Windows aus Sicherheitsgründen gesperrt - Trojaner, malwarebytes Suchlauf ohne Fund

Sabina89 · 04.01.2012, 00:35

Hallo, wie so einige hier habe ich auch den Trojaner, dass mein Windows aus Sicherheitsgründen gesperrt wurde. Habe Malwarebytes durchlaufen lassen, leider ohne Fund:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.03.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
S****:: S**** [Administrator]

Schutz: Aktiviert

03.01.2012 23:47:04
mbam-log-2012-01-03 (23-47-04).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 295793
Laufzeit: 43 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Ich weiß es wird eine Weile dauern bis jemand helfen kann, so viel wie hier los ist, deswegen werde ich mich an den anderen Beiträgen orientieren und weitere Programme suchen lassen.

Danke schonmal und lieben Gruß

Habe jetzt OTL im abgesicherten Modus durchgeführt ohne eine Angabe in das Benutzerdefinierte Feld zu machen, folgendes habe ich bekommen:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 04.01.2012 00:59:39 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,99 Gb Available Physical Memory | 75,78% Memory free
7,90 Gb Paging File | 6,97 Gb Available in Paging File | 88,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,78 Gb Total Space | 413,68 Gb Free Space | 91,57% Space Free | Partition Type: NTFS
 
Computer Name: S**** | User Name: **** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\****\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.31 14:12:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.12.31 15:35:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011.12.31 14:13:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2011.12.31 15:07:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\5ryfp9kc.default\extensions
[2011.12.31 15:07:59 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\5ryfp9kc.default\extensions\toolbar@ask.com
[2012.01.02 13:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.02 13:32:40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [flash.exe] C:\Users\****\AppData\Roaming\Adobe\Flash Player\flash.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23DE1942-ED20-4DCD-902C-54A192B2EFD3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.03 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.01.03 23:12:42 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes
[2012.01.03 23:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.03 23:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.03 23:12:16 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.03 23:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.03 10:56:31 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\Microsoft Office
[2012.01.03 10:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.01.03 10:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.01.03 10:52:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.01.02 15:19:00 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Adobe
[2012.01.02 13:33:19 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\ArcSoft
[2012.01.02 13:33:12 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\ArcSoft
[2012.01.02 13:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.01.02 13:32:18 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.01.02 12:21:14 | 000,000,000 | ---D | C] -- C:\Users\****\bewerbungen
[2012.01.02 12:06:50 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.01.02 12:06:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.01.02 12:06:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.01.02 12:06:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.01.02 12:06:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.01.02 12:06:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.01.02 12:06:46 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.01.02 12:06:45 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.01.02 12:06:45 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.01.02 12:06:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.02 12:06:44 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.01 14:07:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.01.01 14:07:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.01.01 14:07:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.01.01 14:07:29 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.01.01 14:07:29 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.01.01 14:07:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.01.01 14:07:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.01.01 14:07:29 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.01.01 14:07:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.01.01 14:07:29 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.01.01 14:07:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.01.01 14:07:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.01.01 14:07:17 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.01.01 14:07:16 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.01.01 14:07:16 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.01.01 14:07:16 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.01.01 14:07:16 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.01.01 14:07:13 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.01.01 14:07:13 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.01.01 14:07:13 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.01.01 14:07:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.01.01 14:07:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.01.01 14:07:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.01.01 14:07:13 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.01.01 14:07:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.01.01 14:07:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.01.01 14:06:55 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.01.01 14:06:55 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.01.01 14:06:54 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.01.01 14:06:23 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.01.01 14:06:23 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.01.01 14:06:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.01.01 14:06:23 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.01.01 14:05:52 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.01.01 14:05:52 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.01.01 14:05:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.01.01 14:05:51 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.01.01 14:05:51 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.01.01 14:05:50 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.01.01 14:05:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.01.01 14:05:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.01.01 14:05:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.01.01 14:05:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.01.01 14:05:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.01.01 14:05:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.01.01 14:05:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.01.01 14:05:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.01.01 14:05:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.01.01 14:05:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.01.01 14:05:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.01.01 14:05:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.01.01 14:05:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.01.01 14:05:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.01.01 14:05:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.01.01 14:05:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.01.01 14:05:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.01.01 14:05:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.01.01 14:05:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.01.01 14:05:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.01.01 14:05:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.01.01 14:05:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.01.01 14:05:08 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.01.01 14:05:08 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.01.01 14:05:07 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.01.01 14:05:07 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.01.01 14:04:53 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.01.01 14:04:53 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.01.01 14:04:52 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.12.31 17:41:22 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Axialis
[2011.12.31 16:07:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Apple Computer
[2011.12.31 16:07:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Apple Computer
[2011.12.31 16:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.31 16:07:17 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.12.31 16:07:17 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.12.31 16:07:17 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.12.31 16:07:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.12.31 16:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.31 16:06:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.31 16:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.12.31 16:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.12.31 16:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.12.31 16:05:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Apple
[2011.12.31 16:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.12.31 16:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.12.31 16:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.31 16:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.12.31 16:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.12.31 16:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.12.31 15:38:34 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\skypePM
[2011.12.31 15:36:16 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Thunderbird
[2011.12.31 15:36:16 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Thunderbird
[2011.12.31 15:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011.12.31 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Skype
[2011.12.31 15:11:06 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Avira
[2011.12.31 15:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.31 15:07:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011.12.31 15:07:37 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.31 15:07:37 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.31 15:07:37 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.31 15:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.31 15:07:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.12.31 14:12:56 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Mozilla
[2011.12.31 14:12:56 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Mozilla
[2011.12.31 14:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.12.31 14:10:52 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Adobe
[2011.12.31 14:07:39 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Intel Corporation
[2011.12.31 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\BMExplorer
[2011.12.31 14:07:33 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Bluetooth Folder
[2011.12.31 14:07:30 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Atheros
[2011.12.31 14:07:01 | 000,000,000 | R--D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.31 14:07:01 | 000,000,000 | R--D | C] -- C:\Users\****\Searches
[2011.12.31 14:07:01 | 000,000,000 | R--D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.31 14:06:52 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Identities
[2011.12.31 14:06:49 | 000,000,000 | R--D | C] -- C:\Users\****\Contacts
[2011.12.31 14:06:46 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\VirtualStore
[2011.12.31 14:05:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2011.12.31 14:05:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.12.31 13:02:43 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Sony Corporation
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Vorlagen
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\AppData\Local\Verlauf
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\AppData\Local\Temporary Internet Files
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Startmenü
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\SendTo
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Recent
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Netzwerkumgebung
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Lokale Einstellungen
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Documents\Eigene Videos
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Documents\Eigene Musik
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Documents\Eigene Bilder
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Druckumgebung
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Cookies
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\AppData\Local\Anwendungsdaten
[2011.12.31 13:02:38 | 000,000,000 | -HSD | C] -- C:\Users\****\Anwendungsdaten
[2011.12.31 13:02:37 | 000,000,000 | --SD | C] -- C:\Users\****\AppData\Roaming\Microsoft
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Videos
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Saved Games
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Pictures
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Music
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Links
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Favorites
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Downloads
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Documents
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\Desktop
[2011.12.31 13:02:37 | 000,000,000 | R--D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.31 13:02:37 | 000,000,000 | -HSD | C] -- C:\Users\****\Eigene Dateien
[2011.12.31 13:02:37 | 000,000,000 | -H-D | C] -- C:\Users\****\AppData
[2011.12.31 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Temp
[2011.12.31 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Microsoft
[2011.12.31 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Media Center Programs
[2011.12.31 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Macromedia
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.12.31 13:02:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.12.31 13:01:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.04 01:02:31 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.04 01:02:31 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.04 01:02:31 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.04 01:02:31 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.04 01:02:31 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.04 00:58:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.04 00:57:54 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.04 00:53:35 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.04 00:53:35 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.03 23:12:18 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.03 22:58:09 | 000,384,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.03 10:57:34 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.01.02 18:54:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.01.02 12:28:21 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.31 16:07:23 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.31 15:38:37 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.12.31 15:35:56 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.12.31 15:08:06 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.31 14:12:51 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.12.31 14:06:43 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEH2D0E.mrk
[2011.12.31 14:06:43 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEH2D0E.mrk
[2011.12.31 13:00:15 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.12.31 13:00:15 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.03 23:12:18 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.03 10:57:34 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.01.02 18:54:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.01.02 12:24:15 | 000,020,661 | ---- | C] () -- C:\Users\****\Documents\Unbenannt 1.odt
[2011.12.31 16:07:23 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.12.31 16:05:19 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.12.31 15:38:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.12.31 15:35:56 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.12.31 15:35:55 | 000,002,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2011.12.31 15:08:06 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.31 14:12:51 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.12.31 14:12:51 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.12.31 14:07:11 | 000,001,409 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.12.31 14:07:06 | 000,001,443 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.31 14:06:43 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEH2D0E.mrk
[2011.12.31 14:06:43 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEH2D0E.mrk
[2011.12.31 14:05:53 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited powered by Qriocity.lnk
[2011.12.31 12:56:35 | 3180,220,416 | -HS- | C] () -- C:\hiberfil.sys
[2011.03.30 02:46:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.30 02:46:47 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.30 02:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 00:03:27 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.12.31 15:36:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird
[2009.07.14 06:08:49 | 000,007,930 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

markusg · 04.01.2012, 13:42

hi
na so lange hatts doch nicht gedauert oder :-)

bitte im folgenden script *** durch nutzernamen ersetzen damit es läuft

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL
O4 - HKCU..\Run: [flash.exe] C:\Users\****\AppData\Roaming\Adobe\Flash Player\flash.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

 :Files
C:\Users\****\AppData\Roaming\Adobe\Flash Player\flash.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden
öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html

Sabina89 · 04.01.2012, 14:07

Hallo Markusg, vielen Dank für deine Hilfe.

Hier der Text von OTL:

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\flash.exe deleted successfully.
C:\Users\S****\AppData\Roaming\Adobe\Flash Player\flash.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 56502 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: gastadmin
->Flash cache emptied: 57768 bytes
 
User: Public
 
User: S****
->Flash cache emptied: 58338 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: gastadmin
->Temp folder emptied: 405066 bytes
->Temporary Internet Files folder emptied: 69026 bytes
->FireFox cache emptied: 72055140 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: S****
->Temp folder emptied: 51142931 bytes
->Temporary Internet Files folder emptied: 22446240 bytes
->Java cache emptied: 349150 bytes
->FireFox cache emptied: 692901000 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 125488708 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2721300012 bytes
 
Total Files Cleaned = 3.515,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 01042012_135822

Files\Folders moved on Reboot...
C:\Users\S***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Ich habe leider ein Problem mit dem letzten Teil der Anleitung: "wähle zu moved files.rar oder zip hinzufügen." Diese Option gibt es bei mir nicht, nur "Zu Vaio Gate hinzufügen"

Habe einen Vaio VPCEH mit Win 7.

Lieben Gruß

markusg · 04.01.2012, 14:40

hi,
sehr gut.
lade mal winrar:
http://www.chip.de/downloads/WinRAR-..._12994655.html
instalieren, neustarten.
dann sollte es zu movedfiles.rar hinzufügen geben, wenn du einen rechtsklick auf moved files machst

Sabina89 · 04.01.2012, 14:54

Okay, danke. Habs jetzt zweimal nach Anleitung hochgeladen aber es ist nicht da...??

markusg · 04.01.2012, 15:16

hi,
sobald da steht, upload erfolgreich, passt das, klar hast du da keinen zugriff, da ist nen trojaner drinnen deswegen ist das in nem extra foren bereich :-)
ich hab die datei bekommen, man dankt

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.

Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
Tool

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Hinweis:
Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Sabina89 · 04.01.2012, 15:40

Vielen dank, hat geklappt

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 12-01-03.08 - *** 04.01.2012  15:30:29.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4044.2600 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\java.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-04 bis 2012-01-04  ))))))))))))))))))))))))))))))
.
.
2012-01-04 14:34 . 2012-01-04 14:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-04 13:02 . 2012-01-04 13:02	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F252BB92-23F9-485C-82C2-333E215104B6}\offreg.dll
2012-01-04 12:58 . 2012-01-04 13:45	--------	d-----w-	C:\_OTL
2012-01-03 22:22 . 2012-01-03 22:22	--------	d-----w-	c:\program files (x86)\ESET
2012-01-03 22:15 . 2012-01-03 22:16	--------	d-----w-	c:\users\gastadmin
2012-01-03 22:12 . 2012-01-03 22:12	--------	d-----w-	c:\programdata\Malwarebytes
2012-01-03 22:12 . 2012-01-03 22:12	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 22:12 . 2011-12-10 14:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-01-03 09:52 . 2012-01-03 09:52	--------	d-----r-	C:\MSOCache
2012-01-03 07:24 . 2011-11-30 01:21	8822856	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F252BB92-23F9-485C-82C2-333E215104B6}\mpengine.dll
2012-01-03 07:24 . 2011-04-28 03:55	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-01-03 07:24 . 2011-04-28 03:54	80384	----a-w-	c:\windows\system32\drivers\BTHUSB.SYS
2012-01-02 12:32 . 2012-01-02 12:32	--------	d-----r-	c:\program files (x86)\Skype
2012-01-01 13:06 . 2011-09-29 16:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-01-01 13:06 . 2011-03-12 12:08	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2012-01-01 13:06 . 2011-03-12 11:23	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2012-01-01 13:06 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2012-01-01 13:06 . 2011-08-17 05:26	613888	----a-w-	c:\windows\system32\psisdecd.dll
2012-01-01 13:06 . 2011-08-17 05:25	108032	----a-w-	c:\windows\system32\psisrndr.ax
2012-01-01 13:06 . 2011-08-17 04:24	465408	----a-w-	c:\windows\SysWow64\psisdecd.dll
2012-01-01 13:06 . 2011-08-17 04:19	75776	----a-w-	c:\windows\SysWow64\psisrndr.ax
2012-01-01 13:06 . 2011-04-29 03:05	410112	----a-w-	c:\windows\system32\drivers\srv2.sys
2012-01-01 13:06 . 2011-04-29 03:05	168448	----a-w-	c:\windows\system32\drivers\srvnet.sys
2012-01-01 13:06 . 2011-04-29 03:06	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2012-01-01 13:04 . 2011-06-23 05:43	5561216	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-01-01 13:04 . 2011-06-23 04:33	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-01-01 13:04 . 2011-06-23 04:33	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-12-31 15:07 . 2009-05-18 12:17	34152	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2011-12-31 15:07 . 2008-04-17 11:12	126312	----a-w-	c:\windows\system32\GEARAspi64.dll
2011-12-31 15:07 . 2008-04-17 11:12	107368	----a-w-	c:\windows\SysWow64\GEARAspi.dll
2011-12-31 15:07 . 2011-12-31 15:07	--------	dc----w-	c:\windows\system32\DRVSTORE
2011-12-31 15:06 . 2011-12-31 15:07	--------	d-----w-	c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-31 15:06 . 2011-12-31 15:07	--------	d-----w-	c:\program files\iTunes
2011-12-31 15:06 . 2011-12-31 15:07	--------	d-----w-	c:\program files (x86)\iTunes
2011-12-31 15:06 . 2011-12-31 15:06	--------	d-----w-	c:\programdata\Apple Computer
2011-12-31 15:06 . 2011-12-31 15:06	--------	d-----w-	c:\program files\iPod
2011-12-31 15:05 . 2011-12-31 15:05	--------	d-----w-	c:\program files (x86)\Apple Software Update
2011-12-31 15:05 . 2011-12-31 15:05	--------	d-----w-	c:\program files\Common Files\Apple
2011-12-31 15:04 . 2011-12-31 15:04	--------	d-----w-	c:\program files\Bonjour
2011-12-31 15:04 . 2011-12-31 15:04	--------	d-----w-	c:\program files (x86)\Bonjour
2011-12-31 15:04 . 2011-12-31 15:06	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2011-12-31 15:04 . 2011-12-31 15:05	--------	d-----w-	c:\programdata\Apple
2011-12-31 14:35 . 2011-12-31 14:35	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2011-12-31 14:07 . 2011-12-31 14:07	--------	d-----w-	c:\program files (x86)\Ask.com
2011-12-31 14:07 . 2011-12-15 14:00	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-12-31 14:07 . 2011-12-15 13:59	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-12-31 14:07 . 2011-12-15 13:59	130760	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-12-31 14:07 . 2011-12-31 14:08	--------	d-----w-	c:\programdata\Avira
2011-12-31 14:07 . 2011-12-31 14:07	--------	d-----w-	c:\program files (x86)\Avira
2011-12-31 13:05 . 2011-12-31 13:05	--------	d-----w-	c:\windows\SysWow64\VAIO Startup Setting Tool
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-31 13:05 . 2010-06-24 09:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 13:29 . 2010-11-21 03:27	270720	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-11-21 01:18	1515688	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-11-21 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-11-21 901800]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-15 463824]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-03-30 1021112]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\5ryfp9kc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-01-04  15:37:20
ComboFix-quarantined-files.txt  2012-01-04 14:37
.
Vor Suchlauf: 12 Verzeichnis(se), 446.726.086.656 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 446.117.736.448 Bytes frei
.
- - End Of File - - 59BF2CDFC66F20C1E5F91076AC399AE0
         
 --- --- ---

markusg · 04.01.2012, 16:12

öffne mal bitte malwarebytes, logdateien, poste die scan logs

Sabina89 · 04.01.2012, 16:57

Folgende hab ich da:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.03.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
***** :: ***** [Administrator]

Schutz: Aktiviert

03.01.2012 23:47:04
mbam-log-2012-01-03 (23-47-04).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 295793
Laufzeit: 43 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

2012/01/03 23:18:23 +0100	*****	gastadmin	MESSAGE	Executing scheduled update:  Daily
2012/01/03 23:18:23 +0100	*****	gastadmin	MESSAGE	Starting protection
2012/01/03 23:18:25 +0100	*****	gastadmin	MESSAGE	Protection started successfully
2012/01/03 23:18:25 +0100	*****	gastadmin	MESSAGE	Database already up-to-date
2012/01/03 23:18:28 +0100	*****	gastadmin	MESSAGE	Starting IP protection
2012/01/03 23:18:29 +0100	*****	gastadmin	MESSAGE	IP Protection started successfully
2012/01/03 23:47:17 +0100	*****	*****	MESSAGE	Starting protection
2012/01/03 23:47:19 +0100	*****	*****	MESSAGE	Protection started successfully
2012/01/03 23:47:22 +0100	*****	*****	MESSAGE	Starting IP protection
2012/01/03 23:47:23 +0100	*****	*****	MESSAGE	IP Protection started successfully

Code:

ATTFilter

2012/01/04 10:36:07 +0100	*****	gastadmin	MESSAGE	Starting protection
2012/01/04 10:36:09 +0100	*****	gastadmin	MESSAGE	Protection started successfully
2012/01/04 10:36:12 +0100	*****	gastadmin	MESSAGE	Starting IP protection
2012/01/04 10:36:13 +0100	*****	gastadmin	MESSAGE	IP Protection started successfully
2012/01/04 12:54:55 +0100	*****	*****	MESSAGE	Starting protection
2012/01/04 12:54:57 +0100	*****	*****	MESSAGE	Protection started successfully
2012/01/04 12:55:00 +0100	*****	*****	MESSAGE	Starting IP protection
2012/01/04 12:55:01 +0100	*****	*****	MESSAGE	IP Protection started successfully
2012/01/04 14:02:30 +0100	*****	*****	MESSAGE	Starting protection
2012/01/04 14:02:32 +0100	*****	*****	MESSAGE	Protection started successfully
2012/01/04 14:02:35 +0100	*****	*****	MESSAGE	Starting IP protection
2012/01/04 14:02:36 +0100	*****	*****	MESSAGE	IP Protection started successfully

soll ichs nochmal laufen lassen??

Die Meldung erscheint übrigens nicht mehr

markusg · 04.01.2012, 17:04

nein, brauchst du nicht.
wir räumen jetzt noch auf, und sichern den pc ab.
öffne otl, klicke bereinigen, pc startet neu, otl und combofix werden gelöscht.

lade den CCleaner standard:
CCleaner Download - CCleaner 3.14.1616
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Sabina89 · 04.01.2012, 17:21

Vieeelen Dank!!

Mein PC ist erst ein paar Tage alt, deswegen sind so gut wie keine Programme von mir drauf, das allermeiste war vorinstalliert und ich wusste nicht, ob ichs runter hauen kann. Hier also meine Liste:

Code:

ATTFilter

ActiveX контрола на Windows Live Mesh за отдалечени връзки	Microsoft Corporation	02.09.2011	5,57MB	15.4.5722.2  unbekannt
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2  unbekannt
Adobe AIR	Adobe Systems Inc.	03.01.2012		2.5.1.17730 unbekannt
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	02.09.2011	2,72MB	10.2.152.26 unbekannt
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	02.09.2011	2,68MB	10.2.152.26 unbekannt
Adobe Reader X MUI	Adobe Systems Incorporated	02.09.2011	471MB	10.0.0 unbekannt
Alps Pointing-device for VAIO	ALPS ELECTRIC CO., LTD.	02.09.2011		unbekannt
Apple Application Support	Apple Inc.	30.12.2011	61,2MB	2.1.6 unbekannt
Apple Mobile Device Support	Apple Inc.	30.12.2011	24,9MB	4.0.0.97 unbekannt
Apple Software Update	Apple Inc.	30.12.2011	2,38MB	2.1.3.127 unbekannt
ArcSoft Magic-i Visual Effects 2	ArcSoft	03.01.2012	69,5MB	2.0.1.142 notwendig
ArcSoft WebCam Companion 4	ArcSoft	03.01.2012	81,3MB	4.0.21.392 notwendig
Avira Free Antivirus	Avira	03.01.2012	108,9MB	12.0.0.872 notwendig
Avira SearchFree Toolbar plus Web Protection	Ask.com	30.12.2011	3,75MB	1.13.2.0 unnötig
Bluetooth Win7 Suite (64)	Atheros Communications	02.09.2011	74,5MB	7.3.0.100 unbekannt
Bonjour	Apple Inc.	30.12.2011	2,04MB	3.0.0.10 unbekannt
CCleaner	Piriform	03.01.2012		3.14 unbekannt
Conexant HD Audio	Conexant	02.09.2011		8.54.0.53 unbekannt
Control ActiveX Windows Live Mesh pentru conexiuni la distanță	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Controlo ActiveX do Windows Live Mesh para Ligações Remotas	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Contrôle ActiveX Windows Live Mesh pour connexions à distance	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
ESET Online Scanner v3		03.01.2012		unnötig
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Intel(R) Control Center	Intel Corporation	03.09.2011		1.2.1.1007 unbekannt
Intel(R) Management Engine Components	Intel Corporation	03.09.2011		7.0.0.1144 unbekannt
Intel(R) Processor Graphics	Intel Corporation	03.09.2011		8.15.10.2291 unbekannt
Intel(R) Rapid Storage Technology	Intel Corporation	03.09.2011		10.0.0.1046 unbekannt
iTunes	Apple Inc.	30.12.2011	172,5MB	10.5.2.11 unbekannt
Java(TM) 6 Update 22	Oracle	02.09.2011	97,1MB	6.0.220 unbekannt
Java(TM) 6 Update 22 (64-bit)	Oracle	02.09.2011	90,7MB	6.0.220 unbekannt
Malwarebytes Anti-Malware Version 1.60.0.1800	Malwarebytes Corporation	02.01.2012	18,6MB	1.60.0.1800 unnötig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	10.02.2011	38,8MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	02.09.2011	2,94MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Extended	Microsoft Corporation	10.02.2011	52,0MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	02.09.2011	10,7MB	4.0.30319 unbekannt
Microsoft Office Professional Edition 2003	Microsoft Corporation	02.01.2012	413MB	11.0.5614.0 notwendig
Microsoft Silverlight	Microsoft Corporation	02.09.2011	20,4MB	4.0.50401.0 unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	02.09.2011	1,70MB	3.1.0000 unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	30.12.2011	11,1MB	10.0.40219 unbekannt
Mozilla Firefox 9.0.1 (x86 de)	Mozilla	03.01.2012	36,4MB	9.0.1 notwendig notwendig
MSXML 4.0 SP3 Parser	Microsoft Corporation	02.09.2011	1,48MB	4.30.2100.0 unbekannt
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	01.01.2012	1,53MB	4.30.2107.0 unbekannt
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
PMB	Sony Corporation	02.09.2011	283MB	5.5.02.12220 unbekannt
Realtek PCIE Card Reader	Realtek Semiconductor Corp.	02.09.2011		6.1.7600.77 unbekannt
Skype Click to Call	Skype Technologies S.A.	01.01.2012	12,5MB	5.8.8855 notwendig
Skype™ 5.5	Skype Technologies S.A.	01.01.2012	17,0MB	5.5.124 notwendig
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
VAIO - Media Gallery	Sony Corporation	02.09.2011		1.5.0.16020 unbekannt
VAIO - PMB VAIO Edition Guide	Sony Corporation	02.09.2011	72,4MB	1.6.00.06030 unbekannt
VAIO - PMB VAIO Edition Plug-in	Sony Corporation	02.09.2011	193,4MB	1.6.00.06140 unbekannt
VAIO - Remote Play mit PlayStation®3	Sony Corporation	02.09.2011		1.1.0.15070 unbekannt
VAIO - Remote-Tastatur	Sony Corporation	03.09.2011		1.0.1.03020 unbekannt
VAIO Care	Sony Corporation	02.09.2011		6.4.0.15030 unbekannt
VAIO Control Center	Sony Corporation	02.09.2011		4.5.0.03040 unbekannt
VAIO Data Restore Tool	Sony Corporation	02.09.2011		1.6.0.13140 unbekannt
VAIO Easy Connect	Sony Corporation	02.09.2011		1.0.0.03050 unbekannt
VAIO Event Service	Sony Corporation	02.09.2011		 unbekannt
VAIO Gate	Sony Corporation	02.09.2011		2.3.0.11090 unbekannt
VAIO Gate Default	Sony Corporation	02.09.2011		2.4.0.03240 unbekannt
VAIO Hero Screensaver - Summer 2011 Screensaver		03.01.2012		unbekannt
VAIO Improvement	Sony Corporation	02.09.2011		1.0.0.14150 unbekannt
VAIO Improvement Validation	Sony Corporation	02.09.2011	0,48MB	1.0.4.01190 unbekannt
VAIO Quick Web Access	Sony Corporation	02.09.2011	335MB	1.4.5.3 unbekannt
VAIO Sample Contents	Sony Corporation	02.09.2011		1.4.2.09010 unbekannt
VAIO Smart Network	Sony Corporation	02.09.2011		3.5.0.02280 unbekannt
VAIO Update	Sony Corporation	02.09.2011		5.4.0.15300 unbekannt
VAIO-Handbuch	Sony Corporation	02.09.2011		2.0.0.02250 unbekannt
VAIO-Support für Übertragungen	Sony Corporation	02.09.2011		1.4.0.14230 unbekannt
Windows Live Essentials	Microsoft Corporation	03.09.2011		15.4.3508.1109 unbekannt
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Windows Live Mesh ActiveX Control for Remote Connections	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Windows Live Mesh ActiveX-objekt til fjernforbindelser	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2unbekannt
Windows Live Meshin etäyhteyksien ActiveX-komponentti	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
WinRAR 4.01 (64-Bit)	win.rar GmbH	03.01.2012		4.01.0 notwendig
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Елемент керування Windows Live Mesh ActiveX для віддалених підключень	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt
Элемент управления Windows Live Mesh ActiveX для удаленных подключений	Microsoft Corporation	02.09.2011	5,38MB	15.4.5722.2 unbekannt#

Windows aus Sicherheitsgründen gesperrt - Trojaner, malwarebytes Suchlauf ohne Fund

Plagegeister aller Art und deren Bekämpfung: Windows aus Sicherheitsgründen gesperrt - Trojaner, malwarebytes Suchlauf ohne Fund