Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden

Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden


Log-Analyse und Auswertung: Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 19.06.2011, 20:38   #1
bramaputra
 
Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden - Standard

Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden


Hallo,

mein Bank hat mien OnlineBanking gesperrt und Ebay hat mich auch gesperrt wegen Trojaner Warnung. Ein Scan entfernte mehrere Trojaner (EXP/CVE-2010-4452.A, JAVA/Exdoer.CH, JAVA/Exdoer.CV.1, JAVA/Exdoer.AJ, EXP/CVE-2010-4452.C).
Ich nutze Windows Vista SP2, Avira Premium. Jetzt finden diverse Virenscanner nichts mehr, allerdings läuft Firefox irgendwie langsam. Kann ich den PC weiter nutzen oder muss ich alles platt machen? Vielleicht könnt Ihr mir weiterhelfen. Vielen Danke vorab!!!
Noch zur Info: Gmer bricht den Scan mitendrin leider ab.

Hier meine Log-Files:
Defogger:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:43 on 19/06/2011 (l)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-


OTL:

OTL logfile created on: 19.06.2011 20:49:17 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\l\Desktop\Virus
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,81% Memory free
4,22 Gb Paging File | 3,25 Gb Available in Paging File | 76,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,43 Gb Total Space | 20,89 Gb Free Space | 15,31% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 131,75 Gb Free Space | 88,39% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 5,80 Gb Free Space | 58,00% Space Free | Partition Type: NTFS

Computer Name: L-PC | User Name: l | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.06.19 20:41:02 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\l\Desktop\Virus\OTL.exe
PRC - [2011.04.27 09:47:54 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.18 20:53:41 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.10 16:49:01 | 000,421,032 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010.12.30 12:23:22 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.12.30 12:23:15 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010.12.30 12:23:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.05.28 12:59:12 | 000,057,344 | ---- | M] () -- D:\Programme\Steganos\fredirstarter.exe
PRC - [2010.05.28 12:58:44 | 000,025,088 | ---- | M] () -- D:\Programme\Steganos\SteganosHotKeyService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.24 17:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.24 11:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
PRC - [2007.09.24 11:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2007.09.24 11:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
PRC - [2007.09.24 11:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2007.09.07 20:23:36 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Programme\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007.08.29 23:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007.08.29 07:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe


========== Modules (SafeList) ==========

MOD - [2011.06.19 20:41:02 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\l\Desktop\Virus\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Radio.fx)
SRV - [2011.04.27 09:47:54 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.18 20:53:41 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.10 16:49:01 | 000,421,032 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010.12.30 12:23:15 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.10.24 17:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.28 21:08:46 | 000,087,288 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.07 20:25:12 | 000,102,400 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.08.29 23:25:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007.05.31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - [2011.03.18 20:53:42 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.01 21:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.11.22 19:57:34 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.08.17 14:26:14 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.18 11:07:57 | 000,093,848 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.11.09 13:33:20 | 000,079,104 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\sleen16.sys -- (SLEE_16_DRIVER)
DRV - [2009.10.12 22:24:56 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- D:\Programme\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.10.12 22:24:54 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.10.12 22:24:52 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.06.30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.25 22:45:45 | 000,049,720 | ---- | M] (Data Encryption Systems Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\dk2drv.sys -- (dk2drv)
DRV - [2009.01.25 12:22:50 | 000,010,454 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parldr2k.sys -- (PARLDR2K)
DRV - [2009.01.25 12:21:35 | 000,034,048 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsvcom.sys -- (FLSVCOM)
DRV - [2009.01.25 12:21:35 | 000,016,314 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flspar.sys -- (FLSPAR)
DRV - [2009.01.25 12:21:35 | 000,008,344 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsser.sys -- (FLSSER)
DRV - [2009.01.25 12:21:34 | 000,013,440 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\flsiface.sys -- (FLSIFACE)
DRV - [2009.01.25 12:21:24 | 000,033,404 | ---- | M] (Data Encryption Systems Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fle5wnnt.sys -- (FLE5WNNT)
DRV - [2008.11.19 18:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 18:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 18:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.11.06 07:33:58 | 000,043,928 | ---- | M] (Phantombility, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\phmcd.sys -- (phmcd)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.09 14:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.02.22 18:08:45 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.02.22 18:08:44 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.01.18 19:15:59 | 000,070,001 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gmer.sys -- (gmer)
DRV - [2008.01.17 20:10:18 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2007.10.10 18:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.09.26 09:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.09.24 11:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.09.19 12:38:20 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2007.09.19 12:38:20 | 000,099,200 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2007.09.07 20:26:04 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.08.29 07:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007.01.04 08:09:46 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2007.01.04 08:09:46 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006.11.27 09:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.27 09:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.27 09:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.21 14:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006.11.07 02:00:00 | 000,014,976 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmunet.sys -- (AVMUNET)
DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006.08.05 02:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005.02.03 02:29:28 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hpplsbulk.sys -- (HPPLSBULK)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.socks_version: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.06.27 13:11:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{9E0B9092-9F7F-46D0-AF0D-986BD4C5F30C}: D:\Programme\Steganos\spmplugin
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.17 19:23:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.17 19:23:58 | 000,000,000 | ---D | M]

[2008.06.17 21:32:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\l\AppData\Roaming\mozilla\Extensions
[2011.06.17 19:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\l\AppData\Roaming\mozilla\Firefox\Profiles\iebuv5dg.default\extensions
[2010.04.27 15:47:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\l\AppData\Roaming\mozilla\Firefox\Profiles\iebuv5dg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.22 21:33:42 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\l\AppData\Roaming\mozilla\Firefox\Profiles\iebuv5dg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.12.02 08:06:29 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\l\AppData\Roaming\mozilla\Firefox\Profiles\iebuv5dg.default\extensions\moveplayer@movenetworks.com
[2011.02.17 21:37:59 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\l\AppData\Roaming\mozilla\Firefox\Profiles\iebuv5dg.default\extensions\support@lastpass.com
[2011.06.16 20:47:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.16 20:47:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.16 20:47:23 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.06.17 19:23:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2011.06.16 20:46:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2007.02.04 23:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Programme\Mozilla Firefox\plugins\npdjvu.dll
[2011.06.17 19:23:51 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.06.17 19:23:51 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2011.06.17 19:23:51 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.06.17 19:23:51 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.06.17 19:23:51 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.06.17 19:23:51 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [FLSDeviceControlPanel] C:\Windows\System32\FLSDEVCP.EXE ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Programme\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SSS10 File Redirection Starter] D:\Programme\Steganos\fredirstarter.exe ()
O4 - HKLM..\Run: [SSS10 HotKeys] D:\Programme\Steganos\SteganosHotKeyService.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\l\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\l\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Grab To Fototagger - D:\Programme\FotoTagger\GRAB.HTM ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - D:\Programme\Bodog Poker\BPGame.exe (Bodog)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - D:\Programme\SUPERAntiSpyware\SASWINLO.dll - D:\Programme\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\l\Pictures\2010\2010-12-31_20-51-05_1401.JPG
O24 - Desktop BackupWallPaper: C:\Users\l\Pictures\2010\2010-12-31_20-51-05_1401.JPG
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{002b4cf7-14dd-11e0-9efd-001d09aa5b61}\Shell - "" = AutoRun
O33 - MountPoints2\{002b4cf7-14dd-11e0-9efd-001d09aa5b61}\Shell\AutoRun\command - "" = H:\preinst.exe
O33 - MountPoints2\{2f65d57a-1063-11e0-b044-001d09aa5b61}\Shell - "" = AutoRun
O33 - MountPoints2\{2f65d57a-1063-11e0-b044-001d09aa5b61}\Shell\AutoRun\command - "" = H:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.06.19 20:42:33 | 000,000,000 | ---D | C] -- C:\Users\l\Desktop\Virus
[2011.06.19 15:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.06.19 11:26:36 | 000,000,000 | ---D | C] -- C:\Users\l\Documents\Simply Super Software
[2011.06.19 11:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2011.06.19 11:23:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2011.06.19 11:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2011.06.19 11:21:25 | 000,000,000 | ---D | C] -- C:\Users\l\AppData\Roaming\Fighters
[2011.06.19 11:21:23 | 000,000,000 | ---D | C] -- C:\Users\l\AppData\Local\PackageAware
[2011.06.17 06:56:39 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2011.06.17 06:56:01 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2011.06.16 21:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.06.16 21:26:05 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.06.16 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\l\AppData\Roaming\Malwarebytes
[2011.06.16 21:22:52 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.16 21:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.16 21:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.16 21:22:40 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.16 21:22:39 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.06.16 20:47:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.06.16 19:50:34 | 000,000,000 | ---D | C] -- C:\Users\l\AppData\Roaming\QuickScan
[2011.06.15 13:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software
[2011.06.15 13:13:11 | 000,000,000 | ---D | C] -- C:\Programme\Rossmann Fotowelt Software
[2011.06.11 15:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 7.5
[2011.06.08 15:44:59 | 000,000,000 | ---D | C] -- C:\Users\l\AppData\Roaming\Leadertech
[2011.02.27 13:05:10 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\l\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.06.19 20:54:03 | 000,674,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.19 20:54:03 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.19 20:54:03 | 000,146,040 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.19 20:54:03 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.19 20:46:37 | 000,027,459 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.06.19 20:46:04 | 000,027,459 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.06.19 20:46:03 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.19 20:46:02 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.19 20:45:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.19 20:44:12 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.06.19 20:43:52 | 000,000,020 | ---- | M] () -- C:\Users\l\defogger_reenable
[2011.06.18 12:10:03 | 405,143,231 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.06.17 07:01:30 | 000,000,036 | ---- | M] () -- C:\Users\l\AppData\Local\housecall.guid.cache
[2011.06.16 22:05:30 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.16 21:55:02 | 002,420,372 | ---- | M] () -- C:\Users\l\Documents\cc_20110616_215107.reg
[2011.06.16 21:26:10 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.06.16 21:22:53 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.15 13:42:30 | 000,001,120 | ---- | M] () -- C:\Users\l\Bildbestellung.html
[2011.06.15 13:21:54 | 000,176,204 | ---- | M] () -- C:\Users\l\wir2011.cpr
[2011.06.15 13:16:55 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
[2011.06.14 15:08:18 | 000,160,768 | ---- | M] () -- C:\Users\l\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.22 19:52:10 | 000,002,631 | ---- | M] () -- C:\Users\l\Desktop\Word.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.06.19 20:43:34 | 000,000,020 | ---- | C] () -- C:\Users\l\defogger_reenable
[2011.06.18 12:10:03 | 405,143,231 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.06.17 07:01:30 | 000,000,036 | ---- | C] () -- C:\Users\l\AppData\Local\housecall.guid.cache
[2011.06.16 22:05:29 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.16 21:51:11 | 002,420,372 | ---- | C] () -- C:\Users\l\Documents\cc_20110616_215107.reg
[2011.06.16 21:26:10 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.06.16 21:22:53 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.15 13:42:29 | 000,001,120 | ---- | C] () -- C:\Users\l\Bildbestellung.html
[2011.06.15 13:21:54 | 000,176,204 | ---- | C] () -- C:\Users\l\wir2011.cpr
[2011.06.15 13:16:55 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
[2011.02.27 13:05:10 | 000,087,608 | ---- | C] () -- C:\Users\l\AppData\Roaming\inst.exe
[2011.02.27 13:05:10 | 000,007,887 | ---- | C] () -- C:\Users\l\AppData\Roaming\pcouffin.cat
[2011.02.27 13:05:10 | 000,001,144 | ---- | C] () -- C:\Users\l\AppData\Roaming\pcouffin.inf
[2010.12.25 23:03:20 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.12.25 23:03:20 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.09.02 23:02:47 | 000,000,600 | ---- | C] () -- C:\Users\l\AppData\Roaming\winscp.rnd
[2010.08.21 11:54:47 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2010.08.17 23:45:59 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.08.17 23:45:59 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.10.25 13:09:11 | 000,000,123 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.09.04 15:20:08 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.06.11 16:02:39 | 000,027,459 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.06.11 16:02:39 | 000,027,459 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.28 19:24:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.28 19:24:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.05.27 16:16:23 | 000,127,484 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009.05.06 13:13:36 | 000,586,290 | ---- | C] () -- C:\Users\l\AppData\Roaming\mdbu.bin
[2009.01.25 22:27:44 | 000,004,263 | ---- | C] () -- C:\Windows\System32\FLSINSTU.INI
[2009.01.25 12:21:35 | 000,050,736 | ---- | C] () -- C:\Windows\System32\flsuinst.exe
[2009.01.25 12:21:34 | 000,004,263 | ---- | C] () -- C:\Windows\System32\flsinst.ini
[2009.01.25 12:21:33 | 000,091,696 | ---- | C] () -- C:\Windows\System32\FLSDEVCP.EXE
[2009.01.25 12:21:23 | 001,859,584 | ---- | C] () -- C:\Windows\System32\FLSINST.DLL
[2009.01.25 12:20:34 | 000,092,984 | ---- | C] () -- C:\Windows\System32\dkcpanel.exe
[2009.01.25 12:20:11 | 002,325,304 | ---- | C] () -- C:\Windows\System32\DK2INST.DLL
[2008.09.13 11:23:52 | 000,073,216 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2008.07.23 18:06:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.06.25 20:10:53 | 000,000,089 | ---- | C] () -- C:\Users\l\AppData\Local\fusioncache.dat
[2008.06.25 19:55:12 | 000,000,485 | ---- | C] () -- C:\Windows\System32\hpp2800V.dat
[2008.04.07 19:07:04 | 000,021,504 | ---- | C] () -- C:\Windows\System32\WBCustomizer.dll
[2008.04.07 08:23:22 | 000,320,512 | ---- | C] () -- C:\Windows\System32\w32mkde.exe
[2008.04.07 08:23:22 | 000,110,080 | ---- | C] () -- C:\Windows\System32\w32mkrc.dll
[2008.04.06 12:39:27 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE
[2008.03.31 20:09:16 | 000,000,050 | ---- | C] () -- C:\Windows\Progs_.ini
[2008.03.28 19:42:35 | 000,000,680 | ---- | C] () -- C:\Users\l\AppData\Local\d3d9caps.dat
[2008.02.22 18:08:45 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.02.22 18:08:44 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.01.27 16:12:39 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2008.01.21 12:21:56 | 000,000,074 | ---- | C] () -- C:\Windows\tm.ini
[2008.01.18 21:31:35 | 000,466,944 | ---- | C] () -- C:\Windows\ssndii.exe
[2008.01.18 19:15:59 | 000,585,791 | ---- | C] () -- C:\Windows\gmer.dll
[2008.01.18 19:15:59 | 000,581,632 | ---- | C] () -- C:\Windows\gmer.exe
[2008.01.16 23:20:49 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.01.16 22:37:11 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008.01.16 20:26:31 | 000,026,955 | ---- | C] () -- C:\Users\l\AppData\Roaming\nvModes.001
[2008.01.16 19:43:10 | 000,026,955 | ---- | C] () -- C:\Users\l\AppData\Roaming\nvModes.dat
[2008.01.16 19:21:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.16 19:05:02 | 000,160,768 | ---- | C] () -- C:\Users\l\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.09 01:56:06 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008.01.08 18:21:28 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008.01.08 18:03:11 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2006.12.04 02:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs1l3.dll
[2006.11.15 20:30:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.03 19:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 17:33:31 | 000,674,582 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,146,040 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,379,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,634,400 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.02.03 11:31:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\compJNI.dll
[2004.08.20 07:02:52 | 000,102,400 | ---- | C] () -- C:\Windows\System32\PMLJNI.dll
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\UNACEV2.DLL
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.08.29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\dk2win32.dll
[2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\Windows\System32\HPTCPMON.INI
[2001.03.06 19:47:48 | 000,077,560 | ---- | C] () -- C:\Windows\System32\libungif.dll

========== LOP Check ==========

[2010.08.20 20:52:34 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\ACD Systems
[2009.06.28 10:46:26 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\AceBIT
[2008.04.06 12:40:22 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Ahnenblatt
[2009.09.06 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Ashampoo
[2008.08.08 15:09:34 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Bytemobile
[2009.08.12 16:05:45 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Canneverbe_Limited
[2011.05.28 11:16:34 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Canon
[2008.06.24 12:11:37 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\CoSoSys
[2008.01.21 12:18:36 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\DAEMON Tools
[2010.08.17 14:32:56 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\DAEMON Tools Lite
[2009.09.09 13:58:31 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\DeepBurner
[2011.03.06 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Dropbox
[2010.03.17 23:01:31 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\dvdisaster
[2011.01.06 22:09:51 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\DVDVideoSoft
[2011.01.06 22:10:42 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.19 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Fighters
[2011.06.16 21:42:11 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\FileZilla
[2011.02.19 13:51:05 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\FotoTagger
[2008.04.06 13:13:10 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\gtk-2.0
[2010.08.17 18:31:51 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Gutscheinmieze
[2010.09.02 21:47:03 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\HandBrake
[2011.06.08 15:44:59 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Leadertech
[2010.01.31 17:53:32 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Millennia
[2008.02.02 14:30:36 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Miranda
[2011.02.27 13:02:33 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\MoveFab
[2010.12.06 22:36:55 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\MP3toiPodAudioBookConverter
[2008.09.21 20:09:24 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\MPEG Streamclip
[2009.10.31 11:28:04 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Nokia
[2008.09.21 20:20:12 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Nvu
[2009.10.31 13:04:47 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\PC Suite
[2011.06.16 19:55:05 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\QuickScan
[2008.08.15 12:48:58 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\SharePod
[2010.09.05 14:48:39 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Software4u
[2010.08.21 12:31:15 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Steganos
[2008.06.15 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Thunderbird
[2008.01.16 18:35:52 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\tmp
[2010.08.21 11:58:01 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Tobit
[2008.08.08 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Vodafone
[2011.02.27 13:07:18 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Vso
[2010.07.24 10:10:12 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\WindSolutions
[2011.06.15 13:29:03 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\XnView
[2011.06.19 20:44:15 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Hijack:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:28:47, on 19.06.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Programme\Steganos\SteganosHotKeyService.exe
D:\Programme\Steganos\fredirstarter.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Users\l\Desktop\Virus\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=0080108
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [FLSDeviceControlPanel] C:\Windows\system32\FLSDEVCP.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SSS10 HotKeys] "D:\Programme\Steganos\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS10 File Redirection Starter] "D:\Programme\Steganos\fredirstarter.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Free YouTube Download - C:\Users\l\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\l\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Grab To Fototagger - D:\Programme\FotoTagger\grab.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - D:\Programme\Bodog Poker\BPGame.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Programme\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AAV UpdateService - Unknown owner - C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 8481 bytes

Alt 20.06.2011, 15:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden - Standard

Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden


Zitat:
mein Bank hat mien OnlineBanking gesperrt und Ebay hat mich auch gesperrt wegen Trojaner Warnung.
Bei Onlinebanking solltest du generell sehr vorsichtig sein und überlegen ob du den Kompromiss einer Bereinigung wirklich eingehen willst.
Normalerweise empfiehlt man bei sowas eine Neuinstallation von Windows.
__________________

__________________
Antwort

Themen zu Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden
antivir, antivir guard, avira, bho, bonjour, converter, defender, desktop, ebanking, ebay, error, excel.exe, exp/cve-2010-4452.a, exp/cve-2010-4452.c, firefox, format, gesperrt, hewlett packard, hijackthis, home, intranet, logfile, mozilla, mp3, nvlddmkm.sys, plug-in, registry, required, rojaner gefunden, rundll, scan, searchplugins, security, start menu, trojaner, trojaner gefunden, vista, windows


« Das Ablegen von Icons auf dem desktop ist nicht möglich | Metropolitan Police Virus - OTL-Datei »


Ähnliche Themen: Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden


  1. Nach Instalation von Iminet,kein Netzwerk mehr (kein internet mehr) Goggle Chrome und IE lassen sich nicht öffnen(weißer Bildschirm)
    Plagegeister aller Art und deren Bekämpfung - 27.12.2014 (1)
  2. Nach Virenbefall kein Internet und teilweise kein Netzwerk mehr
    Plagegeister aller Art und deren Bekämpfung - 08.01.2014 (3)
  3. Kein Zugriff mehr auf YouTube, Facebook, Google,Ebay und tumblr
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (1)
  4. weißer bildschirm, keine taskleiste, kein taskmanager mehr - kein Klicken möglich
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (1)
  5. iTAN Trojaner bei Zugriff auf comdirect online Banking - danach kein fehlerfreies Anmelden mehr mögl
    Log-Analyse und Auswertung - 26.04.2012 (9)
  6. Keine Anmeldung bei Windows mehr möglich. Passwort feld fehlt. Kein Internet mehr. Kein Admin mehr.
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (5)
  7. BKA-Trojaner - Windows XP - kein eloxor.exe und jashla.exe gefunden - Kein Experte / Angst
    Plagegeister aller Art und deren Bekämpfung - 14.01.2012 (44)
  8. Nach Virus kein Internet mehr und dazu Ebay Konto gehackt!
    Mülltonne - 02.09.2011 (1)
  9. Ebay und Online Banking Account gesperrt
    Log-Analyse und Auswertung - 28.07.2011 (1)
  10. Online Banking gesperrt, Hinweis mals von mail provider, ebay, etc (Gozi)
    Plagegeister aller Art und deren Bekämpfung - 28.12.2010 (15)
  11. Hilfe - iexplore.exe und kein sound mehr. Kein Virus? Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 14.07.2010 (114)
  12. nach CCleaner kein Bootvorgang /kein BIOS mehr
    Alles rund um Windows - 19.02.2010 (27)
  13. Kein Virenscanner, keine Firewall, kein HijackThis... Nix mehr!
    Plagegeister aller Art und deren Bekämpfung - 28.04.2009 (4)
  14. kein online scanner funktioniert mehr (Virus??)
    Plagegeister aller Art und deren Bekämpfung - 28.09.2008 (5)
  15. Kein Lan kein Wlan funkt mehr beim laptop!
    Log-Analyse und Auswertung - 27.07.2007 (5)
  16. Kein Antiviren-Programm und auch kein abgesicherter Modus mehr möglich
    Log-Analyse und Auswertung - 12.02.2007 (1)
  17. kein "mein ebay" und kein oddset mehr
    Log-Analyse und Auswertung - 14.03.2005 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden - Hallo, mein Bank hat mien OnlineBanking gesperrt und Ebay hat mich auch gesperrt wegen Trojaner Warnung. Ein Scan entfernte mehrere Trojaner (EXP/CVE-2010-4452.A, JAVA/Exdoer.CH, JAVA/Exdoer.CV.1, JAVA/Exdoer.AJ, EXP/CVE-2010-4452.C). Ich nutze Windows Vista - Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden...
Archiv
Du betrachtest: Kein Online Banking, kein Ebay mehr, 4 Trojaner gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55