Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mit Verschlüsselungstrojaner befallen.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.06.2012, 23:00   #1
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Hallo Helfer und Mitleidige.

Wie doof war ich, als ich den Anhang öffnete???

Nun denn. Der Virus war auf dem System. Schnell habe ich noch eine Kopie meiner Dateien gemacht. Leider zu spät. Alles schon befallen. Ich habe gar nicht lange gefackelt und habe das System einmal erneuert. Jetzt bin ich fertig damit und wollte meine Dateien öffnen. == Nichts geht

Dateien alle beschädigt. pdf, jpg, etc....

Ich dachte erstmal an einen Überspielungsfehler und habe pdf Repair geladen, bis ich nach meiner Suche hier gelandet bin....

Das schöne Bild hatte ich auch auf meinem Bildschirm... Bitte zahlen Sie, etc..

Ich habe die Mail noch im web.de Postfach. Soll ich sie jemandem schicken? Wenn ja, wohin?

Ich habe mich ein wenig belesen mit dem Decrypter. Checke das aber leider nicht so ganz und bräuchte Hilfe, um meine Dateien wieder herzustellen. Das sind alles Kundendaten und Infos...ahhhh.. Bitte helft mir.

Würde mich über Antwort freuen, wie ich vorgehen kann.

1. Das mit defogger habe ich gemacht. Kam nichts.

2.OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.06.2012 00:33:55 - Run 1
OTL by OldTimer - Version 3.2.45.0     Folder = C:\Users\*************\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 40,00% Memory free
4,23 Gb Paging File | 2,24 Gb Available in Paging File | 52,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,69 Gb Total Space | 168,47 Gb Free Space | 75,99% Space Free | Partition Type: NTFS
 
Computer Name: ************| User Name: **********| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Call Graph\xulrunner\xulrunner.exe" = C:\Program Files\Call Graph\xulrunner\xulrunner.exe:*:Enabled:Call Graph Browser -- (Mozilla Foundation)
"C:\Program Files\Call Graph\CallGraph.exe" = C:\Program Files\Call Graph\CallGraph.exe:*:Enabled:Call Graph -- (Sedna Wireless Pvt. Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{746CD7A3-7720-4F5D-81B6-DB6257B8FBFC}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042A4AC4-A34C-45A5-B92D-D76D4C617602}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | 
"{081BCEEB-4CA9-4828-A370-AA88D5DF8029}" = dir=in | app=c:\users\optima~1\appdata\local\temp\7zs5b1e\ojj4600_full_14\setup\hpznui01.exe | 
"{27143E6E-42D1-42AA-9959-723B4A692AC6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{29786BBE-F05C-4265-A872-FED5FACDEC24}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | 
"{32460616-E3F6-4741-BCFD-543ADF26E6CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | 
"{3BAC307E-03F3-4D09-96F2-986FCF34AD77}" = dir=in | app=c:\users\optima~1\appdata\local\temp\7zs0eea\ojj4600_full_14\setup\hpznui01.exe | 
"{44039520-24B8-47E1-94D6-D2BF3B05B30F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{4911F1B6-BB3F-47F0-83BC-B75F7078F728}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{5544110C-48FC-4B8A-947F-CA075E816077}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{598552F0-1797-41D4-A2B7-DE62F8C007CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | 
"{66D79979-9107-49A7-A517-109FD10565B7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{6F84B67B-0138-4B0B-BC3F-8FEC0D64DB1D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{9BE6AD67-840B-4596-816C-4191E2AFD046}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{A1D3DD22-D103-4412-9654-5CCB8B504E29}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{AD872B9B-D50D-4FF9-A7A9-8A9DD8C5933E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{BC2AA3C4-030B-48AA-A44F-19D449BADBC1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{CDC8623E-710B-4F94-98B8-AB484BB913E4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D9EECFC5-07D1-4F1C-9DDA-DA11BD03CD39}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{E0BB4E85-CFB0-4014-AD1C-4F524BA66506}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{F4DC55CE-C308-49C4-A7BA-39E6A4631958}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | 
"{FC68C80C-6E79-4CA1-915B-469431883810}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"TCP Query User{E7BFB344-F582-4140-B89A-1660DA7B9551}C:\program files\call graph\callgraph.exe" = protocol=6 | dir=in | app=c:\program files\call graph\callgraph.exe | 
"UDP Query User{B53DDA48-8906-4021-BFB9-74AD6E83B1DF}C:\program files\call graph\callgraph.exe" = protocol=17 | dir=in | app=c:\program files\call graph\callgraph.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{017FDD1B-A971-4084-B652-584181002812}" = VAIO Content Metadata Intelligent Analyzing Manager
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15619017-86DB-49F8-AD97-DC1BC616502E}" = ProductContext
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{33017152-D6EA-46DD-93E0-7D2679CCBB51}" = Corel WinDVD
"{3B540E44-8382-4899-B481-1E2E02E38F3E}" = 4660_4680_Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4945F319-A24D-454C-A411-F3689987315D}" = HP OfficeJet J4600 All-In-One Series
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}" = VAIO Content Metadata Intelligent Analyzing Manager
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B629CD93-A629-4A9F-8B6E-218E741A316E}" = BPDSoftware_Ini
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C11B0B31-C101-4B56-8BA8-F5113022EF2B}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D7D3E265-119C-4EFD-BB43-BEAF464FC969}" = J4680
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DCE9C52A-95DD-4075-9FC6-3313FB8748A5}" = BPDSoftware
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4715C25-7114-4F40-A915-C1951D4D7520}" = VAIO Update Merge Module x86
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{EC7FE03D-239A-4E36-9907-0E327922D2A2}" = bpd_scan
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"ca_keynote_is1" = Password Memory 4.0.1
"Call Graph" = Call Graph
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"dt icon module" = 
"DWS_Power_Inside_5_is1" = DWS Power Inside Version 7/2011 Update 6.6.0
"FormatFactory" = FormatFactory 2.80
"gtfirstboot Setting Request" = 
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MarketingTools" = Vaio Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Shop for HP Supplies" = Shop for HP Supplies
"VAIO Help and Support" = 
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" = 
"VAIO_Premiere" = 
"VAIO_Standard" = 
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.06.2012 04:08:13 | Computer Name = OptimaPlus-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Sony\VAIO
 Movie Story\VMStory.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program
 Files\Sony\VAIO Movie Story\x86_sony.vms.vmsengine\x86_sony.vms.vmsengine.MANIFEST"
 in Zeile  8.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
 angeforderten Komponente überein.  Verweis: x86_sony.vms.vmsengine,processorArchitecture="x86",type="win32",version="1.2.0.12110".
Definition:
 x86_sony.vms.vmsengine,processorArchitecture="X86",type="win32",version="1.0.0.16190".
Verwenden
 Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 01.06.2012 04:08:13 | Computer Name = *************| Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Sony\VAIO
 Movie Story\VMStory.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program
 Files\Sony\VAIO Movie Story\x86_sony.vms.vmsengine\x86_sony.vms.vmsengine.MANIFEST"
 in Zeile  8.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
 angeforderten Komponente überein.  Verweis: x86_sony.vms.vmsengine,processorArchitecture="x86",type="win32",version="1.2.0.12110".
Definition:
 x86_sony.vms.vmsengine,processorArchitecture="X86",type="win32",version="1.0.0.16190".
Verwenden
 Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 01.06.2012 04:10:44 | Computer Name = **********| Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:12:14 | Computer Name = *************| Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:13:56 | Computer Name = ********* | Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:15:28 | Computer Name = ***************| Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:16:49 | Computer Name = *************| Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:18:31 | Computer Name = **********| Source = VSS | ID = 8194
Description = 
 
Error - 01.06.2012 04:19:18 | Computer Name = **********| Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\Sony Shared\VcmXml\VcmXmlIfAdVMLib.dll".  Die abhängige Assemblierung "Sony.Sensing.VMData,processorArchitecture="x86",publicKeyToken="5a496c7842cd4787",type="win32",version="2.0.1.905""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 01.06.2012 05:11:27 | Computer Name = ***********| Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
[ System Events ]
Error - 01.06.2012 12:25:27 | Computer Name = **************| Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.06.2012 12:27:13 | Computer Name = ************| Source = Service Control Manager | ID = 7022
Description = 
 
Error - 01.06.2012 12:27:18 | Computer Name = **************| Source = DCOM | ID = 10016
Description = 
 
Error - 01.06.2012 14:28:11 | Computer Name = **************| Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.06.2012 15:31:38 | Computer Name = **********+| Source = DCOM | ID = 10010
Description = 
 
Error - 01.06.2012 15:36:01 | Computer Name = |************ Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.06.2012 16:16:16 | Computer Name = **************| Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.06.2012 16:43:08 | Computer Name = *************** | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 01.06.2012 16:43:09 | Computer Name = ***************| Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.06.2012 16:43:09 | Computer Name = ***************| Source = DCOM | ID = 10005
Description = 
 
 
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.06.2012 00:33:55 - Run 1
OTL by OldTimer - Version 3.2.45.0     Folder = C:\Users\*********++\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 40,00% Memory free
4,23 Gb Paging File | 2,24 Gb Available in Paging File | 52,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,69 Gb Total Space | 168,47 Gb Free Space | 75,99% Space Free | Partition Type: NTFS
 
Computer Name: OPTIMAPLUS-PC | User Name: **********| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.02 00:33:44 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\**********\Desktop\Downloads\OTL.exe
PRC - [2012.06.01 19:20:39 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2012.05.31 21:49:12 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.31 21:49:08 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.31 21:49:07 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.31 21:49:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.04.21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.15 17:10:32 | 012,319,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2012.01.17 11:36:08 | 001,015,912 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2012.01.13 10:53:48 | 000,939,624 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe
PRC - [2010.06.23 17:17:12 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2010.05.20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010.03.11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.11.02 14:40:56 | 000,036,864 | ---- | M] (Sony NSCE) -- C:\Programme\Sony\Marketing Tools\MarketingTools.exe
PRC - [2007.10.27 02:17:00 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007.10.10 17:24:26 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007.09.19 12:09:58 | 000,311,296 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2007.08.28 19:23:22 | 000,739,880 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.08.28 19:23:20 | 001,800,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007.08.14 21:05:18 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007.08.14 21:05:18 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007.07.12 05:00:36 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_02\bin\jusched.exe
PRC - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007.06.15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.06.11 22:04:36 | 000,190,696 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil9d.exe
PRC - [2007.06.10 02:12:18 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2007.06.10 02:12:18 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2007.06.10 02:12:16 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.01 21:43:28 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012.06.01 21:42:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.06.01 21:42:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.06.01 21:40:05 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.06.01 21:38:02 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.06.01 19:02:00 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\NService.dll
MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Programme\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.04.21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2012.01.26 13:00:14 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.01.03 12:58:11 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2009.08.05 10:45:04 | 000,106,312 | ---- | M] () -- C:\Programme\Microsoft Office\OFFICE11\OUTLCTL.DLL
MOD - [2009.03.30 06:42:19 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.08.28 19:16:36 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.08.28 19:03:14 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.06.01 19:02:00 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.31 21:49:12 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.31 21:49:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.04.21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.13 10:53:48 | 000,939,624 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2010.05.20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010.03.11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.09.08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:34:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008.01.19 09:34:44 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008.01.19 09:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.10.27 02:17:00 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007.09.28 21:11:44 | 000,292,128 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007.08.28 16:27:12 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007.08.28 16:27:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007.08.14 21:05:18 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007.06.28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.06.28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007.06.20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.06.20 15:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007.06.20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007.06.20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007.01.10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2006.12.14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.05.31 21:49:13 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.31 21:49:13 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.12.15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.26 11:35:50 | 008,235,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.04.11 06:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008.01.19 07:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007.10.30 02:00:32 | 000,075,008 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007.10.30 02:00:32 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007.10.27 02:17:08 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007.10.05 02:02:21 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.09.19 14:38:18 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007.08.29 03:58:45 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007.06.10 02:12:18 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.06.06 02:00:39 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007.02.13 19:06:36 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006.11.02 11:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006.11.02 11:49:44 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2006.11.02 11:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 11:49:20 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2006.11.02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2006.11.02 11:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006.11.02 10:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006.11.02 10:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006.11.02 10:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006.11.02 10:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006.11.02 10:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006.11.02 10:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006.11.02 10:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006.11.02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006.11.02 10:51:38 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2006.11.02 10:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006.11.02 10:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006.11.02 10:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006.11.02 10:35:03 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2006.11.02 10:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006.11.02 10:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006.11.02 10:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {54AD2F42-E765-4130-BB75-30059D868F74}
IE - HKLM\..\SearchScopes\{54AD2F42-E765-4130-BB75-30059D868F74}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=424e141d-f12a-4bc0-a8b0-18229542cd5a&apn_sauid=9547ECA4-3655-444B-B2F6-8AAA294073BB
IE - HKCU\..\SearchScopes\{54AD2F42-E765-4130-BB75-30059D868F74}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.31 22:22:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.01 15:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.31 22:22:18 | 000,000,000 | ---D | M]
 
[2012.06.01 09:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\********\AppData\Roaming\mozilla\Extensions
[2012.06.01 09:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\Extensions\contact@callgraph.in
[2012.06.01 15:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFBCE8E6-9B59-449F-A93E-0F882CC4D112}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Optima Plus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Optima Plus\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.01 23:03:55 | 000,000,000 | ---D | C] -- C:\Users\******\Application Data
[2012.06.01 22:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012.06.01 22:42:57 | 000,000,000 | R--D | C] -- C:\Users\*********+\Documents
[2012.06.01 21:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012.06.01 20:37:13 | 000,000,000 | ---D | C] -- C:\Users\************\AppData\Roaming\DWS Power Inside
[2012.06.01 18:15:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012.06.01 18:15:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012.06.01 18:15:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012.06.01 17:33:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.06.01 15:30:09 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Mozilla
[2012.06.01 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.01 15:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.06.01 15:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.06.01 15:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2012.06.01 15:16:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012.06.01 13:24:07 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012.06.01 11:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.06.01 10:13:13 | 000,000,000 | ---D | C] -- C:\Users\**********\AppData\Roaming\InstallShield
[2012.06.01 09:47:09 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Sedna Wireless
[2012.06.01 09:47:09 | 000,000,000 | ---D | C] -- C:\Users\**********\AppData\Local\Sedna Wireless
[2012.06.01 09:47:09 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Mozilla
[2012.06.01 01:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.06.01 00:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2012.05.31 22:35:26 | 000,000,000 | ---D | C] -- C:\Update
[2012.05.31 22:30:36 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\vlc
[2012.05.31 22:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.05.31 22:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.05.31 22:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012.05.31 22:25:59 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\HP
[2012.05.31 22:25:55 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\HP
[2012.05.31 22:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012.05.31 22:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012.05.31 22:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.05.31 22:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012.05.31 22:14:26 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2012.05.31 22:05:05 | 000,000,000 | ---D | C] -- C:\Users\********+\AppData\Roaming\Malwarebytes
[2012.05.31 22:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.31 22:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.31 22:04:53 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.31 22:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.31 21:52:58 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\WinRAR
[2012.05.31 21:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.05.31 21:52:57 | 000,000,000 | ---D | C] -- C:\Users\*************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.05.31 21:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.05.31 21:52:12 | 000,000,000 | ---D | C] -- C:\d2c820e6f6f35ffc3eb07f
[2012.05.31 21:40:50 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\DivX
[2012.05.31 21:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.31 21:14:37 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\NokiaAccount
[2012.05.31 21:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012.05.31 21:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.31 21:03:40 | 000,000,000 | ---D | C] -- C:\Users\******+\AppData\Roaming\HpUpdate
[2012.05.31 20:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012.05.31 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.05.31 20:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.05.31 20:44:06 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Call Graph
[2012.05.31 20:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Call Graph
[2012.05.31 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Skype
[2012.05.31 20:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.05.31 20:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.05.31 20:40:33 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.05.31 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\pdfforge
[2012.05.31 20:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.05.31 20:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.05.31 20:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012.05.31 20:35:44 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Nokia
[2012.05.31 20:35:43 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\PC Suite
[2012.05.31 20:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2012.05.31 20:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012.05.31 20:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012.05.31 20:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.05.31 20:33:52 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2012.05.31 20:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2012.05.31 20:31:11 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2012.05.31 20:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012.05.31 20:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2012.05.31 20:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012.05.31 20:26:17 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\APN
[2012.05.31 20:26:14 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012.05.31 20:25:50 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012.05.31 20:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2012.05.31 20:24:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
[2012.05.31 20:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2012.05.31 20:23:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2012.05.31 20:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012.05.31 20:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012.05.31 20:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.05.31 20:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.05.31 20:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.05.31 20:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.05.31 20:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DWS Power Inside
[2012.05.31 20:10:20 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Keynote
[2012.05.31 20:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.05.31 20:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\DWS Power Inside
[2012.05.31 20:09:12 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Avira
[2012.05.31 20:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Memory 4
[2012.05.31 20:06:52 | 000,000,000 | ---D | C] -- C:\Program Files\Password Memory 4
[2012.05.31 20:04:57 | 000,253,952 | ---- | C] (Flo) -- C:\Users\*********+\Desktop\Vista-ShutdownTimer.exe
[2012.05.31 20:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.31 20:02:40 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.05.31 20:02:19 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.05.31 20:02:18 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.31 20:02:17 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.31 20:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.05.31 20:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.05.31 19:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO-Wiederherstellungscenter
[2012.05.31 19:59:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Adobe
[2012.05.31 19:58:13 | 000,000,000 | ---D | C] -- C:\Users\*******\Desktop\Mit an Mail DWS RRP
[2012.05.31 19:57:05 | 000,000,000 | ---D | C] -- C:\Users\***********\Desktop\Privat
[2012.05.31 19:56:09 | 000,000,000 | ---D | C] -- C:\Users\**************\Desktop\Firma
[2012.05.31 19:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.05.31 19:52:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.05.31 19:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.05.31 19:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.05.31 19:51:17 | 000,000,000 | ---D | C] -- C:\Users\**********\Desktop\Antragskopien Martin
[2012.05.31 19:51:15 | 000,000,000 | ---D | C] -- C:\Users\**********\Desktop\AngeboteABC
[2012.05.31 19:49:50 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.05.31 19:44:11 | 000,000,000 | ---D | C] -- C:\Documentation
[2012.05.31 19:40:58 | 000,000,000 | -HSD | C] -- C:\Users\Optima Plus\Desktop\%USERPROFILE%
[2012.05.31 19:36:43 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Corporation
[2012.05.31 19:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Camera Capture Utility
[2012.05.31 19:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2012.05.31 19:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012.05.31 19:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2012.05.31 19:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2012.05.31 19:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2012.05.31 19:21:02 | 000,014,072 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\vproeventmonitor.sys
[2012.05.31 19:21:01 | 000,037,864 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\v2imount.sys
[2012.05.31 19:21:00 | 000,131,944 | ---- | C] (StorageCraft) -- C:\Windows\System32\drivers\symsnap.sys
[2012.05.31 19:21:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012.05.31 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.05.31 19:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012.05.31 19:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects
[2012.05.31 19:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2012.05.31 19:19:11 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Sony_NSCE
[2012.05.31 19:18:56 | 000,000,000 | ---D | C] -- C:\Users\***********\Desktop\Documents\Eigene Google Gadgets
[2012.05.31 19:18:27 | 000,000,000 | -H-D | C] -- C:\InstantON
[2012.05.31 19:17:05 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\VirtualStore
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\************\Vorlagen
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\AppData\Local\Verlauf
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\AppData\Local\Temporary Internet Files
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**************\Startmenü
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\***********\SendTo
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\***********\Recent
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\Netzwerkumgebung
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\************\Lokale Einstellungen
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\Desktop\Documents\Eigene Videos
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\********+\Desktop\Documents\Eigene Musik
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\************\Eigene Dateien
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\***********\Desktop\Documents\Eigene Bilder
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\************\Druckumgebung
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\Cookies
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\******\AppData\Local\Anwendungsdaten
[2012.05.31 19:16:28 | 000,000,000 | -HSD | C] -- C:\Users\**********\Anwendungsdaten
[2012.05.31 19:16:13 | 000,000,000 | --SD | C] -- C:\Users\*********\AppData\Roaming\Microsoft
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\************\Videos
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*********\Searches
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\**********\Saved Games
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*********\Pictures
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\***********\Music
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*********\Links
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\***********\Favorites
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*********Desktop\Downloads
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\************\Desktop\Documents
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\************\Desktop
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*************\Contacts
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\**************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.05.31 19:16:13 | 000,000,000 | R--D | C] -- C:\Users\*************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.05.31 19:16:13 | 000,000,000 | -H-D | C] -- C:\Users\***********\AppData
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\+***********\AppData\Local\Temp
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Sony Corporation
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\**************\AppData\Local\Seven Zip
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\*************\AppData\Local\Microsoft Help
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\*************\AppData\Local\Microsoft
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\************\AppData\Roaming\Media Center Programs
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\************\AppData\Roaming\Macromedia
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Identities
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Roaming\Google
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\+***********\AppData\Local\Google
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\*************\Desktop\Documents\Bluetooth-Exchange-Ordner
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\**********\Bluetooth Software
[2012.05.31 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\***********\AppData\Local\Adobe
[2012.05.31 19:16:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Video & Photo Suite
[2012.05.31 19:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\VAIO Media Platform
[2012.05.31 19:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media
[2012.05.31 19:00:09 | 000,155,648 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwo.dll
[2012.05.31 19:00:09 | 000,147,456 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIds.dll
[2012.05.31 19:00:09 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\SonyAIwd.dll
[2012.05.31 18:59:11 | 000,135,168 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangRUSony.dll
[2012.05.31 18:59:11 | 000,077,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangJASony.dll
[2012.05.31 18:59:11 | 000,069,632 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangZHSony.dll
[2012.05.31 18:59:10 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangITSony.dll
[2012.05.31 18:59:10 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangFRSony.dll
[2012.05.31 18:59:10 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangESSony.dll
[2012.05.31 18:57:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Iosubsys
[2012.05.31 18:55:29 | 000,770,048 | ---- | C] (Gracenote) -- C:\Windows\System32\CDDBUISony.dll
[2012.05.31 18:55:29 | 000,589,824 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbMusicIDSony.dll
[2012.05.31 18:55:28 | 000,655,360 | ---- | C] (Gracenote, Inc.) -- C:\Windows\System32\CDDBControlSony.dll
[2012.05.31 18:55:28 | 000,098,304 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLangDESony.dll
[2012.05.31 18:55:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SonicStage Mastering Studio
[2012.05.31 18:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012.05.31 18:46:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.05.31 18:41:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.02 00:32:46 | 000,000,000 | ---- | M] () -- C:\Users\**********\defogger_reenable
[2012.06.02 00:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.02 00:15:14 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.02 00:15:14 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.01 22:51:51 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.01 22:51:51 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.01 22:51:51 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.01 22:51:51 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.01 22:18:19 | 000,043,129 | ---- | M] () -- C:\Users\Optima Plus\AppData\Roaming\nvModes.001
[2012.06.01 22:15:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.01 22:14:47 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.01 22:13:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.06.01 21:36:15 | 000,384,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.01 21:30:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.06.01 21:30:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012.06.01 19:20:48 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.06.01 19:20:48 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.06.01 19:20:38 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.06.01 18:13:57 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.06.01 15:29:40 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.01 15:17:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012.06.01 13:05:36 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2012.06.01 13:05:31 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2012.06.01 08:59:35 | 035,848,192 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012.06.01 08:59:35 | 000,327,680 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012.06.01 08:59:35 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012.06.01 08:26:01 | 000,042,369 | ---- | M] () -- C:\Users\Optima Plus\AppData\Roaming\nvModes.dat
[2012.06.01 01:20:59 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2012.06.01 01:20:56 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012.05.31 22:27:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012.05.31 22:26:06 | 000,272,444 | ---- | M] () -- C:\Windows\hpwins20.dat
[2012.05.31 22:20:42 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.05.31 22:20:04 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.05.31 22:05:51 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.31 21:52:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.05.31 21:52:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.05.31 21:51:07 | 000,000,003 | ---- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.05.31 21:49:13 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.31 21:49:13 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.31 21:40:57 | 000,005,120 | ---- | M] () -- C:\Users\Optima Plus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.31 21:05:01 | 000,000,705 | ---- | M] () -- C:\Users\*******\Desktop\Briefpapier - Verknüpfung.lnk
[2012.05.31 21:02:21 | 000,000,703 | ---- | M] () -- C:\Users\*********\Desktop\Outlook - Verknüpfung.lnk
[2012.05.31 20:44:43 | 000,000,841 | ---- | M] () -- C:\Users\***********\Desktop\Call Graph.lnk
[2012.05.31 20:35:16 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.05.31 20:25:50 | 000,000,991 | ---- | M] () -- C:\Users\**********\Desktop\Format Factory.lnk
[2012.05.31 20:15:25 | 000,001,702 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.05.31 20:13:16 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.31 20:12:32 | 000,000,848 | ---- | M] () -- C:\Users\*********\Desktop\DWS Power Inside 6.lnk
[2012.05.31 20:06:55 | 000,000,860 | ---- | M] () -- C:\Users\*********\Desktop\Password Memory 4.lnk
[2012.05.31 20:06:08 | 000,000,104 | ---- | M] () -- C:\Users\*********\Desktop\E-Mail - Verknüpfung.lnk
[2012.05.31 20:03:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.05.31 20:02:35 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2012.05.31 19:57:21 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.05.31 19:43:55 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2012.05.31 19:35:09 | 000,000,016 | ---- | M] () -- C:\Windows\System32\coh.cache
[2012.05.31 19:16:41 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\Sony_VGN-FZ31S.mrk
[2012.05.29 23:55:48 | 000,253,952 | ---- | M] (Flo) -- C:\Users\***********\Desktop\Vista-ShutdownTimer.exe
 
========== Files Created - No Company Name ==========
 
[2012.06.02 00:32:46 | 000,000,000 | ---- | C] () -- C:\Users\********\defogger_reenable
[2012.06.01 22:44:32 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.06.01 21:30:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012.06.01 21:30:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012.06.01 19:20:38 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.06.01 19:02:02 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.01 18:13:57 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012.06.01 15:46:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.06.01 15:46:48 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012.06.01 15:29:40 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.01 15:29:40 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.01 15:26:45 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.06.01 15:26:34 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012.06.01 15:25:53 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012.06.01 15:25:46 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.06.01 15:25:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.06.01 15:25:31 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012.06.01 15:25:14 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012.06.01 15:24:00 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012.06.01 15:23:49 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012.06.01 15:19:41 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012.06.01 15:18:57 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012.06.01 15:17:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012.06.01 15:14:16 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012.06.01 15:14:16 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012.06.01 15:14:16 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012.06.01 12:35:06 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2012.06.01 12:35:01 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2012.06.01 12:34:45 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2012.06.01 10:08:11 | 000,001,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Story.lnk
[2012.06.01 09:52:51 | 000,000,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012.06.01 01:20:59 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012.06.01 01:20:56 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
[2012.06.01 00:06:05 | 035,848,192 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2012.06.01 00:06:05 | 000,327,680 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2012.06.01 00:06:05 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2012.05.31 22:21:36 | 000,000,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.05.31 22:20:42 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.05.31 22:20:04 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.05.31 22:12:46 | 000,272,444 | ---- | C] () -- C:\Windows\hpwins20.dat
[2012.05.31 22:12:46 | 000,001,678 | ---- | C] () -- C:\Windows\hpwmdl20.dat
[2012.05.31 22:05:51 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.31 21:52:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012.05.31 21:52:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012.05.31 21:51:07 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.05.31 21:05:01 | 000,000,705 | ---- | C] () -- C:\Users\********\Desktop\Briefpapier - Verknüpfung.lnk
[2012.05.31 21:04:30 | 000,001,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012.05.31 21:02:21 | 000,000,703 | ---- | C] () -- C:\Users\*********\Desktop\Outlook - Verknüpfung.lnk
[2012.05.31 20:44:43 | 000,000,853 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call Graph.lnk
[2012.05.31 20:44:43 | 000,000,841 | ---- | C] () -- C:\Users\**********\Desktop\Call Graph.lnk
[2012.05.31 20:39:34 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.05.31 20:35:16 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2012.05.31 20:25:50 | 000,000,991 | ---- | C] () -- C:\Users\***********\Desktop\Format Factory.lnk
[2012.05.31 20:15:25 | 000,001,702 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.05.31 20:13:16 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.31 20:12:32 | 000,000,848 | ---- | C] () -- C:\Users\************\Desktop\DWS Power Inside 6.lnk
[2012.05.31 20:06:55 | 000,000,860 | ---- | C] () -- C:\Users\***********\Desktop\Password Memory 4.lnk
[2012.05.31 20:06:08 | 000,000,104 | ---- | C] () -- C:\Users\**********\Desktop\E-Mail - Verknüpfung.lnk
[2012.05.31 20:03:34 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.05.31 20:02:33 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2012.05.31 20:01:25 | 000,009,198 | ---- | C] () -- C:\Users\*****\Desktop\Protokollübersicht.pdf
[2012.05.31 20:01:24 | 000,214,258 | ---- | C] () -- C:\Users\**********Desktop\Muster Erstinfo und Beratungsprotokoll Basis.pdf
[2012.05.31 20:01:24 | 000,208,664 | ---- | C] () -- C:\Users\**********\Desktop\Muster Erstinfo und Beratungsprotokoll Riester.pdf
[2012.05.31 20:01:23 | 000,262,851 | ---- | C] () -- C:\Users\******\Desktop\LVRechner.pdf
[2012.05.31 20:01:22 | 000,183,770 | ---- | C] () -- C:\Users\**********\Desktop\Bewertungsfax.pdf
[2012.05.31 19:57:19 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.31 19:43:55 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012.05.31 19:41:55 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO MusicBox.lnk
[2012.05.31 19:36:27 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2012.05.31 19:35:09 | 000,000,016 | ---- | C] () -- C:\Windows\System32\coh.cache
[2012.05.31 19:20:16 | 000,005,120 | ---- | C] () -- C:\Users\Optima Plus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.31 19:18:27 | 000,000,076 | -H-- | C] () -- C:\kernel.pam
[2012.05.31 19:18:27 | 000,000,017 | -H-- | C] () -- C:\initrd.pam
[2012.05.31 19:16:41 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\Sony_VGN-FZ31S.mrk
[2012.05.31 19:16:26 | 000,002,032 | ---- | C] () -- C:\Users\******\AppData\Local\d3d9caps.dat
[2012.05.31 19:16:14 | 000,043,129 | ---- | C] () -- C:\Users\*********\AppData\Roaming\nvModes.001
[2012.05.31 19:16:14 | 000,042,369 | ---- | C] () -- C:\Users\***********\AppData\Roaming\nvModes.dat
[2012.05.31 19:16:14 | 000,000,949 | ---- | C] () -- C:\Users\**************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.05.31 19:16:14 | 000,000,944 | ---- | C] () -- C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.05.31 19:16:14 | 000,000,915 | ---- | C] () -- C:\Users\*************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012.05.31 19:03:24 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2012.05.31 18:59:28 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2012.05.31 18:41:37 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
 
========== LOP Check ==========
 
[2012.06.01 09:47:57 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Call Graph
[2012.06.01 20:40:21 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\DWS Power Inside
[2012.05.31 20:41:09 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\Keynote
[2012.06.01 15:24:23 | 000,000,000 | ---D | M] -- C:\Users\*************\AppData\Roaming\PC Suite
[2012.05.31 20:39:38 | 000,000,000 | ---D | M] -- C:\Users\***********\AppData\Roaming\pdfforge
[2012.06.01 09:47:09 | 000,000,000 | ---D | M] -- C:\Users\************\AppData\Roaming\Sedna Wireless
[2012.06.01 22:13:21 | 000,014,928 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


3. x86 basierter Rechner

Ich denke mal der Rechner ist sauber. Es geht mir vielmehr um die Dateien.

Vielen Dank.

Ich muß noch etwas hinzufügen. Edit ist zu spät.

Ich habe jetzt die Decrypter probiert und leider geht es nicht.

Ich habe als original eine Datei aus meinem Postfach genommen, die ich mal jemandem gesendet habe (pdf) und dann die beschädigte Datei auf meinem Rechner.

Leider tut sich nichts. Es sagt immer: Datei ist gleich... das kann aber nicht sein. Die eine lässt sich öffnen, die ander nicht...

Amliebsten würde ich die Festplatte ja einschicken. Das sind echt wichtige Daten darauf, die ich wieder brauche....

Geändert von Martin4711 (02.06.2012 um 00:00 Uhr)

Alt 03.06.2012, 14:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Zitat:
Ich habe die Mail noch im web.de Postfach. Soll ich sie jemandem schicken? Wenn ja, wohin?
Hinweise dazu stehen oben deutlich sichtbar! => markusg - trojaner-board.de

Zitat:
Ich habe gar nicht lange gefackelt und habe das System einmal erneuert
Heißt also du hast alles geplättet und Windows neu aufgespielt? Oder ohne format c?
Bitte genauer beschreiben

Hinweise bzgl. der verschlüsselten Dateien:
Wann genau deine Daten entschlüsselt werden können wird dir niemand genau sagen können außer vllt einer es kann sein, dass du eine neuere Variante hast, deren Verschlüsselungsalgorithmus noch unbekannt ist. Sowas kann man (noch) nicht entschlüsseln und ohne Schlüssel schon garnicht - ist ja auch logisch, sonst wär es ja keine vernünftige Verschlüsselung
Einfach hier nochmal reinsehen in regelmäßigen Abständen, obige Hinweise beachten. 8 Tools mitsamt hunderten Diskussionsbeiträgen stehen da schon

Entschlüsselungsversuche der verschlüsselten Dateien sind nur auf zusätzliche Kopien der verschlüsselten Dateien anzuwenden, sonst zerhackt man sich die noch weiter ohne die "original" verschlüsselte Datei mehr zu haben. Das willst du sicher nicht!


Und in Zukunft willst du sicher mal an ein besseres Backupkonzept denken. Hier ein Denkanstoß => http://www.trojaner-board.de/115678-...r-backups.html
__________________

__________________

Alt 03.06.2012, 15:13   #3
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Hallo.

Heißt also du hast alles geplättet und Windows neu aufgespielt? Oder ohne format c?
Bitte genauer beschreiben

Ich habe die Vista Option "C-Laufwerk wiederherstellen" genutzt. Ob da C formatiert wird, weiß ich nicht, denke aber schon.

Email schicke ich...

Kann das nicht wer für mich probieren mit dem entschlüsseln? Vielleicht mach ich auch was falsch...

Würd mich freuen.
__________________

Alt 03.06.2012, 16:35   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Zitat:
Kann das nicht wer für mich probieren mit dem entschlüsseln?
Sry aber wir haben auch so schon genug zu tun
Wie stellst du dir das vor, willst du uns deinen gesamten verschlüsselten privaten Datenbestand schicken und wir probieren dann für dich aus?! Das geht schon aus technischen Gründen nicht wirklich und wir haben hier mit der Logauswertung und Analyse der neuen Verschlüsselungsroutinen eh mehr als genug schon zu tun

Zitat:
Ich habe die Vista Option "C-Laufwerk wiederherstellen" genutzt. Ob da C formatiert wird, weiß ich nicht, denke aber schon.
Toll, und deine ganzen privaten Dateien waren auch auf C?
Ist da noch was von vorhanden, wenn nicht wurde das zuvor gesichert? Wohl eher nicht...
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.06.2012, 16:40   #5
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Schade, ich dachte man könne da was machen... Gegen Spende natürlich

Nix gesichert. Sch..... ich könnt echt heulen.


Alt 03.06.2012, 17:56   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Ja, das ist echt schei*e...
Hast du nichts von deinen privaten Sachen mal gesichert?
Ich hoffe die Virenscannerhersteller reagieren mal und vllt kommt mal so eine Art Backup-Tool da nochmal standardmäßig mit rein. Ist jedenfalls sinnvoller als die zehnte Scanengine gegen Spyware oder so ein Müll wie eine Desktop-Firewall. Überflüssig hoch drei, alles was benötigt wird bringt die Windows-Firewall schon mit. Windows hat auch schon gute Backup-Funktionen, seit Win7 kann man sogar Plattenimages erstellen
__________________
--> Mit Verschlüsselungstrojaner befallen.

Alt 03.06.2012, 18:06   #7
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Tja.

Und nu?

Alt 03.06.2012, 18:15   #8
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Was mir gerade mal so auffällt, meine beschädigten Dateien haben nirgends das Wort "locked" in der Dateibezeichnung...

Ist das dann überhaupt von dem Trojaner? Vielleicht geht deswegen auch der Decrypter nicht.

Als Anhang, was passiert, wenn ich die pdf Dateien öffnen möchte.
Miniaturansicht angehängter Grafiken
-pdf-fehler.jpg  

Alt 03.06.2012, 18:30   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Alles bzgl der Entschlüsselung hab ich schon in Posting #2 erläutert
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.06.2012, 18:35   #10
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Schon klar, aber bin ich, bzw. meine Dateien dann überhaupt davon betroffen, wenn die Dateien nicht "locked" mit drinnen steh haben???

Alt 03.06.2012, 18:54   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Einfach mal da lesen.
Es gibt auch Verschlüsselungsvarianten die KEIN LOCKED in den Dateinamen reinmachen!
Wer keine Backupe vorher gemacht hat muss halt eben abwarten bis es eine Lösung gibt so ist das und nicht anders!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.06.2012, 19:32   #12
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Is ja gut. Ich habs kapiert....

Dann wird es wohl so sein.

Freut Euch über ne gute Spende, wenn´s was wird.

wartende Grüße


Alt 03.06.2012, 20:54   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Tut mir ja wirklich schrecklich leid für dich, aber in so einer Dimension gab es noch keinen Schädling.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.06.2012, 21:47   #14
Martin4711
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Wie, in dieser Dimension?

Ist mein Fall denn so aussergewöhnlich?

Wird es keine Rettung geben?? Ne, oder?

Ich habe die Mails an Euch weiter geschickt.. Kann man damit nichts anfangen?

Alt 04.06.2012, 09:47   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mit Verschlüsselungstrojaner befallen. - Standard

Mit Verschlüsselungstrojaner befallen.



Dimension deswegen weil wir bisher so noch keine Schädlinge hatten, die es so sehr auf die Zerstörung/Verschlüsselung der privaten Daten des Opfers abgesehen hatten. Bisher wollten die meisten Schädlinge einfach die die Resourcen des Opfer-PCs anzapfen, also Rechenpower und v.a. die Internetbandbreite (gut für Botnets, SPAM, ddoS-Attacken usw. ) - ab und zu gab es auch mal Fileinfectoren wie Virut oder Sality - diese waren aber ziemlich selten und haben doch im großen und ganzen die privaten Dateien (Dokumente, Bilder etc.) auf dem PC des armen Betroffenen in Ruhe gelassen

Zitat:
Wird es keine Rettung geben?? Ne, oder?
Wie oft denn noch, ich weiß nicht nicht wann du deine Daten entschlüsseln kannst!
Hinweise hab ich doch schon längst dazu gepostet!

Zitat:
Ich habe die Mails an Euch weiter geschickt.. Kann man damit nichts anfangen?
Ja danke dafür, es wird aber nicht schneller gehen nur dadurch, dass du zig Mal die selbe Frage stellst!
Außerdem hattest du doch formatiert und die verschlüsselten Dateien nicht gesichert oder doch?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Mit Verschlüsselungstrojaner befallen.
32 bit, anhang, antwort, befallen, bild, bräuchte, corp./icp, dateien, daten, document, fertig, geladen, helfer, helft, install.exe, jpg, kunde, kundendaten, lange, mail, nichts, nvstor.sys, officejet, pdf, progressive, richtlinie, schicken, schnell, schöne, searchscopes, suche, verschlüsselungstrojaner, virus, vorgehen, wichtige daten, wlan., zahlen




Ähnliche Themen: Mit Verschlüsselungstrojaner befallen.


  1. Internet befallen...
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (9)
  2. Bin ich befallen?
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (10)
  3. Von Verschlüsselungstrojaner befallen - mit OTL Log
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (3)
  4. Verschlüsselungstrojaner PC XP SP3 das erste mal von einem Trojaner befallen
    Mülltonne - 02.06.2012 (0)
  5. ALH.exe befallen?
    Plagegeister aller Art und deren Bekämpfung - 26.02.2010 (1)
  6. WMIprvse.exe befallen?
    Log-Analyse und Auswertung - 23.08.2009 (20)
  7. von Schädling befallen?
    Log-Analyse und Auswertung - 05.08.2009 (1)
  8. PC von Viren befallen!!!
    Plagegeister aller Art und deren Bekämpfung - 11.07.2009 (4)
  9. TR/Spy.Gen Rechner befallen!
    Log-Analyse und Auswertung - 01.06.2009 (3)
  10. Befallen??
    Mülltonne - 13.11.2008 (0)
  11. Antivirenprogramme befallen?
    Mülltonne - 09.11.2008 (1)
  12. befallen worden
    Mülltonne - 15.10.2008 (0)
  13. Pc ist befallen?!?
    Log-Analyse und Auswertung - 17.09.2008 (4)
  14. Poison Ivy befallen
    Mülltonne - 17.07.2008 (1)
  15. PC befallen was nun ?
    Plagegeister aller Art und deren Bekämpfung - 14.07.2008 (11)
  16. bin ich befallen ???
    Log-Analyse und Auswertung - 25.02.2008 (1)
  17. Hilfe!!! Pc Befallen
    Plagegeister aller Art und deren Bekämpfung - 02.06.2007 (7)

Zum Thema Mit Verschlüsselungstrojaner befallen. - Hallo Helfer und Mitleidige. Wie doof war ich, als ich den Anhang öffnete??? Nun denn. Der Virus war auf dem System. Schnell habe ich noch eine Kopie meiner Dateien gemacht. - Mit Verschlüsselungstrojaner befallen....
Archiv
Du betrachtest: Mit Verschlüsselungstrojaner befallen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.