Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Avira Antivir entdeckt autorun.inf und verweigert Zugriff

Avira Antivir entdeckt autorun.inf und verweigert Zugriff


Plagegeister aller Art und deren Bekämpfung: Avira Antivir entdeckt autorun.inf und verweigert Zugriff

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.07.2010, 21:38   #1
rachel
 
Avira Antivir entdeckt autorun.inf und verweigert Zugriff - Standard

Avira Antivir entdeckt autorun.inf und verweigert Zugriff


Hallo,

ich habe wohl - wie so viele - auch ein Problem mit dem Wurm autorun.inf.


Mein Avira-Guard meldet immer nach Anschluss meiner externen Festplatte:
"Zu Ihrer Sicherheit wurde der Zugriff auf die Datei 'D:\autorun.inf' blockiert."

Aus anderen Einträgen auf trojaner-board habe ich erfahren, dass ich Malwarebytes durchlaufen lasse und anschließend OTL. Das habe ich mal gemacht und poste das jetzt mal untenstehend.


OTL:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 20.07.2010 22:05:27 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Rachel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 21,38 Gb Free Space | 28,69% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 321,67 Gb Free Space | 69,06% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 69,67 Gb Free Space | 95,36% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RACHELS-POMPUTA
Current User Name: Rachel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rachel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Mail\WinMail.exe (Microsoft Corporation)
PRC - C:\Programme\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rachel\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TOSHIBA Bluetooth Service) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe File not found
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/rswin_3725.dll ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (TpChoice) -- C:\Windows\System32\DRIVERS\TpChoice.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (VClone) -- C:\Windows\system32\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=15003&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}:5.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: support@pdfcreator-toolbar.org:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=en_DE&apn_uid=38BAC10B-A8E4-48F7-B6C0-711F57FE9E5A&apn_ptnrs=PV&apn_sauid=3023A355-263E-4577-8D2E-1AC80F0B9BBD&apn_dtid=&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.20 13:48:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.20 14:19:34 | 000,000,000 | ---D | M]
 
[2008.10.10 12:18:09 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\mozilla\Extensions
[2010.07.20 14:22:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\mozilla\Firefox\Profiles\syeqpirf.default\extensions
[2010.05.03 13:44:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rachel\AppData\Roaming\mozilla\Firefox\Profiles\syeqpirf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.02 14:35:34 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rachel\AppData\Roaming\mozilla\Firefox\Profiles\syeqpirf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.25 17:05:49 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\mozilla\Firefox\Profiles\syeqpirf.default\extensions\toolbar@ask.com
[2010.07.20 12:32:55 | 000,002,384 | ---- | M] () -- C:\Users\Rachel\AppData\Roaming\Mozilla\FireFox\Profiles\syeqpirf.default\searchplugins\askcom.xml
[2010.05.02 10:00:31 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2008.03.08 19:41:51 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.08.23 17:29:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}
[2010.05.02 10:00:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008.03.08 19:41:39 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\real-networks@partners.mozilla.com
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MsgCenterExe] C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe File not found
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TOSCDSPD]  File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_19-windows-i586.cab (Java Plug-in 1.5.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Rachel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rachel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.02 14:04:45 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{25506515-fbc5-11de-a7b9-001b38a9b985}\Shell\AutoRun\command - "" = H:\installer.exe -- File not found
O33 - MountPoints2\{3609da7f-2617-11de-8c02-001b38a9b985}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008.01.19 09:33:29 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{3609da8b-2617-11de-8c02-001b38a9b985}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008.01.19 09:33:29 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{8d107e3f-2e9c-11df-a91e-001b38a9b985}\Shell\AutoRun\command - "" = D:\installer.exe -- File not found
O33 - MountPoints2\{b216d59c-91de-11dc-9ba7-001b38a9b985}\Shell - "" = AutoRun
O33 - MountPoints2\{b216d59c-91de-11dc-9ba7-001b38a9b985}\Shell\AutoRun\command - "" = G:\wubi.exe -- File not found
O33 - MountPoints2\{dde4562f-fd98-11dd-9037-806e6f6e6963}\Shell\AutoRun\command - "" = n68mqcra.exe
O33 - MountPoints2\{dde4562f-fd98-11dd-9037-806e6f6e6963}\Shell\open\Command - "" = n68mqcra.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.20 21:35:28 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Malwarebytes
[2010.07.20 21:35:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.20 21:35:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.20 21:35:15 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.20 21:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.20 18:08:29 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Uniblue
[2010.07.20 18:08:24 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2010.07.20 17:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.07.20 17:48:02 | 000,000,000 | ---D | C] -- C:\Programme\Security Task Manager
[2010.07.20 15:06:51 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Avira
[2010.07.20 14:55:18 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.07.20 14:55:18 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.07.20 14:55:18 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.07.20 14:55:17 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.07.20 14:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010.07.20 14:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.07.20 14:03:10 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2010.07.19 10:33:47 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\Infotafeln
[2010.07.10 21:56:30 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\Yuma Ausflug
[2010.07.10 11:47:09 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.07.10 11:46:55 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.07.09 17:49:36 | 000,000,000 | ---D | C] -- C:\Programme\mdr
[2010.07.09 16:01:02 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.07.09 16:01:01 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.07.09 16:01:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.07.09 16:01:00 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.07.09 16:01:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.07.09 16:00:59 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.07.09 16:00:58 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.07.09 16:00:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.07.09 16:00:58 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.07.09 16:00:57 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.07.09 16:00:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.07.09 16:00:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.07.09 16:00:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.07.09 16:00:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.07.09 16:00:53 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.07.09 15:59:13 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.07.09 15:59:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.07.09 15:59:12 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010.07.09 15:59:12 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010.07.09 15:59:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010.07.09 15:59:11 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.07.09 15:59:11 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.07.09 15:59:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010.07.09 15:59:10 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.07.09 15:59:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010.07.09 15:59:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010.07.09 15:59:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.07.09 15:59:09 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010.07.09 15:59:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.07.09 15:59:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010.07.09 15:59:08 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.07.09 15:59:08 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.07.09 15:59:07 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010.07.09 15:59:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.07.09 15:59:04 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010.07.09 15:59:04 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010.07.09 15:59:04 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010.07.09 15:59:04 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010.07.09 15:59:04 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010.07.09 15:59:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2010.07.04 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\Xenocode
[2010.07.02 18:20:53 | 000,014,604 | ---- | C] (Padus, Inc.) -- C:\Windows\System32\drivers\pfc.sys
[2010.07.02 18:20:44 | 000,344,064 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010.07.01 17:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010.07.01 17:13:16 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\No Company Name
[2010.07.01 17:12:53 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Documents\Adobe
[2010.07.01 13:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2010.07.01 13:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2010.07.01 13:43:32 | 000,000,000 | ---D | C] -- C:\Programme\SmartSound Software
[2010.07.01 13:41:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Macrovision Shared
[2010.07.01 03:02:33 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\Download Manager
[2010.06.30 22:13:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Akamai
[2010.06.25 16:26:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.25 16:26:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.25 16:26:37 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 21:09:02 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.06.23 21:09:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rachel\Desktop\*.tmp files -> C:\Users\Rachel\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.20 22:05:00 | 003,145,728 | -HS- | M] () -- C:\Users\Rachel\ntuser.dat
[2010.07.20 22:04:07 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\djrcidl.sys
[2010.07.20 21:35:20 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.20 21:34:40 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.20 21:34:40 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.20 21:15:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.20 20:15:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.20 18:15:09 | 000,085,504 | ---- | M] () -- C:\Users\Rachel\Desktop\Interviewauswertung.xls
[2010.07.20 18:08:38 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010.07.20 17:41:00 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.20 17:41:00 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.20 17:41:00 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.20 17:41:00 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.20 17:40:59 | 001,445,116 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.20 17:34:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.20 17:34:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.20 17:34:35 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.20 17:32:50 | 000,524,288 | -HS- | M] () -- C:\Users\Rachel\ntuser.dat{5b129cd6-a5c6-11dd-b778-001b38a9b985}.TMContainer00000000000000000001.regtrans-ms
[2010.07.20 17:32:50 | 000,065,536 | -HS- | M] () -- C:\Users\Rachel\ntuser.dat{5b129cd6-a5c6-11dd-b778-001b38a9b985}.TM.blf
[2010.07.20 14:55:31 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.07.20 14:03:11 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.07.20 14:03:11 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.07.19 10:12:15 | 000,015,872 | ---- | M] () -- C:\Users\Rachel\Desktop\Projektblatt Ferienprogramm.xls
[2010.07.19 10:08:55 | 000,015,872 | ---- | M] () -- C:\Users\Rachel\Desktop\Projektblatt Infotafeln.xls
[2010.07.17 00:04:28 | 000,037,888 | ---- | M] () -- C:\Users\Rachel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.16 14:07:00 | 000,051,747 | ---- | M] () -- C:\Users\Rachel\Desktop\kulturweit_StuHi_Eval-Daten_08072010.pdf
[2010.07.12 20:06:30 | 000,077,824 | ---- | M] () -- C:\Users\Rachel\Desktop\Auswertung+Interview.xls
[2010.07.05 21:00:55 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.03 13:08:01 | 000,000,701 | ---- | M] () -- C:\Users\Rachel\Desktop\Adobe Premiere Pro.lnk
[2010.07.02 18:50:31 | 000,098,040 | ---- | M] () -- C:\Users\Rachel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.02 18:46:56 | 000,358,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.01 18:33:40 | 041,218,352 | ---- | M] () -- C:\Users\Rachel\Documents\Unbenannt.avi
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rachel\Desktop\*.tmp files -> C:\Users\Rachel\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.20 22:04:07 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\djrcidl.sys
[2010.07.20 21:35:20 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.20 18:08:32 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2010.07.20 17:34:35 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2010.07.20 14:55:31 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.07.20 14:03:11 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010.07.20 14:03:11 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010.07.19 10:12:15 | 000,015,872 | ---- | C] () -- C:\Users\Rachel\Desktop\Projektblatt Ferienprogramm.xls
[2010.07.19 10:08:55 | 000,015,872 | ---- | C] () -- C:\Users\Rachel\Desktop\Projektblatt Infotafeln.xls
[2010.07.16 14:06:57 | 000,051,747 | ---- | C] () -- C:\Users\Rachel\Desktop\kulturweit_StuHi_Eval-Daten_08072010.pdf
[2010.07.12 20:22:21 | 000,085,504 | ---- | C] () -- C:\Users\Rachel\Desktop\Interviewauswertung.xls
[2010.07.12 20:06:27 | 000,077,824 | ---- | C] () -- C:\Users\Rachel\Desktop\Auswertung+Interview.xls
[2010.07.09 16:00:57 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.07.05 14:42:32 | 003,261,899 | ---- | C] () -- C:\Users\Rachel\Desktop\Jan2010 367.JPG
[2010.07.05 14:41:57 | 003,074,395 | ---- | C] () -- C:\Users\Rachel\Desktop\Jan2010 368.JPG
[2010.07.05 14:40:23 | 003,493,290 | ---- | C] () -- C:\Users\Rachel\Desktop\Jan2010 375.JPG
[2010.07.05 14:40:12 | 003,124,962 | ---- | C] () -- C:\Users\Rachel\Desktop\Jan2010 359.JPG
[2010.07.03 13:08:01 | 000,000,701 | ---- | C] () -- C:\Users\Rachel\Desktop\Adobe Premiere Pro.lnk
[2010.07.01 18:33:27 | 041,218,352 | ---- | C] () -- C:\Users\Rachel\Documents\Unbenannt.avi
[2009.11.17 12:08:34 | 000,197,424 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009.08.08 12:50:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.12.20 19:12:56 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.10.21 22:13:39 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008.10.15 01:53:42 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.10.15 01:53:42 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008.10.15 01:53:39 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.10.15 01:53:39 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.10.15 01:53:37 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.10.15 01:53:37 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.09.16 02:14:24 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.09.16 02:12:02 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.09.16 02:12:02 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.09.16 02:11:10 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007.12.07 21:58:50 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2007.11.13 14:23:33 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.10.15 20:54:51 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007.10.15 20:54:50 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.10.15 20:54:50 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007.10.15 20:54:48 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.10.15 20:51:56 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.10.15 20:51:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.10.15 20:51:56 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.10.15 20:51:56 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.07.12 10:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.07.12 10:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.07.12 10:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.07.12 10:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.04.16 08:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
< End of report >
--- --- ---



Extras:

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 20.07.2010 22:05:27 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Rachel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 21,38 Gb Free Space | 28,69% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 321,67 Gb Free Space | 69,06% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 69,67 Gb Free Space | 95,36% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: RACHELS-POMPUTA
Current User Name: Rachel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- FirefoxURL
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{186CE129-3F11-4141-88A4-B3825F2848CE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3C7371F2-32BD-4084-A16B-6746137B10AF}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3DA06432-CC75-43EE-BB70-9E20990DF098}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5B033D09-9B1F-4898-B57E-F9434CD92C3D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{61DE11D5-5D01-4F63-B48E-8D8B851BC8BC}" = rport=139 | protocol=6 | dir=out | app=system | 
"{983A4C3C-343B-4817-8581-45ED109B8D00}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{986D8184-07C2-429B-911F-F4DD72919894}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface | 
"{AA5D8776-2595-4A7A-B90C-4B5B67006F85}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B8E5BFE5-8B81-4F97-83E0-4231B37C396B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BC58343B-8B4A-4A9E-BA7A-1CE6D63FB5BC}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CC3F0037-EE0C-4098-A55C-4BF3293EB77E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D7230655-E3E8-4712-B945-B7F501C0699A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DADC631-0F51-467C-B846-A1B47609BF71}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3A5F5E83-0DCE-431D-B40E-0F2780C25181}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{64C58AD7-B902-431E-9C7B-5BF243003EDA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{70E80F09-52EB-4191-976F-A176C6EDF36F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{71A3CA5A-FDF9-408E-A1E2-42E4EAC26DD1}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{8ADF7623-3BE5-4C9D-B27A-CA6B77C8B879}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{94500E1F-2C5F-494A-A184-4DB9C67CB1A5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{95DCB290-1A4A-4C8A-8765-D403CA3D5371}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9BE823A8-98AD-4AD2-898B-F50A45A96C63}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C0FB0B64-5FEB-49BC-9D3F-3AA47B5DD82D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FEC5022C-AF69-49E4-B2D1-D6B979B84C00}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"TCP Query User{1B90655D-59DC-47D1-BD12-DA2CE355ADE5}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"TCP Query User{3B9DA5DE-7269-4328-AD10-A5E8014F1C94}C:\users\rachel\appdata\local\temp\java_ee_sdk-5_07-windows[1].exe2\package\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\rachel\appdata\local\temp\java_ee_sdk-5_07-windows[1].exe2\package\jre\bin\javaw.exe | 
"TCP Query User{3D16C61D-AC48-4801-A72E-998AFD4790E8}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | 
"TCP Query User{51CFB6D1-E6C3-4590-AAA1-14EFE3EB1D20}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"TCP Query User{590CE16B-0323-4E87-8E3F-A2E4B7A3EE5D}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{7CECB2F5-1DF5-4F80-A5AB-450A7C21649E}C:\users\rachel\appdata\local\xenocode\sandbox\adobe premiere pro cs3\3, 0, 0, 0\2010.01.28t18.06\native\stubexe\8.0.1112\@programfiles@\bonjour\mdnsresponder.exe" = protocol=6 | dir=in | app=c:\users\rachel\appdata\local\xenocode\sandbox\adobe premiere pro cs3\3, 0, 0, 0\2010.01.28t18.06\native\stubexe\8.0.1112\@programfiles@\bonjour\mdnsresponder.exe | 
"TCP Query User{89A6A73C-AA43-4E00-B2CA-B6245C693D6D}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{9901A010-9071-4E33-A922-53C8E776A9DC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{C342BE45-6351-4F04-9F0C-D1FD1A7C0A71}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{D7DE1988-9CE9-4706-A828-1514197E1CA6}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{E74CCC2A-8203-4330-9DBA-19222BEF98B2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{F46D3E56-3E60-47F7-936D-14ACD001F936}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{F58EC4E0-1564-4078-A59C-8C3BB225F2AF}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe | 
"UDP Query User{10B397B9-D5A9-4152-9A0C-C72F11C57837}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{13840683-4180-4642-8CF0-5346337B4A3E}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{250D914A-A2F2-4495-AA71-10561125F103}C:\users\rachel\appdata\local\temp\java_ee_sdk-5_07-windows[1].exe2\package\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\rachel\appdata\local\temp\java_ee_sdk-5_07-windows[1].exe2\package\jre\bin\javaw.exe | 
"UDP Query User{2AE77EC9-05D4-4C88-943A-915237BEFEFC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{3E86CB12-19C5-4E55-9B70-9FE493F4D64A}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{54D852AD-C22F-4273-997D-350CF34B4801}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{6154B0CC-B962-4AD6-9B33-2B2DC3CD40F1}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | 
"UDP Query User{96D5F807-FBE1-45DA-89BB-0E03ACD9B5C2}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{AA6250CC-69F7-4ADE-BB03-E76C20495175}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{BB3ACF93-15B7-44EC-8054-464DEDB5CE66}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{BE314B92-C058-4BF0-B1EB-7CA0A9CB11FC}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe | 
"UDP Query User{CAC900DF-1DAB-49E1-88E4-06CC3F2449BF}C:\users\rachel\appdata\local\xenocode\sandbox\adobe premiere pro cs3\3, 0, 0, 0\2010.01.28t18.06\native\stubexe\8.0.1112\@programfiles@\bonjour\mdnsresponder.exe" = protocol=17 | dir=in | app=c:\users\rachel\appdata\local\xenocode\sandbox\adobe premiere pro cs3\3, 0, 0, 0\2010.01.28t18.06\native\stubexe\8.0.1112\@programfiles@\bonjour\mdnsresponder.exe | 
"UDP Query User{DFAB0C5E-10FC-43E5-8B6A-F2A859727576}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}" = Cisco Systems VPN Client 5.0.06.0160
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2E41963B-151C-4D8B-BE5D-15A4F161719F}" = GoGear Spark Device Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150190}" = J2SE Runtime Environment 5.0 Update 19
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CCF22908-ECD2-4068-84F1-BA02DA1EC72D}" = GoGear Spark Device Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements
"Adobe SVG Viewer" = Adobe SVG Viewer
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Axel Juncker Wortschatztrainer" = Axel Juncker Wortschatztrainer
"Azureus" = Azureus
"Bde_is1" = BdeAdmin 5.01
"Digitale Bibliothek 3" = Digitale Bibliothek 3
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ElsterFormular 11.2.0.4074" = ElsterFormular
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Multi Data Rescue_is1" = Multi Data Rescue 2.1
"PC-Bibliothek Express" = PC-Bibliothek Express
"PDFCreator Toolbar" = PDFCreator Toolbar
"Pixum ePrint" = Pixum ePrint 1.2
"ratDVD" = ratDVD 0.78.1444
"Security Task Manager" = Security Task Manager 1.7h
"SoepLit_is1" = SoepLit 2.1
"SopCast" = SopCast 3.2.9
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TVAnts 1.0" = TVAnts 1.0
"Veetle TV" = Veetle TV 0.9.17
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.4
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinRAR archiver" = WinRAR
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 20.02.2010 12:25:50 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 21.02.2010 14:14:50 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 21.02.2010 17:46:31 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 22.02.2010 04:43:44 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 22.02.2010 04:50:30 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 22.02.2010 05:01:34 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 23.02.2010 12:12:06 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 24.02.2010 04:21:56 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 25.02.2010 07:20:35 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
Error - 25.02.2010 15:38:03 | Computer Name = Rachels-Pomputa | Source = Avira AntiVir | ID = 4122
Description = Die Datei AVPREF.DLL konnte nicht geladen werden.  Fehlercode: 1114
 
[ System Events ]
Error - 20.07.2010 11:27:53 | Computer Name = Rachels-Pomputa | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 20.07.2010 11:28:08 | Computer Name = Rachels-Pomputa | Source = DCOM | ID = 10005
Description = 
 
Error - 20.07.2010 11:28:09 | Computer Name = Rachels-Pomputa | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 20.07.2010 11:35:22 | Computer Name = Rachels-Pomputa | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 20.07.2010 11:35:22 | Computer Name = Rachels-Pomputa | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 20.07.2010 11:36:18 | Computer Name = Rachels-Pomputa | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 20.07.2010 15:13:57 | Computer Name = Rachels-Pomputa | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 20.07.2010 15:14:00 | Computer Name = Rachels-Pomputa | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR3.
 
Error - 20.07.2010 16:03:36 | Computer Name = Rachels-Pomputa | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR5.
 
Error - 20.07.2010 16:03:39 | Computer Name = Rachels-Pomputa | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR5.
 
 
< End of report >
--- --- ---


Malwarebytes:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4332

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

20.07.2010 22:01:56
mbam-log-2010-07-20 (22-01-56).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 146866
Laufzeit: 15 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\PDFCreator_Toolbar_Uninstaller_1181.exe (Trojan.Downloader) -> Quarantined and deleted successfully.




Vielen lieben Dank für die Unterstützung und Euer Engagement!
Rachel

 

Themen zu Avira Antivir entdeckt autorun.inf und verweigert Zugriff
0x00000001, 32 bit, agere systems, akamai, antivir, ask toolbar, autorun.inf, avgntflt.sys, avira, bho, bonjour, components, corp./icp, d:\autorun.inf, decrypter, desktop, ebay, error, excel.exe, festplatte, firefox, firefox.exe, flash player, google, home, home premium, iastor.sys, iexplore.exe, install.exe, installation, local\temp, location, logfile, mozilla, nvstor.sys, object, officejet, oldtimer, otl.exe, plug-in, problem, programdata, realtek, rundll, saver, sched.exe, searchplugins, security, security scan, shell32.dll, skype.exe, software, spark, start menu, studio, trojaner, trojaner-board, uleadburninghelper, vista, vlc media player, worm.p2p, wurm


« Security Tool entfernt - Ist mein PC wieder sauber? | Alle Fotos weg, wie bekomm ich Trojaner weg »


Ähnliche Themen: Avira Antivir entdeckt autorun.inf und verweigert Zugriff


  1. Windows 8.1: Avira hat Malware gefunden-Aktion: Zugriff verweigert
    Log-Analyse und Auswertung - 19.08.2014 (5)
  2. Fehler 5: Zugriff verweigert
    Log-Analyse und Auswertung - 16.08.2014 (1)
  3. TR/Crypt.ZPACK.Gen wurde von avira Zugriff verweigert - muß ich nochwas tun?
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (54)
  4. Avira findet Bedrohung: BDS/ZeroAccess.Gen, Zugriff auf die Datei verweigert.
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (3)
  5. Warnmeldung von Avira Y: autorun.inf' - Zugriff aus Sicherheitsgründen blockiert
    Plagegeister aller Art und deren Bekämpfung - 23.09.2011 (40)
  6. Avira Antivir entdeckt Java Malware
    Log-Analyse und Auswertung - 08.08.2010 (34)
  7. Trojaner tr/crypt.cfi.gen von Avira AntiVir entdeckt
    Plagegeister aller Art und deren Bekämpfung - 27.07.2010 (2)
  8. Zugriff auf Antivirenseiten etc. verweigert....
    Plagegeister aller Art und deren Bekämpfung - 23.12.2009 (5)
  9. Gdata Zugriff verweigert
    Antiviren-, Firewall- und andere Schutzprogramme - 13.12.2008 (3)
  10. antivir - zugriff verweigert ... 200 warnungen ... PC lahm
    Plagegeister aller Art und deren Bekämpfung - 07.11.2008 (10)
  11. Windows verweigert Zugriff
    Alles rund um Windows - 08.11.2007 (4)
  12. Laufwerk C:\ : zugriff verweigert!
    Alles rund um Windows - 27.08.2007 (3)
  13. Zugriff verweigert
    Alles rund um Windows - 12.08.2007 (6)
  14. PCI Brückengerät Zugriff verweigert
    Netzwerk und Hardware - 21.04.2007 (1)
  15. Zugriff auf zlclient.exe verweigert
    Antiviren-, Firewall- und andere Schutzprogramme - 10.08.2006 (1)
  16. Zugriff verweigert -- Problem
    Plagegeister aller Art und deren Bekämpfung - 15.12.2005 (3)
  17. Zugriff verweigert
    Antiviren-, Firewall- und andere Schutzprogramme - 27.12.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avira Antivir entdeckt autorun.inf und verweigert Zugriff - Hallo, ich habe wohl - wie so viele - auch ein Problem mit dem Wurm autorun.inf. Mein Avira-Guard meldet immer nach Anschluss meiner externen Festplatte: "Zu Ihrer Sicherheit wurde der - Avira Antivir entdeckt autorun.inf und verweigert Zugriff...
Archiv
Du betrachtest: Avira Antivir entdeckt autorun.inf und verweigert Zugriff auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131