ED7}" = CCC Help Czech
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{649C3B52-AA90-1F36-3D36-CE7F2BB1CB8C}" = Catalyst Control Center Localization Chinese Standard
"{654CABFA-4289-9EC0-F088-34BFCC84A798}" = Catalyst Control Center Localization Turkish
"{65CC9CE1-AAF1-866B-B07E-FECC0B53277E}" = Catalyst Control Center Localization Danish
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A9DF7EE-E7B9-E4F1-204A-FE72F47231CB}" = CCC Help Finnish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{7163A2F1-2DED-9EF4-24FC-06D607D2A9C9}" = Catalyst Control Center Graphics Full New
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{731341F3-55AA-8488-A3F1-3D4C43412C87}" = CCC Help Russian
"{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}" = AVM FRITZ!DSL
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{78DB08B0-F440-4BA6-9372-F2C6CC9721B7}" = Microsoft LifeCam
"{7A929336-7D2E-C4E3-2AC9-CA80FBEB5701}" = Catalyst Control Center Localization Spanish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84C7D852-CDF6-7006-91C7-E6A54519E5D5}" = Catalyst Control Center Graphics Full Existing
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8C1932E3-8555-4B03-B2CC-AE86DC6673E4}" = Ulead Drop Spot
"{8E850D2A-F5E9-C322-ABFF-683C69686C13}" = Catalyst Control Center Localization Russian
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{93FE0FBE-23F5-7BF4-9085-6E046D609F22}" = CCC Help Chinese Traditional
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3A61264-B075-46BE-9C97-376EA4CEEEF5}" = PdfGrabber 6.0
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A74BE9F1-1129-FB71-DA7B-96F5D99CA330}" = Catalyst Control Center Localization Finnish
"{A762A897-3E65-E264-5188-CBAD303064C2}" = Skins
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB79C30D-A920-D219-B4FD-C9552A0419D3}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AD6A78C4-AD77-448D-4F9D-43AD80C8D8FF}" = Catalyst Control Center Localization French
"{AE255C55-E0CF-4591-AA86-CAA19AA32C53}" = Garmin TOPO Deutschland v3
"{AEE482BA-1731-499C-346D-B5F498B7DBF8}" = CCC Help Turkish
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3E356C8-CEB3-467C-EA92-8FC2CA15AD51}" = Catalyst Control Center Localization Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBD408BC-486B-9857-C805-945F8F083877}" = CCC Help Swedish
"{BE044C42-908B-4952-5140-E2B8FD67F267}" = CCC Help Danish
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}" = TOSHIBA Hardware Setup
"{C29D1033-0247-FFC6-7895-204ABABA0F20}" = ccc-utility
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C643EEE3-A55A-58D1-D543-ED46726288CB}" = CCC Help Greek
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6E91710-5BF5-43C5-AB81-C3E488133346}" = Sony Ericsson Drivers
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0B87CB2-8599-4975-0E50-DB2F8E6B9AE6}" = Catalyst Control Center Localization Thai
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DA401137-8791-F77A-591C-F0BC3E7ED04E}" = Catalyst Control Center Localization Greek
"{DC9B7572-50C6-180D-916D-3E2CBD00C0C7}" = Catalyst Control Center Localization Japanese
"{DCAD9BFC-47A4-414F-95BC-F9B8D68D036A}" = TSUNAMI-MPEG DVD Author PRO
"{DFCFF0F1-005D-E317-733D-8D19D54FBF08}" = Catalyst Control Center Localization Swedish
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.13
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E748D6A5-D03D-BDE1-C094-DAE3F5BCEEF6}" = Catalyst Control Center Graphics Previews Vista
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8316038-8C38-52A8-9014-FD35536567E8}" = Catalyst Control Center Localization Dutch
"{E96A0335-C6EA-D11A-3A49-8586A8FED544}" = ccc-core-static
"{E9E6642B-0714-37B4-0248-D036B60F8F12}" = CCC Help Korean
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F05E0039-D2A7-198B-B79E-285395EBB5BB}" = Catalyst Control Center Localization Italian
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F101C58C-15CC-42B3-83D1-536CFB960634}" = Ulead PhotoImpact 8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F734CA55-0939-1F1A-A8B5-19B91B3D4B1F}" = Catalyst Control Center Localization Norwegian
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FE4C0830-A0F3-B67E-93BC-21C4B0BB0267}" = CCC Help Hungarian
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"AOL Deinstallation" = AOL Deinstallation
"AOL Installations-Manager" = AOL Installations-Manager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DeInst_d2vexcrd C:/Program Files/Top50 V4" = Top50 Viewer basierend auf Geogrid®-Viewer Version 2.2
"EOS USB WIA Driver" = EOS USB WIA Driver
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.3.4.1
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Geogrid_DynPerspView" = Geogrid® DynPerspView
"Google Updater" = Google Updater
"GPS-Track-Analyse.NET_is1" = 5.0.1
"GXTranscoder_is1" = GX::Transcoder v5.0
"Hessen 3D" = Hessen 3D
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{8C1932E3-8555-4B03-B2CC-AE86DC6673E4}" = Ulead Drop Spot 1.0
"InstallShield_{F101C58C-15CC-42B3-83D1-536CFB960634}" = Ulead PhotoImpact 8
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"Java Web Start" = Java Web Start
"JLC's Internet TV" = JLC's Internet TV
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.5 Standard
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LMSOFT Web Creator 3" = LMSOFT Web Creator 3
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Netscape (7.1)" = Netscape (7.1)
"Netzmanager" = Netzmanager
"QuickPar" = QuickPar 0.9
"Secure Eraser_is1" = Secure Eraser v2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"Text To PDF Converter v1.5_is1" = Text To PDF Converter v1.5
"TomTom HOME" = TomTom HOME 2.7.3.1894
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Update Service" = Update Service
"UseNeXT_is1" = UseNeXT
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"Visual LightBox" = Visual LightBox
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp (remove only)
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinGimp-2.0_is1" = GIMP 2.4.4
"WinRAR archiver" = WinRAR
"ZoneAlarm" = ZoneAlarm
"Zune" = Zune
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---



Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Sonntag, 10. April 2011 21:24

Es wird nach 2537417 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - FREE Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista
Windowsversion : (Service Pack 1) [6.0.6001]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ****- PC

Versionsinformationen:
BUILD.DAT : 10.0.0.635 31822 Bytes 07.03.2011 12:02:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 11.12.2010 11:46:32
AVSCAN.DLL : 10.0.3.0 56168 Bytes 30.03.2010 11:42:16
LUKE.DLL : 10.0.3.2 104296 Bytes 11.12.2010 11:46:35
LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 11:59:47
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 19:38:17
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:05:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 09:51:53
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 20:07:00
VBASE004.VDF : 7.11.5.226 2048 Bytes 07.04.2011 20:07:00
VBASE005.VDF : 7.11.5.227 2048 Bytes 07.04.2011 20:07:01
VBASE006.VDF : 7.11.5.228 2048 Bytes 07.04.2011 20:07:01
VBASE007.VDF : 7.11.5.229 2048 Bytes 07.04.2011 20:07:01
VBASE008.VDF : 7.11.5.230 2048 Bytes 07.04.2011 20:07:01
VBASE009.VDF : 7.11.5.231 2048 Bytes 07.04.2011 20:07:01
VBASE010.VDF : 7.11.5.232 2048 Bytes 07.04.2011 20:07:01
VBASE011.VDF : 7.11.5.233 2048 Bytes 07.04.2011 20:07:01
VBASE012.VDF : 7.11.5.234 2048 Bytes 07.04.2011 20:07:01
VBASE013.VDF : 7.11.5.235 2048 Bytes 07.04.2011 20:07:02
VBASE014.VDF : 7.11.5.236 2048 Bytes 07.04.2011 20:07:02
VBASE015.VDF : 7.11.5.237 2048 Bytes 07.04.2011 20:07:02
VBASE016.VDF : 7.11.5.238 2048 Bytes 07.04.2011 20:07:02
VBASE017.VDF : 7.11.5.239 2048 Bytes 07.04.2011 20:07:02
VBASE018.VDF : 7.11.5.240 2048 Bytes 07.04.2011 20:07:02
VBASE019.VDF : 7.11.5.241 2048 Bytes 07.04.2011 20:07:02
VBASE020.VDF : 7.11.5.242 2048 Bytes 07.04.2011 20:07:03
VBASE021.VDF : 7.11.5.243 2048 Bytes 07.04.2011 20:07:03
VBASE022.VDF : 7.11.5.244 2048 Bytes 07.04.2011 20:07:03
VBASE023.VDF : 7.11.5.245 2048 Bytes 07.04.2011 20:07:03
VBASE024.VDF : 7.11.5.246 2048 Bytes 07.04.2011 20:07:03
VBASE025.VDF : 7.11.5.247 2048 Bytes 07.04.2011 20:07:03
VBASE026.VDF : 7.11.5.248 2048 Bytes 07.04.2011 20:07:03
VBASE027.VDF : 7.11.5.249 2048 Bytes 07.04.2011 20:07:04
VBASE028.VDF : 7.11.5.250 2048 Bytes 07.04.2011 20:07:04
VBASE029.VDF : 7.11.5.251 2048 Bytes 07.04.2011 20:07:04
VBASE030.VDF : 7.11.5.252 2048 Bytes 07.04.2011 20:07:04
VBASE031.VDF : 7.11.6.19 95744 Bytes 08.04.2011 20:07:05
Engineversion : 8.2.4.206
AEVDF.DLL : 8.1.2.1 106868 Bytes 11.12.2010 11:46:30
AESCRIPT.DLL : 8.1.3.58 1266042 Bytes 04.04.2011 15:36:28
AESCN.DLL : 8.1.7.2 127349 Bytes 11.12.2010 11:46:29
AESBX.DLL : 8.1.3.2 254324 Bytes 11.12.2010 11:46:30
AERDL.DLL : 8.1.9.9 639347 Bytes 31.03.2011 07:42:39
AEPACK.DLL : 8.2.6.0 549237 Bytes 09.04.2011 20:07:26
AEOFFICE.DLL : 8.1.1.20 205177 Bytes 04.04.2011 15:35:43
AEHEUR.DLL : 8.1.2.97 3428726 Bytes 09.04.2011 20:07:22
AEHELP.DLL : 8.1.16.1 246134 Bytes 23.02.2011 09:52:14
AEGEN.DLL : 8.1.5.4 397684 Bytes 04.04.2011 15:34:15
AEEMU.DLL : 8.1.3.0 393589 Bytes 11.12.2010 11:46:27
AECORE.DLL : 8.1.20.2 196982 Bytes 09.04.2011 20:07:07
AEBB.DLL : 8.1.1.0 53618 Bytes 11.12.2010 11:46:26
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 11:59:10
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 11:59:07
AVREP.DLL : 10.0.0.8 62209 Bytes 18.02.2010 16:47:40
AVREG.DLL : 10.0.3.2 53096 Bytes 11.12.2010 11:46:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 11.12.2010 11:46:32
AVARKT.DLL : 10.0.22.6 231784 Bytes 11.12.2010 11:46:30
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 09:53:25
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 12:57:53
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 15:38:54
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 14:40:55
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 13:10:08
RCTEXT.DLL : 10.0.58.0 98152 Bytes 11.12.2010 11:46:17

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: avguard_async_scan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_4e83b7b8\guard_slideup.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: reparieren
Sekundäre Aktion......................: quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: hoch
Abweichende Gefahrenkategorien........: +APPL,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Sonntag, 10. April 2011 21:24

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWinSec.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ULCDRSvr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosCoSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TomTomHOMEService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TODDSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TNaviSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NMSAccessU.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Netzmanager_Service.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lxbccoms.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'IGDCTRL.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSvcs.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AOLAcsd.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'agrsmsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynToshiba.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZuneLauncher.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'E:\Videos\wizard\incl-crack\Web Creator Pro v4 0 0 5 Multilangages Incl-Crack.exe'
E:\Videos\wizard\incl-crack\Web Creator Pro v4 0 0 5 Multilangages Incl-Crack.exe
[FUND] Ist das Trojanische Pferd TR/Meredrop.A.5772
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b32a548.qua' verschoben!


Ende des Suchlaufs: Sonntag, 10. April 2011 21:25
Benötigte Zeit: 00:26 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

0 Verzeichnisse wurden überprüft
63 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
62 Dateien ohne Befall
0 Archive wurden durchsucht
0 Warnungen
1 Hinweise


Die Suchergebnisse werden an den Guard übermittelt.

Alt 11.04.2011, 08:16   #2
nochdigger
 
TR/Meredrop.A.5772 - Standard

TR/Meredrop.A.5772



Moin

Zitat:
Hallo AntiVIR hat einen Trojaner gefunden und nun weiss ich nicht, wie ich den wieder los werde
fang doch einfach mal damit an, den Keygen zu löschen

Zitat:
Kann mir jemand helfen?
Wenn den Keygen ausgeführt haben solltest, dann geht es hier für dich weiter
http://www.trojaner-board.de/51262-a...sicherung.html
Wenn nicht, solltest du dir über den Umgang mit dem Internet ein wenig mehr gedanken machen.
Mit anderen Worten, du solltest dein Surfverhalten ändern.

EDIT: Sorry war n Crack

MFG
__________________

__________________

Antwort

Themen zu TR/Meredrop.A.5772
antivir, avgntflt.sys, avira, bho, cdburnerxp, conduit, druck, dsl, eraser, error, firefox, flash player, format, google, helper, home, location, microsoft office word, mozilla, mp3, nodrives, nt.dll, oldtimer, prozesse, realtek, registry, rundll, safer networking, saver, scan, searchplugins, security, shell32.dll, skype.exe, software, sparbuch, start menu, studio, svchost.exe, trojaner, trojaner gefunden, usb, usenext, vista, visual studio



Ähnliche Themen: TR/Meredrop.A.5772


  1. EXP/CVE-2013-0422, TR/Meredrop.A.11462 wgsdgsdgdsgsd.exe (GVU-Trojaner?), BDS/Delf.MN19
    Log-Analyse und Auswertung - 20.01.2013 (13)
  2. GVU-Trojaner mit Webcam, TR/Meredrop.A.12609, C:\Users\DW\wgsdgsdgdsgsd.dll
    Log-Analyse und Auswertung - 19.01.2013 (9)
  3. Trojanermeldung bei avira tr/meredrop.a.7907 korrekt?
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (14)
  4. Laptop / externer Bildschirm / Meredrop
    Log-Analyse und Auswertung - 13.12.2011 (22)
  5. AVIRA erkannte Meredrop.A.4682 und Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 09.03.2011 (11)
  6. Trojanerfund - TR/Meredrop.A.4984 BITTE UM HILFE
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (22)
  7. Win32/Provis!rts, Win32/Ragterneb.A, Win32/Meredrop, Win32/VB.RC, TrojanDropper:Win32/Bamital.C
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (7)
  8. TR/Meredrop.A.13012 - wirklich weg?
    Plagegeister aller Art und deren Bekämpfung - 26.08.2010 (20)
  9. Antivir meldedt Befall von meredrop.A.13012
    Plagegeister aller Art und deren Bekämpfung - 21.08.2010 (6)
  10. Gen:Variant.Zbot.6(DB) - Meredrop.A.10285
    Plagegeister aller Art und deren Bekämpfung - 20.06.2010 (11)
  11. TR/Meredrop.A.9501
    Plagegeister aller Art und deren Bekämpfung - 20.05.2010 (1)
  12. Avira Guard meldet TR/Meredrop.A.8615 von umil.tmp
    Plagegeister aller Art und deren Bekämpfung - 02.05.2010 (1)
  13. TR/Meredrop.A.8051 Browser blockiert
    Plagegeister aller Art und deren Bekämpfung - 20.04.2010 (1)
  14. Antivir findet: TR/Drop.Steps.LS TR/Meredrop.A.5752
    Plagegeister aller Art und deren Bekämpfung - 07.03.2010 (26)
  15. Trojaner gefunden - svchost.exe 'TR/Meredrop.A.5813'
    Antiviren-, Firewall- und andere Schutzprogramme - 28.02.2010 (18)
  16. Neu TR/Meredrop.A.
    Plagegeister aller Art und deren Bekämpfung - 14.02.2010 (2)
  17. Befall durch TR/Meredrop.A.4984
    Plagegeister aller Art und deren Bekämpfung - 29.01.2010 (1)

Zum Thema TR/Meredrop.A.5772 - Hallo AntiVIR hat einen Trojaner gefunden und nun weiss ich nicht, wie ich den wieder los werde . Kann mir jemand helfen? Ich habe die LOGFILES: OTL , extra , - TR/Meredrop.A.5772...
Archiv
Du betrachtest: TR/Meredrop.A.5772 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.