Trojaner-Board - polizei virus geht nicht runter

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - polizei virus geht nicht runter (https://www.trojaner-board.de/112980-polizei-virus-geht-runter.html)

polizei virus geht nicht runter

hallo

seit 7 stunden
versuche ich jetzt den bundespolizei virus vom pc zu bekommen
habe sämtliche youtube videos gesehen
den kapersky windows blogger
3 mal laufen lassen
alles hat nixgebracht

dann habe ich die system wiederherstellung 2 mal laufen lassen
und mein pc geht wieder

meine frage
ist der virus jetzt weg
und wenn nicht was kann ich machen
bitte um hilfe
kann mir kein neues laptop kaufen

gruß kai

ich nutze auch online banking

gruß kai

Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link:

An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten?

danke für die antwort
habe alles nach anleitung gemacht siehe anhang
gruß kai

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:

Code:

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 24.11.2010 16:21:32

System Uptime: 05.04.2012 15:10:18 (0 hours ago)

.

Motherboard: LENOVO |  | Base Board Product Name

Processor: Intel(R) Core(TM) i3 CPU       M 350  @ 2.27GHz | CPU | 1858/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 254 GiB total, 213,289 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 27,797 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP274: 13.03.2012 08:18:15 - Windows Update

RP275: 14.03.2012 16:47:23 - Windows Update

RP276: 18.03.2012 06:56:05 - Removed HP Update

RP277: 18.03.2012 07:13:08 - Removed Scan

RP278: 18.03.2012 07:13:40 - Removed Destinations

RP279: 18.03.2012 07:14:08 - Installed Scan

RP280: 18.03.2012 07:14:49 - Installed Destinations

RP281: 18.03.2012 19:17:27 - Windows-Sicherung

RP282: 20.03.2012 13:30:09 - Windows Update

RP283: 25.03.2012 19:00:07 - Windows-Sicherung

RP284: 27.03.2012 08:40:13 - Windows Update

RP285: 01.04.2012 19:22:16 - Windows-Sicherung

RP286: 02.04.2012 20:04:52 - Wiederherstellungsvorgang

RP287: 02.04.2012 20:18:33 - Windows-Sicherung

RP288: 02.04.2012 20:33:19 - Windows Update

RP289: 05.04.2012 14:52:46 - Windows Update

.

==== Installed Programs ======================

.

1500

1500_Help

1500Trb

Ad-Aware

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.3 - Deutsch

AIO_CDB_ProductContext

AIO_CDB_Software

AIO_Scan

Apple Application Support

Apple Software Update

Avira Free Antivirus

Broadcom 802.11 Wireless Driver

BufferChm

Copy

CyberLink YouCam

Destinations

DeviceDiscovery

DocProc

Energy Management

Fax

Free YouTube Download version 3.0.19.1206

Garmin MapSource

Garmin Training Center

Garmin USB Drivers

Google Earth

Google Update Helper

GPBaseService2

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Intel(R) Control Center

Intel(R) Management Engine Components

Intel(R) Rapid Storage Technology

IrfanView (remove only)

Java Auto Updater

Java(TM) 6 Update 22

Java(TM) 6 Update 29

Lenovo DirectShare

Lenovo EasyCamera

Lenovo OneKey Recovery

Lenovo ReadyComm 5

Lenovo ReadyComm 5.0 Service

MarketResearch

Microsoft Office 2010

Microsoft Office Klick-und-Los 2010

Microsoft Office Starter 2010 - Deutsch

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Mozilla Firefox 11.0 (x86 de)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

Onekey Theater

OpenOffice.org 3.3

posterXXL.de Bestellsoftware 4.60

Power2Go

Praetorians

QuickTime

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek USB 2.0 Card Reader

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)

SmartWebPrinting

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 9

Spybot - Search & Destroy

Spyware Terminator 2012

Status

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VC 9.0 Runtime

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 1.1.11

WebReg

Windows Live Mesh ActiveX control for remote connections

Windows Live Sync

Windows Media Player Firefox Plugin

ZoneAlarm Firewall

ZoneAlarm Free

ZoneAlarm Security

.

==== End Of File ===========================
 
 
 
 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64 

Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_29

Run by cocco at 15:18:35 on 2012-04-05

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.2415 [GMT 2:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\PROGRAM FILES (X86)\CHECKPOINT\ZONEALARM\VSMON.EXE

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\ISWSVC.EXE

C:\PROGRAM FILES (X86)\LAVASOFT\AD-AWARE\AAWSERVICE.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\SCHED.EXE

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE

C:\WINDOWS\SYSTEM32\TASKHOST.EXE

C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\FORCEFIELD.EXE

C:\WINDOWS\SYSTEM32\TASKENG.EXE

C:\windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\EXPLORER.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\System32\svchost.exe -k HPZ12

C:\PROGRAM FILES (X86)\MICROSOFT\SEARCH ENHANCEMENT PACK\SEAPORT\SEAPORT.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE

C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE

C:\PROGRAM FILES (X86)\CHECKPOINT\ZONEALARM\ZATRAY.EXE

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE

C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\AVSHADOW.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\windows\system32\svchost.exe -k HPService

C:\PROGRAM FILES (X86)\LAVASOFT\AD-AWARE\AAWTRAY.EXE

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE

C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE

C:\windows\System32\svchost.exe -k secsvcs

C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE

C:\windows\system32\svchost.exe -k SDRSVC

C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE

C:\WINDOWS\SYSTEM32\DLLHOST.EXE

C:\WINDOWS\SYSTEM32\DLLHOST.EXE

C:\WINDOWS\SYSWOW64\CMD.EXE

C:\WINDOWS\SYSTEM32\CONHOST.EXE

C:\WINDOWS\SYSWOW64\CSCRIPT.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.de/#hl=de&cp=5&gs_id=m&xhr=t&q=ksk+calw&pf=p&sclient=psy-ab&site=&source=hp&pbx=1&oq=ksk+c&aq=0&aqi=g4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=ad7ce3a3241bbebd&biw=1366&bih=653

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=C:\Windows\Sy

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.178.1

TCP: Interfaces\{DC61E5D9-B1D5-40BE-A003-2DFDE213449C} : DhcpNameServer = 192.168.178.1

{0347C33E-8762-4905-BF09-768834316C61}

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}

{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

Hosts: 127.0.0.1        www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\cocco\AppData\Roaming\Mozilla\Firefox\Profiles\85ly5gs5.default\

FF - prefs.js: browser.startup.homepage - hxxp://de.yahoo.com/|hxxp://signin.ebay.de/ws/eBayISAPI.dll?SignOutConfirm&i=.0794001190006900076001200003500055000920005400022|hxxp://www.t-online.de/

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;C:\windows\system32\DRIVERS\Lbd.sys --> C:\windows\system32\DRIVERS\Lbd.sys [?]

R1 avkmgr;avkmgr;C:\windows\system32\DRIVERS\avkmgr.sys --> C:\windows\system32\DRIVERS\avkmgr.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-4-2 86224]

R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-4-2 110032]

R2 avgntflt;avgntflt;C:\windows\system32\DRIVERS\avgntflt.sys --> C:\windows\system32\DRIVERS\avgntflt.sys [?]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-18 13336]

R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-3 33672]

R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-11-3 827520]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152152]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-16 1153368]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\windows\system32\DRIVERS\stflt.sys --> C:\windows\system32\DRIVERS\stflt.sys [?]

R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-4-2 1148632]

R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-18 2320920]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]

R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-1-22 17152]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]

R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 usbsmi;Lenovo EasyCamera;C:\windows\system32\DRIVERS\SMIksdrv.sys --> C:\windows\system32\DRIVERS\SMIksdrv.sys [?]

R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 136176]

S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]

S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-8 136176]

S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]

S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]

S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-6-18 509192]

S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-6-18 579400]

S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2010-12-17 16448]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

.

=============== Created Last 30 ================

.

2012-04-04 05:58:27        8669240        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8A73EC3-5647-4F3F-9DA9-28B28BC17C76}\mpengine.dll

2012-04-02 19:32:47        51496        ----a-w-        C:\windows\System32\drivers\stflt.sys

2012-04-02 19:32:45        --------        d-----w-        C:\Users\cocco\AppData\Roaming\Spyware Terminator

2012-04-02 19:32:45        --------        d-----w-        C:\ProgramData\Spyware Terminator

2012-04-02 19:31:08        --------        d-----w-        C:\Program Files (x86)\Spyware Terminator

2012-04-02 19:22:21        --------        d-----w-        C:\Users\cocco\AppData\Roaming\Avira

2012-04-02 19:18:09        97312        ----a-w-        C:\windows\System32\drivers\avgntflt.sys

2012-04-02 19:18:09        27760        ----a-w-        C:\windows\System32\drivers\avkmgr.sys

2012-04-02 19:18:04        --------        d-----w-        C:\ProgramData\Avira

2012-04-02 19:18:04        --------        d-----w-        C:\Program Files (x86)\Avira

2012-04-02 18:36:47        --------        d---a-w-        C:\Kaspersky Rescue Disk 10.0

2012-03-18 05:54:54        592824        ----a-w-        C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-03-18 05:54:54        44472        ----a-w-        C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-03-14 15:50:37        5559152        ----a-w-        C:\windows\System32\ntoskrnl.exe

2012-03-14 15:50:35        3968368        ----a-w-        C:\windows\SysWow64\ntkrnlpa.exe

2012-03-14 15:50:34        3913584        ----a-w-        C:\windows\SysWow64\ntoskrnl.exe

2012-03-14 10:17:38        3145728        ----a-w-        C:\windows\System32\win32k.sys

2012-03-14 10:17:30        1544192        ----a-w-        C:\windows\System32\DWrite.dll

2012-03-14 10:17:30        1077248        ----a-w-        C:\windows\SysWow64\DWrite.dll

2012-03-14 10:16:22        9216        ----a-w-        C:\windows\System32\rdrmemptylst.exe

2012-03-14 10:16:22        77312        ----a-w-        C:\windows\System32\rdpwsx.dll

2012-03-14 10:16:22        149504        ----a-w-        C:\windows\System32\rdpcorekmts.dll

2012-03-14 10:16:19        1031680        ----a-w-        C:\windows\System32\rdpcore.dll

2012-03-14 10:16:18        826880        ----a-w-        C:\windows\SysWow64\rdpcore.dll

2012-03-14 10:16:18        23552        ----a-w-        C:\windows\System32\drivers\tdtcp.sys

2012-03-14 10:16:18        210944        ----a-w-        C:\windows\System32\drivers\rdpwd.sys

2012-03-12 15:00:00        --------        d-----w-        C:\Program Files\iPod

2012-03-12 14:59:59        --------        d-----w-        C:\Program Files\iTunes

2012-03-12 14:59:59        --------        d-----w-        C:\Program Files (x86)\iTunes

2012-03-12 14:56:50        --------        d-----w-        C:\Program Files\Bonjour

2012-03-12 14:56:50        --------        d-----w-        C:\Program Files (x86)\Bonjour

.

==================== Find3M  ====================

.

2012-02-23 07:18:36        279656        ------w-        C:\windows\System32\MpSigStub.exe

.

============= FINISH: 15:20:02,24 ===============

--- --- ---

GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-04-05 15:55:46

Windows 6.1.7601 Service Pack 1 

Running: srnsb9b6.exe
 
 

---- Registry - GMER 1.0.15 ----
 

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88                      

Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)  
 

---- EOF - GMER 1.0.15 ----

--- --- ---

wenn ich den
baseline security analyzer
ausführe
kommen
4 benutzer konten

Administrator
gast
home group user (das kenne ich nicht)
und
meins
cocco

hat das was zu bedeuten

Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

das malware ergebniss

Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.06.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
cocco :: PC-PC [Administrator]

Schutz: Aktiviert

06.04.2012 16:13:23
mbam-log-2012-04-06 (16-13-23).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 335672
Laufzeit: 1 Stunde(n), 25 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Hallo

in der logdatei
ist nur das gestanden

und ich habe ihn zum ersten mal benutzt

gruß kai

Code:

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

DLL:pipe not connected. attempts=120

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=852b3bb7f06cb648b8e7263498aa61be

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-04-06 06:42:30

# local_time=2012-04-06 08:42:30 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=1792 16777215 100 0 334713 334713 0 0

# compatibility_mode=5893 16776573 100 94 13702 85358847 0 0

# compatibility_mode=7937 16777214 28 75 333817 820329 0 0

# compatibility_mode=8192 67108863 100 0 3681 3681 0 0

# compatibility_mode=9217 16777214 75 4 12517398 12517398 0 0

# scanned=132285

# found=0

# cleaned=0

# scan_time=8753

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus wieder uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

also das laptop geht wie vorher auch

Programme gehen alle

ausser words das geht nicht mehr seit der systemwiederherstellung

habe avira antivir laufen lassen heute morgen
und er hat 4 sachen gefunden und gelöscht
auch spyware terminator har ein paar sachen gefunden

gruß kai

Zitat:

Zitat von cosinus (Beitrag 810382)

der einzig leere ordner
ist

der ordner autostart
im start menü+programme

Zitat:

und er hat 4 sachen gefunden und gelöscht
auch spyware terminator har ein paar sachen gefunden

Also das hilft nicht weiter :( du musst schon die Logs posten

spyware terminator

------
Spyware Terminator (db:)
------
Scann Zeit: 06.04.2012 06:55:57 länge: 0:35:18
Plattform: W7 (6.1.0.7601)
Benutzer: Admin
Scann typ: Umfangreicher Scann
Gescannte Objekte: 106409 (Kritisch: 3)

------
laufende Prozesse
------
smss.exe [Microsoft Corporation] : %SYSDIR%\smss.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
wininit.exe [Microsoft Corporation] : %SYSDIR%\wininit.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
services.exe [Microsoft Corporation] : %SYSDIR%\services.exe
lsass.exe [Microsoft Corporation] : %SYSDIR%\lsass.exe
lsm.exe [Microsoft Corporation] : %SYSDIR%\lsm.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
audiodg.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
vsmon.exe [Check Point Software Technologies LTD] : %PROGRAMFILES32%\CheckPoint\ZoneAlarm\vsmon.exe
winlogon.exe [Microsoft Corporation] : %SYSDIR%\winlogon.exe
wlanext.exe [Microsoft Corporation] : %SYSDIR%\wlanext.exe
conhost.exe [Microsoft Corporation] : %SYSDIR%\conhost.exe
nvvsvc.exe [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
ISWSVC.exe [Check Point Software Technologies] : %SystemDiskRoot%\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
AAWService.exe [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\AAWService.exe
spoolsv.exe [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
sched.exe [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\sched.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
avguard.exe [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avguard.exe
AppleMobileDeviceService.exe [Apple Inc.] : %COMMONFILES32%\Apple\Mobile Device Support\AppleMobileDeviceService.exe
mDNSResponder.exe [Apple Inc.] : %SystemDiskRoot%\Program Files\Bonjour\mDNSResponder.exe
svchost.exe [Microsoft Corporation] : %SYSDIR32%\svchost.exe
LMS.exe [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
SeaPort.exe [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
sftvsa.exe [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftvsa.exe
st_rsser64.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser64.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
sftlist.exe [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftlist.exe
SDWinSec.exe [Safer Networking Ltd.] : %PROGRAMFILES32%\Spybot - Search & Destroy\SDWinSec.exe
unsecapp.exe [Microsoft Corporation] : %SYSDIR%\wbem\unsecapp.exe
WmiPrvSE.exe [Microsoft Corporation] : %SYSDIR%\wbem\WmiPrvSE.exe
CVHSVC.EXE [Microsoft Corporation] : %COMMONFILES32%\microsoft shared\Virtualization Handler\CVHSVC.EXE
avshadow.exe [Avira Operations GmbH & Co. KG] : %PROGRAMFILES%\Avira\AntiVir Desktop\avshadow.exe
conhost.exe [Microsoft Corporation] : %SYSDIR%\conhost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
taskhost.exe [Microsoft Corporation] : %SYSDIR%\taskhost.exe
dwm.exe [Microsoft Corporation] : %SYSDIR%\dwm.exe
explorer.exe [Microsoft Corporation] : %WINDIR%\explorer.exe
taskeng.exe [Microsoft Corporation] : %SYSDIR%\taskeng.exe
ForceField.exe [Check Point Software Technologies] : %SystemDiskRoot%\Program Files\CheckPoint\ZAForceField\ForceField.exe
GoogleUpdate.exe [Google Inc.] : %PROGRAMFILES32%\Google\Update\GoogleUpdate.exe
Energy Management.exe [Lenovo (Beijing) Limited] : %PROGRAMFILES%\Lenovo\Energy Management\Energy Management.exe
utility.exe [Lenovo(beijing) Limited] : %PROGRAMFILES%\Lenovo\Energy Management\utility.exe
SpywareTerminatorShield.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminatorShield.exe
SpywareTerminatorUpdate.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminatorUpdate.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
zatray.exe [Check Point Software Technologies LTD] : %PROGRAMFILES32%\CheckPoint\ZoneAlarm\zatray.exe
avgnt.exe [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avgnt.exe
wmpnetwk.exe [Microsoft Corporation] : %SystemDiskRoot%\Program Files\Windows Media Player\wmpnetwk.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
SpywareTerminator.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminator.exe
AAWTray.exe [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\AAWTray.exe

------
Laufende Services und Treiber
------
ACPI [Microsoft Corporation] : %SYSDIR%\drivers\acpi.sys
ACPIVPC [Lenovo Corporation] : %SYSDIR%\drivers\AcpiVpc.sys
AeLookupSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
AFD [Microsoft Corporation] : %SYSDIR%\drivers\afd.sys
amdxata [Advanced Micro Devices] : %SYSDIR%\drivers\amdxata.sys
AntiVirSchedulerService [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\sched.exe
AntiVirService [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avguard.exe
Appinfo [Microsoft Corporation] : %SYSDIR%\svchost.exe
Apple Mobile Device [Apple Inc.] : %COMMONFILES32%\Apple\Mobile Device Support\AppleMobileDeviceService.exe
atapi [Microsoft Corporation] : %SYSDIR%\drivers\atapi.sys
AudioEndpointBuilder [Microsoft Corporation] : %SYSDIR%\svchost.exe
AudioSrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
avgntflt [Avira GmbH] : %SYSDIR%\drivers\avgntflt.sys
avipbb [Avira GmbH] : %SYSDIR%\drivers\avipbb.sys
avkmgr [Avira GmbH] : %SYSDIR%\drivers\avkmgr.sys
BCM43XX [Broadcom Corporation] : %SYSDIR%\drivers\BCMWL664.SYS
BFE [Microsoft Corporation] : %SYSDIR%\svchost.exe
BITS [Microsoft Corporation] : %SYSDIR%\svchost.exe
blbdrive [Microsoft Corporation] : %SYSDIR%\drivers\blbdrive.sys
Bonjour Service [Apple Inc.] : %SystemDiskRoot%\Program Files\Bonjour\mDNSResponder.exe
bowser [Microsoft Corporation] : %SYSDIR%\drivers\bowser.sys
Browser [Microsoft Corporation] : %SYSDIR%\svchost.exe
cdrom [Microsoft Corporation] : %SYSDIR%\drivers\cdrom.sys
CLFS [Microsoft Corporation] : %SYSDIR%\clfs.sys
CmBatt [Microsoft Corporation] : %SYSDIR%\drivers\CmBatt.sys
CNG [Microsoft Corporation] : %SYSDIR%\drivers\cng.sys
CnxtHdAudService [Conexant Systems Inc.] : %SYSDIR%\drivers\CHDRT64.sys
Compbatt [Microsoft Corporation] : %SYSDIR%\drivers\compbatt.sys
CompositeBus [Microsoft Corporation] : %SYSDIR%\drivers\CompositeBus.sys
CryptSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
cvhsvc [Microsoft Corporation] : %COMMONFILES32%\microsoft shared\Virtualization Handler\CVHSVC.EXE
DcomLaunch [Microsoft Corporation] : %SYSDIR%\svchost.exe
DfsC [Microsoft Corporation] : %SYSDIR%\drivers\dfsc.sys
Dhcp [Microsoft Corporation] : %SYSDIR%\svchost.exe
discache [Microsoft Corporation] : %SYSDIR%\drivers\discache.sys
Disk [Microsoft Corporation] : %SYSDIR%\drivers\disk.sys
Dnscache [Microsoft Corporation] : %SYSDIR%\svchost.exe
DPS [Microsoft Corporation] : %SYSDIR%\svchost.exe
DXGKrnl [Microsoft Corporation] : %SYSDIR%\drivers\dxgkrnl.sys
EapHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
EFS [Microsoft Corporation] : %SYSDIR%\lsass.exe
ETD [ELAN Microelectronics Corp.] : %SYSDIR%\drivers\ETD.sys
eventlog [Microsoft Corporation] : %SYSDIR%\svchost.exe
EventSystem [Microsoft Corporation] : %SYSDIR%\svchost.exe
fdPHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
FDResPub [Microsoft Corporation] : %SYSDIR%\svchost.exe
FileInfo [Microsoft Corporation] : %SYSDIR%\drivers\fileinfo.sys
FltMgr [Microsoft Corporation] : %SYSDIR%\drivers\fltMgr.sys
FontCache [Microsoft Corporation] : %SYSDIR%\svchost.exe
fvevol [Microsoft Corporation] : %SYSDIR%\drivers\fvevol.sys
GEARAspiWDM [GEAR Software Inc.] : %SYSDIR%\drivers\GEARAspiWDM.sys
gpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
HDAudBus [Microsoft Corporation] : %SYSDIR%\drivers\hdaudbus.sys
HECIx64 [Intel Corporation] : %SYSDIR%\drivers\HECIx64.sys
HomeGroupListener [Microsoft Corporation] : %SYSDIR%\svchost.exe
HomeGroupProvider [Microsoft Corporation] : %SYSDIR%\svchost.exe
hpqcxs08 [Microsoft Corporation] : %SYSDIR%\svchost.exe
hpqddsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
HPSLPSVC [Microsoft Corporation] : %SYSDIR%\svchost.exe
HTTP [Microsoft Corporation] : %SYSDIR%\drivers\http.sys
hwpolicy [Microsoft Corporation] : %SYSDIR%\drivers\hwpolicy.sys
i8042prt [Microsoft Corporation] : %SYSDIR%\drivers\i8042prt.sys
iaStor [Intel Corporation] : %SYSDIR%\drivers\iaStor.sys
IKEEXT [Microsoft Corporation] : %SYSDIR%\svchost.exe
intelppm [Microsoft Corporation] : %SYSDIR%\drivers\intelppm.sys
iphlpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
ISWKL [Check Point Software Technologies] : %SystemDiskRoot%\Program Files\CheckPoint\ZAForceField\ISWKL.sys
IswSvc [Check Point Software Technologies] : %SystemDiskRoot%\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
kbdclass [Microsoft Corporation] : %SYSDIR%\drivers\kbdclass.sys
KeyIso [Microsoft Corporation] : %SYSDIR%\lsass.exe
KSecDD [Microsoft Corporation] : %SYSDIR%\drivers\ksecdd.sys
KSecPkg [Microsoft Corporation] : %SYSDIR%\drivers\ksecpkg.sys
ksthunk [Microsoft Corporation] : %SYSDIR%\drivers\ksthunk.sys
LanmanServer [Microsoft Corporation] : %SYSDIR%\svchost.exe
LanmanWorkstation [Microsoft Corporation] : %SYSDIR%\svchost.exe
Lavasoft Ad-Aware Service [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\AAWService.exe
Lavasoft Kernexplorer : %PROGRAMFILES%\Lavasoft\Ad-Aware\KernExplorer64.sys
Lbd [Lavasoft AB] : %SYSDIR%\drivers\Lbd.sys
lltdio [Microsoft Corporation] : %SYSDIR%\drivers\lltdio.sys
lmhosts [Microsoft Corporation] : %SYSDIR%\svchost.exe
LMS [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
luafv [Microsoft Corporation] : %SYSDIR%\drivers\luafv.sys
MMCSS [Microsoft Corporation] : %SYSDIR%\svchost.exe
monitor [Microsoft Corporation] : %SYSDIR%\drivers\monitor.sys
mouclass [Microsoft Corporation] : %SYSDIR%\drivers\mouclass.sys
mountmgr [Microsoft Corporation] : %SYSDIR%\drivers\mountmgr.sys
mpsdrv [Microsoft Corporation] : %SYSDIR%\drivers\mpsdrv.sys
MpsSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
mrxsmb [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb.sys
mrxsmb10 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb10.sys
mrxsmb20 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb20.sys
msahci [Microsoft Corporation] : %SYSDIR%\drivers\msahci.sys
msisadrv [Microsoft Corporation] : %SYSDIR%\drivers\msisadrv.sys
mssmbios [Microsoft Corporation] : %SYSDIR%\drivers\mssmbios.sys
Mup [Microsoft Corporation] : %SYSDIR%\drivers\mup.sys
NativeWifiP [Microsoft Corporation] : %SYSDIR%\drivers\nwifi.sys
NDIS [Microsoft Corporation] : %SYSDIR%\drivers\ndis.sys
NdisTapi [Microsoft Corporation] : %SYSDIR%\drivers\ndistapi.sys
Ndisuio [Microsoft Corporation] : %SYSDIR%\drivers\ndisuio.sys
NdisWan [Microsoft Corporation] : %SYSDIR%\drivers\ndiswan.sys
Net Driver HPZ12 [Microsoft Corporation] : %SYSDIR%\svchost.exe
NetBIOS [Microsoft Corporation] : %SYSDIR%\drivers\netbios.sys
NetBT [Microsoft Corporation] : %SYSDIR%\drivers\netbt.sys
Netman [Microsoft Corporation] : %SYSDIR%\svchost.exe
netprofm [Microsoft Corporation] : %SYSDIR%\svchost.exe
NlaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsi [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsiproxy [Microsoft Corporation] : %SYSDIR%\drivers\nsiproxy.sys
NVHDA [NVIDIA Corporation] : %SYSDIR%\drivers\nvhda64v.sys
nvlddmkm [NVIDIA Corporation] : %SYSDIR%\drivers\nvlddmkm.sys
nvsvc [NVIDIA Corporation] : %SYSDIR%\nvvsvc.exe
p2pimsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
p2psvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
partmgr [Microsoft Corporation] : %SYSDIR%\drivers\partmgr.sys
PcaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
pci [Microsoft Corporation] : %SYSDIR%\drivers\pci.sys
pcw [Microsoft Corporation] : %SYSDIR%\drivers\pcw.sys
PEAUTH [Microsoft Corporation] : %SYSDIR%\drivers\PEAuth.sys
PlugPlay [Microsoft Corporation] : %SYSDIR%\svchost.exe
Pml Driver HPZ12 [Microsoft Corporation] : %SYSDIR%\svchost.exe
PNRPsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
PolicyAgent [Microsoft Corporation] : %SYSDIR%\svchost.exe
Power [Microsoft Corporation] : %SYSDIR%\svchost.exe
PptpMiniport [Microsoft Corporation] : %SYSDIR%\drivers\raspptp.sys
ProfSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
Psched [Microsoft Corporation] : %SYSDIR%\drivers\pacer.sys
RasAgileVpn [Microsoft Corporation] : %SYSDIR%\drivers\agilevpn.sys
Rasl2tp [Microsoft Corporation] : %SYSDIR%\drivers\rasl2tp.sys
RasPppoe [Microsoft Corporation] : %SYSDIR%\drivers\raspppoe.sys
RasSstp [Microsoft Corporation] : %SYSDIR%\drivers\rassstp.sys
rdbss [Microsoft Corporation] : %SYSDIR%\drivers\rdbss.sys
RDPCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPCDD.sys
RDPENCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPENCDD.sys
RDPREFMP [Microsoft Corporation] : %SYSDIR%\drivers\RDPREFMP.sys
rdyboost [Microsoft Corporation] : %SYSDIR%\drivers\rdyboost.sys
RpcEptMapper [Microsoft Corporation] : %SYSDIR%\svchost.exe
RpcSs [Microsoft Corporation] : %SYSDIR%\svchost.exe
rspndr [Microsoft Corporation] : %SYSDIR%\drivers\rspndr.sys
SamSs [Microsoft Corporation] : %SYSDIR%\lsass.exe
SBSDWSCService [Safer Networking Ltd.] : %PROGRAMFILES32%\Spybot - Search & Destroy\SDWinSec.exe
Schedule [Microsoft Corporation] : %SYSDIR%\svchost.exe
SeaPort [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SENS [Microsoft Corporation] : %SYSDIR%\svchost.exe
Sftfs [Microsoft Corporation] : %SYSDIR%\drivers\Sftfslh.sys
sftlist [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftlist.exe
Sftplay [Microsoft Corporation] : %SYSDIR%\drivers\Sftplaylh.sys
Sftredir [Microsoft Corporation] : %SYSDIR%\drivers\Sftredirlh.sys
Sftvol [Microsoft Corporation] : %SYSDIR%\drivers\Sftvollh.sys
sftvsa [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftvsa.exe
ShellHWDetection [Microsoft Corporation] : %SYSDIR%\svchost.exe
Spooler [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
sp_rsdrv2 [Windows (R) Win 7 DDK provider] : %SYSDIR%\drivers\stflt.sys
srv [Microsoft Corporation] : %SYSDIR%\drivers\srv.sys
srv2 [Microsoft Corporation] : %SYSDIR%\drivers\srv2.sys
srvnet [Microsoft Corporation] : %SYSDIR%\drivers\srvnet.sys
SSDPSRV [Microsoft Corporation] : %SYSDIR%\svchost.exe
ST2012_Svc [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser64.exe
stisvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
swenum [Microsoft Corporation] : %SYSDIR%\drivers\swenum.sys
SysMain [Microsoft Corporation] : %SYSDIR%\svchost.exe
Tcpip [Microsoft Corporation] : %SYSDIR%\drivers\tcpip.sys
tcpipreg [Microsoft Corporation] : %SYSDIR%\drivers\tcpipreg.sys
tdx [Microsoft Corporation] : %SYSDIR%\drivers\tdx.sys
TermDD [Microsoft Corporation] : %SYSDIR%\drivers\termdd.sys
Themes [Microsoft Corporation] : %SYSDIR%\svchost.exe
TrkWks [Microsoft Corporation] : %SYSDIR%\svchost.exe
tunnel [Microsoft Corporation] : %SYSDIR%\drivers\tunnel.sys
umbus [Microsoft Corporation] : %SYSDIR%\drivers\umbus.sys
upnphost [Microsoft Corporation] : %SYSDIR%\svchost.exe
usbccgp [Microsoft Corporation] : %SYSDIR%\drivers\usbccgp.sys
usbehci [Microsoft Corporation] : %SYSDIR%\drivers\usbehci.sys
usbhub [Microsoft Corporation] : %SYSDIR%\drivers\usbhub.sys
usbsmi [SMI] : %SYSDIR%\drivers\SMIksdrv.sys
UxSms [Microsoft Corporation] : %SYSDIR%\svchost.exe
vdrvroot [Microsoft Corporation] : %SYSDIR%\drivers\vdrvroot.sys
VgaSave [Microsoft Corporation] : %SYSDIR%\drivers\vga.sys
volmgr [Microsoft Corporation] : %SYSDIR%\drivers\volmgr.sys
volmgrx [Microsoft Corporation] : %SYSDIR%\drivers\volmgrx.sys
volsnap [Microsoft Corporation] : %SYSDIR%\drivers\volsnap.sys
Vsdatant [Check Point Software Technologies LTD] : %SYSDIR%\drivers\vsdatant.sys
vsmon [Check Point Software Technologies LTD] : %PROGRAMFILES32%\CheckPoint\ZoneAlarm\vsmon.exe
vwifibus [Microsoft Corporation] : %SYSDIR%\drivers\vwifibus.sys
vwififlt [Microsoft Corporation] : %SYSDIR%\drivers\vwififlt.sys
Wanarpv6 [Microsoft Corporation] : %SYSDIR%\drivers\wanarp.sys
Wdf01000 [Microsoft Corporation] : %SYSDIR%\drivers\Wdf01000.sys
WdiServiceHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
WdiSystemHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
wdmirror [Lenovo] : %SYSDIR%\drivers\WDMirror.sys
WfpLwf [Microsoft Corporation] : %SYSDIR%\drivers\wfplwf.sys
WinHttpAutoProxySvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
Winmgmt [Microsoft Corporation] : %SYSDIR%\svchost.exe
Wlansvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
WmiAcpi [Microsoft Corporation] : %SYSDIR%\drivers\wmiacpi.sys
WMPNetworkSvc [Microsoft Corporation] : %SystemDiskRoot%\Program Files\Windows Media Player\wmpnetwk.exe
WPDBusEnum [Microsoft Corporation] : %SYSDIR%\svchost.exe
wscsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
WudfPf [Microsoft Corporation] : %SYSDIR%\drivers\WUDFPf.sys
wudfsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe

------
geladene Bibliotheken
------
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ntdll.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\kernel32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\KERNELBASE.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\advapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msvcrt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sechost.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\rpcrt4.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sspicli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\CRYPTBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\psapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\userenv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\profapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\version.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\wininet.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\shlwapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\gdi32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\user32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\lpk.dll
Microsoft(R) Uniscribe Unicode script processor [Microsoft Corporation] : %SYSDIR32%\usp10.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\normaliz.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\iertutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\urlmon.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ole32.dll
[Microsoft Corporation]%SYSDIR32%\oleaut32.dll
%PROGRAMFILES32%\Lavasoft\Ad-Aware\RPAPI.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
Microsoft® Visual Studio® 2008 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\crypt32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msasn1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wintrust.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\fltLib.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\shell32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\imm32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msctf.dll
Ad-Aware Resources [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\Resources.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ntmarta.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\Wldap32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winsta.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\clbcatq.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\taskschd.dll
LavaLicense Desktop [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\lavalicense.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\wbemprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbemcomn.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ws2_32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\nsi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cryptsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rsaenh.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\RpcRtRemote.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\wbemsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\fastprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\ntdsapi.dll
CEAPI Dynamic Link Library [Lavasoft Limited] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\CEAPI.dll
%PROGRAMFILES32%\Lavasoft\Ad-Aware\viprebridge.dll
Sunbelt AntiMalware Common SDK Merge Module [Sunbelt Software] : %PROGRAMFILES32%\Lavasoft\Ad-Aware\SBTE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sfc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sfc_os.dll
VIPRE Threat detection and remediation system : %PROGRAMFILES32%\Lavasoft\Ad-Aware\Vipre.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\remediation.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\netapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\netutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\srvcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wkscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\schedcli.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\vcore.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winmm.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\lgpl.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\lib7zip.dll
%ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libEmail.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\nlaapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\NapiNSP.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\pnrpnsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wshbth.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mswsock.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dnsapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winrnr.dll
Bonjour [Apple Inc.] : %PROGRAMFILES32%\Bonjour\mdnsNSP.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\IPHLPAPI.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winnsi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\FWPUCLNT.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rasadhlp.dll
%ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libMsCab.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libMsi.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libNSIS.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libOleA.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libRar.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libRTF.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libtd.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libVvs.dll
VIPRE Threat detection and remediation system [GFI Software] : %ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\Extended\libZip.dll
Microsoft(R) MSXML 3.0 SP11 [Microsoft Corporation] : %SYSDIR32%\msxml3.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\imagehlp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ncrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\bcrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\bcryptprimitives.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\gpapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cryptnet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\SensApi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cabinet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\devrtl.dll
%ALLUSERS_APPDATA%\Lavasoft\Ad-Aware\Defs\thorax.aaw
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\apphelp.dll
ZoneAlarm Browser Security [Check Point Software Technologies] : %SystemDiskRoot%\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
Microsoft® Visual Studio® 2005 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
Microsoft® Visual Studio® 2005 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %SYSDIR32%\msvcp100.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %SYSDIR32%\msvcr100.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\grdcore.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\cfglib.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpipc.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mpr.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpgen.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpschd.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wtsapi32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\rasapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rasman.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avevtlog.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\schedr.dll
SQLite Database : %PROGRAMFILES32%\Avira\AntiVir Desktop\sqlite3.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cfgmgr32.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avipc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpgrd.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpavgio.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpgui.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gplegacy.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\gpgenrep.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\onlcfg.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\guardmsg.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\avgio.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\avpref.dll
AVCORE [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aecore.dll
AVVDF [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aevdf.dll
AVSCRIPT [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aescript.dll
AVSCN [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aescn.dll
AVSBX [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aesbx.dll
AVRDL [Avira GmbH] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aerdl.dll
AVPACK [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aepack.dll
AVOFFICE [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aeoffice.dll
AVHEUR [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aeheur.dll
AVHELP [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aehelp.dll
AVGEN [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aegen.dll
AVEXP [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aeexp.dll
AVEMU [Avira GmbH] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aeemu.dll
AVBB [Avira GmbH] : %PROGRAMFILES32%\Avira\AntiVir Desktop\aebb.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\avesvc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\avesvcr.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\webcat.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\webcatrc.dll
AntiVir Desktop [Avira Operations GmbH] : %PROGRAMFILES32%\Avira\antivir desktop\avreg.dll
Apple Software Support Version Check [Apple Inc.] : %COMMONFILES32%\Apple\Apple Application Support\AppleVersions.dll
[Apple Inc.]%COMMONFILES32%\Apple\Apple Application Support\YSCrashDump.DLL
CoreFoundation [Apple Inc.] : %COMMONFILES32%\Apple\Apple Application Support\CoreFoundation.dll
[Open Source Software community project]%COMMONFILES32%\Apple\Apple Application Support\pthreadVC2.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wsock32.dll
objc4 [Apple Inc.] : %COMMONFILES32%\Apple\Apple Application Support\objc.dll
libdispatch [Apple Inc.] : %COMMONFILES32%\Apple\Apple Application Support\libdispatch.dll
International Components for Unicode [The ICU Project] : %COMMONFILES32%\Apple\Apple Application Support\libicuin.dll
International Components for Unicode [The ICU Project] : %COMMONFILES32%\Apple\Apple Application Support\libicuuc.dll
International Components for Unicode [The ICU Project] : %COMMONFILES32%\Apple\Apple Application Support\icudt46.dll
[Apple Inc.]%COMMONFILES32%\Apple\Apple Application Support\ASL.dll
Apple Mobile Device Service [Apple Inc.] : %COMMONFILES32%\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\setupapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\devobj.dll
Bonjour [Apple Inc.] : %SYSDIR32%\dnssd.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\WSHTCPIP.DLL
iTunesMobileDevice [Apple Inc.] : %COMMONFILES32%\Apple\Mobile Device Support\MobileDevice.dll
zlib : %COMMONFILES32%\Apple\Apple Application Support\zlib1.dll
CFNetwork [Apple, Inc.] : %COMMONFILES32%\Apple\Apple Application Support\CFNetwork.dll
SQLite3 [Apple Inc.] : %COMMONFILES32%\Apple\Apple Application Support\SQLite3.dll
libxml2.dll : %COMMONFILES32%\Apple\Apple Application Support\libxml2.dll
HP Digital Imaging [Hewlett-Packard Co.] : %PROGRAMFILES32%\HP\digital imaging\bin\hpqddsvc.dll
HP Digital Imaging [Hewlett-Packard Co.] : %PROGRAMFILES32%\HP\digital imaging\bin\hpqddcmn.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winspool.drv
HP Digital Imaging [Hewlett-Packard Co.] : %PROGRAMFILES32%\HP\digital imaging\bin\hpqcxs08.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\shfolder.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\sxs.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winhttp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\webio.dll
Microsoft(R) MSXML 6.0 SP3 [Microsoft Corporation] : %SYSDIR32%\msxml6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\credssp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wship6.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\secur32.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftsync.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftuser.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftcore.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftpsr.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftfsi_wow64.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftcomp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\logoncli.dll
Windows Installer - Unicode [Microsoft Corporation] : %SYSDIR32%\msi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\schannel.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msv1_0.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cryptdll.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msimg32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wer.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\Faultrep.dll
Windows® Search [Microsoft Corporation] : %SYSDIR32%\propsys.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\wbemdisp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wbem\wmiutils.dll
Microsoft Office 2010 [Microsoft Corporation] : %COMMONFILES32%\Microsoft Shared\Virtualization Handler\cvhshared.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\dbghelp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\credui.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\oleacc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\hlink.dll
Microsoft Office 2010 [Microsoft Corporation] : %COMMONFILES32%\Microsoft Shared\Virtualization Handler\de-de\CVHIntl.dll
Microsoft Application Virtualization [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft Application Virtualization Client\sftintf.dll
Google Update [Google Inc.] : %PROGRAMFILES32%\Google\Update\1.3.21.79\goopdate.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cscapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mstask.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\uxtheme.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dwmapi.dll
[Microsoft Corporation]%SYSDIR32%\olepro32.dll
Spyware Terminator 2011 [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\TorrentDll.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dhcpcsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rtutils.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\netprofm.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\npmproxy.dll
Microsoft® Visual Studio® 10 [Microsoft Corporation] : %SYSDIR32%\mfc100u.dll
Microsoft® Visual Studio® 10 [Microsoft Corporation] : %SYSDIR32%\MFC100DEU.DLL
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\ccwkrlib.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccguard.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccgrdrc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccgrdw.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccwgrd.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\samcli.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccgen.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccgenrc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccupdate.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccupdrc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\cclic.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\cclicrc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccmsg.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccmsgrc.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\AntiVir Desktop\rcimage.dll
Avira Free Antivirus [Avira Operations GmbH & Co. KG] : %PROGRAMFILES32%\Avira\antivir desktop\ccmainrc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\WindowsCodecs.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\comdlg32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\explorerframe.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\duser.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dui70.dll

------
Report Ende
------

------
Säubern
------
Reinigungsstart um: 06.04.2012 07:31:21.
Browser schließt.
Affiliate tracking cookie (Tracking cookie):
Gelöscht Internet Explorer Cookie: mediaplex.com
Gelöscht Internet Explorer Cookie: fastclick.net
Gelöscht Internet Explorer Cookie: apmebf.com

------
Report Ende
------

guten morgen

die avira berichte kann ich nicht kopieren leider

gruß kai

es geht doch

Die Datei 'C:\Users\cocco\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6aa703c0-5aa7fa13'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-0507' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

Die Datei 'C:\Users\cocco\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\7e93aa62-503e2b88'
enthielt einen Virus oder unerwünschtes Programm 'EXP/JAVA.Ternub.Gen' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

Die Datei 'C:\Users\cocco\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2cd4d55f-153c840d'
enthielt einen Virus oder unerwünschtes Programm 'EXP/2011-3544.DL.1' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

In der Datei 'C:\Users\cocco\AppData\Local\Temp\7YHXwGZO.exe.part'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ULPM.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\Desktop\jxpiinstall.exe.part'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ULPM.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.007'
wurde ein Virus oder unerwünschtes Programm 'PCK/Dumped' [packer] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.00E'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.00L'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen5' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.00S'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.00U'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.012'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen5' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

In der Datei 'C:\Users\cocco\AppData\Local\Temp\HouseCall\VSDVPE7T.01A'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] gefunden.
Ausgeführte Aktion: Übergeben an Scanner

Die Datei 'C:\Users\cocco\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\2da93402-6a0bb45e'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-0507' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

Zitat:

vsmon.exe [Check Point Software Technologies LTD] : %PROGRAMFILES32%\CheckPoint\ZoneAlarm\vsmon.exe

ZoneAlarm ist kontraproduktiver Müll, bitte umgehend deinstallieren und die Windows-Firewall einschalten!

Mach danach ein neues OTL-Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Code:

OTL logfile created on: 08.04.2012 09:57:33 - Run 2

OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\cocco\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,87 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 70,03% Memory free

7,73 Gb Paging File | 6,49 Gb Available in Paging File | 83,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 254,14 Gb Total Space | 213,48 Gb Free Space | 84,00% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 27,80 Gb Free Space | 95,87% Space Free | Partition Type: NTFS

 

Computer Name: PC-PC | User Name: cocco | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\cocco\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)

SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)

SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)

SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)

SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.)

DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.)

DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)

DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI)

DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)

DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )

DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)

DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)

DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (StarOpen) -- C:\windows\SysWow64\drivers\StarOpen.sys ()

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/#hl=de&cp=5&gs_id=m&xhr=t&q=ksk+calw&pf=p&sclient=psy-ab&site=&source=hp&pbx=1&oq=ksk+c&aq=0&aqi=g4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=ad7ce3a3241bbebd&biw=1366&bih=653

IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/|hxxp://signin.ebay.de/ws/eBayISAPI.dll?SignOutConfirm&i=.0794001190006900076001200003500055000920005400022|hxxp://www.t-online.de/"

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 16:51:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.18 07:54:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.07 15:45:52 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 16:51:19 | 000,000,000 | ---D | M]

 

[2011.07.23 15:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Extensions

[2012.04.06 08:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions

[2012.01.01 14:42:24 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.02.26 12:17:00 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2012.04.06 08:59:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.07 15:45:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

() (No name found) -- C:\USERS\COCCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\85LY5GS5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\COCCO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\85LY5GS5.DEFAULT\EXTENSIONS\{E6C1199F-E687-42DA-8C24-E7770CC3AE66}.XPI

[2012.03.18 07:54:54 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.04.06 08:59:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.02.12 10:54:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.02.12 10:54:54 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.02.12 10:54:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.02.12 10:54:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.02.12 10:54:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.02.12 10:54:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2010.12.17 19:53:25 | 000,427,737 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        123fporn.info

O1 - Hosts: 14727 more lines...

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC61E5D9-B1D5-40BE-A003-2DFDE213449C}: DhcpNameServer = 192.168.178.1

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.04.08 08:00:07 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe

[2012.04.07 16:49:57 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}

[2012.04.07 16:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Virtualized Applications

[2012.04.07 15:59:11 | 000,249,736 | ---- | C] (ELAN Microelectronic Corp.) -- C:\windows\ETDUninst.dll

[2012.04.07 10:27:19 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner

[2012.04.07 10:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner

[2012.04.07 10:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner

[2012.04.07 09:14:46 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\windows\stinger.sys

[2012.04.07 09:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger

[2012.04.07 09:07:12 | 000,060,504 | ---- | C] (Sunbelt Software, Inc.) -- C:\windows\SysNative\drivers\sbhips.sys

[2012.04.07 09:07:11 | 000,094,296 | ---- | C] (Sunbelt Software, Inc.) -- C:\windows\SysNative\drivers\sbtis.sys

[2012.04.07 09:06:56 | 000,253,528 | ---- | C] (Sunbelt Software, Inc.) -- C:\windows\SysNative\drivers\SbFw.sys

[2012.04.07 09:06:56 | 000,084,568 | ---- | C] (Sunbelt Software, Inc.) -- C:\windows\SysNative\drivers\SbFwIm.sys

[2012.04.07 09:06:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus

[2012.04.07 09:00:42 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Ad-Aware Antivirus

[2012.04.06 16:10:08 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Malwarebytes

[2012.04.06 16:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.04.06 11:26:25 | 008,767,136 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.04.06 10:42:52 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe

[2012.04.06 10:42:48 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed

[2012.04.06 09:38:41 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.04.06 09:19:52 | 000,000,000 | ---D | C] -- C:\Users\cocco\SecurityScans

[2012.04.06 09:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Baseline Security Analyzer 2

[2012.04.06 08:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012.04.06 08:59:25 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe

[2012.04.06 08:59:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe

[2012.04.06 08:59:24 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe

[2012.04.02 21:32:47 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.04.02 21:22:21 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Avira

[2012.04.02 21:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2012.04.02 21:18:09 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys

[2012.04.02 21:18:09 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys

[2012.04.02 21:18:09 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys

[2012.04.02 21:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2012.04.02 21:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2012.04.02 20:36:47 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0

[2012.03.30 09:30:28 | 000,000,000 | ---D | C] -- C:\Users\cocco\Documents\Mein Garmin

[2012.03.14 17:50:37 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe

[2012.03.14 17:50:35 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe

[2012.03.14 17:50:34 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe

[2012.03.14 12:17:30 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll

[2012.03.14 12:16:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll

[2012.03.14 12:16:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll

[2012.03.14 12:16:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe

[2012.03.14 12:16:19 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll

[2012.03.14 12:16:18 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll

[2012.03.12 17:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.03.12 17:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.03.12 16:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.03.12 16:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012.03.12 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2012.03.12 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2012.03.12 16:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2012.03.12 16:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.04.08 09:56:40 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.04.08 09:56:33 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012.04.08 09:56:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012.04.08 09:23:32 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.04.08 08:00:35 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.04.08 08:00:35 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.04.08 08:00:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe

[2012.04.07 16:40:49 | 000,008,066 | ---- | M] () -- C:\Users\cocco\Desktop\cc_20120407_164042.reg

[2012.04.07 15:38:31 | 000,001,080 | ---- | M] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job

[2012.04.07 15:17:39 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.04.07 15:17:39 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.04.07 15:17:39 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.04.07 15:17:39 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.04.07 15:17:39 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.04.07 09:14:46 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\windows\stinger.sys

[2012.04.06 11:26:48 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe

[2012.04.06 11:26:48 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.04.06 11:26:25 | 008,767,136 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe

[2012.04.06 10:35:11 | 000,000,036 | ---- | M] () -- C:\Users\cocco\AppData\Local\housecall.guid.cache

[2012.04.06 08:59:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll

[2012.04.06 08:59:01 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe

[2012.04.06 08:59:01 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe

[2012.04.06 08:59:01 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe

[2012.04.06 07:20:31 | 000,883,840 | ---- | M] () -- C:\Users\cocco\Desktop\Avira-DE-Cleaner.exe

[2012.04.05 20:15:04 | 000,307,205 | ---- | M] () -- C:\Users\cocco\blabla.odt

[2012.04.05 15:14:02 | 000,000,000 | ---- | M] () -- C:\Users\cocco\defogger_reenable

[2012.04.02 21:32:47 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.04.02 21:18:25 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.03.31 20:27:38 | 000,028,167 | ---- | M] () -- C:\Users\cocco\Desktop\Tour_14765.gpx

[2012.03.29 20:23:37 | 000,068,837 | ---- | M] () -- C:\Users\cocco\Desktop\IMG_2812_Bildgrendern.JPG

[2012.03.26 12:55:14 | 000,015,955 | ---- | M] () -- C:\Users\cocco\Desktop\2504763839.jpg

[2012.03.26 12:51:33 | 000,339,588 | ---- | M] () -- C:\Users\cocco\Desktop\carlotta_umfeld_kernbuche_schmal_01.jpg

[2012.03.26 08:58:57 | 000,025,430 | ---- | M] () -- C:\Users\cocco\Desktop\3.jpg

[2012.03.26 08:58:46 | 000,025,996 | ---- | M] () -- C:\Users\cocco\Desktop\5.jpg

[2012.03.26 08:55:33 | 000,240,008 | ---- | M] () -- C:\Users\cocco\Desktop\Team7_Bett_und_Tisch_opt.jpg

[2012.03.26 08:55:04 | 000,019,044 | ---- | M] () -- C:\Users\cocco\Desktop\team7_Bett_Sesam.jpg

[2012.03.15 11:26:14 | 000,309,496 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2012.03.12 17:00:49 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.04.07 16:40:47 | 000,008,066 | ---- | C] () -- C:\Users\cocco\Desktop\cc_20120407_164042.reg

[2012.04.07 09:08:14 | 000,001,080 | ---- | C] () -- C:\windows\tasks\Ad-Aware Antivirus Scheduled Scan.job

[2012.04.06 11:03:58 | 000,307,205 | ---- | C] () -- C:\Users\cocco\blabla.odt

[2012.04.06 10:42:53 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2012.04.06 10:35:11 | 000,000,036 | ---- | C] () -- C:\Users\cocco\AppData\Local\housecall.guid.cache

[2012.04.06 09:36:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2012.04.06 09:19:15 | 000,001,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Baseline Security Analyzer 2.2.lnk

[2012.04.06 07:20:24 | 000,883,840 | ---- | C] () -- C:\Users\cocco\Desktop\Avira-DE-Cleaner.exe

[2012.04.05 15:14:02 | 000,000,000 | ---- | C] () -- C:\Users\cocco\defogger_reenable

[2012.04.02 21:18:25 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2012.03.31 20:27:38 | 000,028,167 | ---- | C] () -- C:\Users\cocco\Desktop\Tour_14765.gpx

[2012.03.30 18:38:28 | 001,125,434 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7232.JPG

[2012.03.30 18:38:28 | 001,041,822 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7231.JPG

[2012.03.30 18:38:20 | 001,222,337 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7228.JPG

[2012.03.30 18:38:20 | 001,171,169 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7235.JPG

[2012.03.30 18:38:20 | 001,067,811 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7230.JPG

[2012.03.30 18:38:20 | 000,996,281 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_7236.JPG

[2012.03.29 20:23:37 | 000,068,837 | ---- | C] () -- C:\Users\cocco\Desktop\IMG_2812_Bildgrendern.JPG

[2012.03.26 12:55:14 | 000,015,955 | ---- | C] () -- C:\Users\cocco\Desktop\2504763839.jpg

[2012.03.26 12:51:33 | 000,339,588 | ---- | C] () -- C:\Users\cocco\Desktop\carlotta_umfeld_kernbuche_schmal_01.jpg

[2012.03.26 08:58:56 | 000,025,430 | ---- | C] () -- C:\Users\cocco\Desktop\3.jpg

[2012.03.26 08:58:46 | 000,025,996 | ---- | C] () -- C:\Users\cocco\Desktop\5.jpg

[2012.03.26 08:55:32 | 000,240,008 | ---- | C] () -- C:\Users\cocco\Desktop\Team7_Bett_und_Tisch_opt.jpg

[2012.03.26 08:55:02 | 000,019,044 | ---- | C] () -- C:\Users\cocco\Desktop\team7_Bett_Sesam.jpg

[2012.03.12 17:00:49 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.02.25 07:24:22 | 000,000,000 | ---- | C] () -- C:\Users\cocco\AppData\Local\{8A30A419-CD73-4841-822B-31045D1742DD}

[2012.01.22 02:54:14 | 000,000,024 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\xpy.ini

[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll

[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll

[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll

[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll

[2011.12.03 16:46:10 | 000,245,227 | ---- | C] () -- C:\windows\hpoins19.dat

[2011.12.03 16:46:10 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat

[2011.08.13 18:53:59 | 000,005,632 | ---- | C] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.04.26 09:06:18 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat

[2011.04.26 09:06:18 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat

[2010.12.17 11:45:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2010.12.17 11:41:54 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys

[2010.12.17 06:04:23 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE

[2010.12.16 22:42:45 | 001,527,876 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2010.11.25 23:01:28 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2010.06.18 13:48:37 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin

[2010.06.18 13:48:37 | 000,000,512 | ---- | C] () -- C:\windows\current.bin

[2010.06.18 13:42:06 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll

[2010.06.18 13:34:08 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll

[2010.06.18 13:34:08 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll

[2010.06.18 13:33:58 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
 

< End of report >