>> Backdoor.Bot, Trojan.Bitminer <<

mjoe · 06.03.2013, 16:32

Perfekt

Dann bedanke ich mich recht herzlich für die schnelle Hilfe und die somit verwendete Freizeit. Auch danke für die Tipps jetzt noch.

Ich denke es sollte wieder alles passen und gefunden wurde nichts mehr, was mich natürlich sehr freut. Programme können jetzt alle wieder weg oder sind manche auch so noch hilfreich?

cosinus · 06.03.2013, 16:35

Dann wären wir durch!

Die Programme, die hier zum Einsatz kamen, können alle wieder runter.

Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen

Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.

Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update

PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.

Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

mjoe · 06.03.2013, 16:54

So zu früh gefreut -.- Habe gerade einen Neustart durchgeführt und Malwarbytes hat mir kurze Zeit später einen Bedrohung angezeigt ...

Kurze Zwischenfrage noch, soll ich sofort erst Mal alle Updates prüfen?

Ich hätte hier die Log in der der Name zu sehen wäre, im Quickscan wurde nichts gefunden.

Könntest du mir bitte doch noch einmal helfen? Ich wäre dir sehr dankbar.!

Code:

ATTFilter

2013/03/06 09:43:08 +0100	JO-VAIO	JO	MESSAGE	Executing scheduled update:  Daily
2013/03/06 09:43:09 +0100	JO-VAIO	JO	ERROR	Scheduled update failed:  No address found failed with error code 0
2013/03/06 09:43:09 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 09:43:09 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 09:43:09 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 09:43:14 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 10:14:29 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49339, Process: opera.exe)
2013/03/06 10:14:29 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49342, Process: opera.exe)
2013/03/06 10:14:29 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49429, Process: opera.exe)
2013/03/06 10:14:37 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49566, Process: opera.exe)
2013/03/06 10:14:37 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49706, Process: opera.exe)
2013/03/06 10:14:37 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49707, Process: opera.exe)
2013/03/06 10:14:37 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49743, Process: opera.exe)
2013/03/06 10:14:37 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49744, Process: opera.exe)
2013/03/06 10:14:45 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49855, Process: opera.exe)
2013/03/06 10:14:45 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49963, Process: opera.exe)
2013/03/06 10:14:53 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 50062, Process: opera.exe)
2013/03/06 10:23:32 +0100	JO-VAIO	JO	MESSAGE	Starting database refresh
2013/03/06 10:23:32 +0100	JO-VAIO	JO	MESSAGE	Stopping IP protection
2013/03/06 10:23:33 +0100	JO-VAIO	JO	MESSAGE	IP Protection stopped successfully
2013/03/06 10:23:41 +0100	JO-VAIO	JO	MESSAGE	Database refreshed successfully
2013/03/06 10:23:41 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 10:23:45 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 11:02:07 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 51761, Process: opera.exe)
2013/03/06 11:02:07 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 51762, Process: opera.exe)
2013/03/06 11:02:07 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 51909, Process: opera.exe)
2013/03/06 11:02:07 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 51910, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52072, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52309, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52310, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52311, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52312, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52313, Process: opera.exe)
2013/03/06 11:02:15 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 52314, Process: opera.exe)
2013/03/06 11:04:08 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 11:04:08 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 11:04:08 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 11:04:12 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 11:46:32 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 11:46:33 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 11:46:33 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 11:46:38 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 11:48:50 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49292, Process: opera.exe)
2013/03/06 11:48:50 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49431, Process: opera.exe)
2013/03/06 11:48:50 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49432, Process: opera.exe)
2013/03/06 11:48:58 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49504, Process: opera.exe)
2013/03/06 11:48:58 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49587, Process: opera.exe)
2013/03/06 11:54:00 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 11:54:00 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 11:54:00 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 11:54:05 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 11:55:28 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49357, Process: opera.exe)
2013/03/06 11:55:28 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49497, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49529, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49530, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49634, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49635, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49636, Process: opera.exe)
2013/03/06 11:55:36 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49637, Process: opera.exe)
2013/03/06 11:55:45 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 49842, Process: opera.exe)
2013/03/06 12:08:47 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 50369, Process: opera.exe)
2013/03/06 12:08:47 +0100	JO-VAIO	JO	IP-BLOCK	93.115.241.27 (Type: outgoing, Port: 50370, Process: opera.exe)
2013/03/06 12:57:43 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 12:57:43 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 12:57:43 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 12:57:48 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 14:03:50 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 14:03:50 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 14:03:50 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 14:03:56 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 14:24:46 +0100	JO-VAIO	JO	MESSAGE	Starting database refresh
2013/03/06 14:24:46 +0100	JO-VAIO	JO	MESSAGE	Stopping IP protection
2013/03/06 14:24:46 +0100	JO-VAIO	JO	MESSAGE	IP Protection stopped successfully
2013/03/06 14:24:48 +0100	JO-VAIO	JO	MESSAGE	Database refreshed successfully
2013/03/06 14:24:48 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 14:24:52 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 16:34:57 +0100	JO-VAIO	JO	MESSAGE	Starting protection
2013/03/06 16:34:57 +0100	JO-VAIO	JO	MESSAGE	Protection started successfully
2013/03/06 16:34:57 +0100	JO-VAIO	JO	MESSAGE	Starting IP protection
2013/03/06 16:35:03 +0100	JO-VAIO	JO	MESSAGE	IP Protection started successfully
2013/03/06 16:36:30 +0100	JO-VAIO	JO	DETECTION	C:\Users\JO\AppData\Local\Temp\H4PUFHSK.exe	Trojan.Ransom	QUARANTINE

und hier das Quickscan Ergebnis:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.03.06.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
JO :: JO-VAIO [Administrator]

Schutz: Aktiviert

06.03.2013 16:39:30
mbam-log-2013-03-06 (16-39-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212618
Laufzeit: 4 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 06.03.2013, 16:55

Scan mit DDS (+ attach)

Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.

dds.com | dds.scr | dds.pif
Schließe alle laufenden Programme und starte DDS mit Doppelklick.

Der Desktop wird verschwinden, das ist normal.

Stelle folgendes ein:

[X] dds.txt
[X] attach.txt
[ ] options for dds.txt

Ändere keine Einstellung ohne Anweisung.

Klicke auf Start.

Es werden 2 Logfiles auf deinem Desktop erstellt.
dds.txt

attach.txt

Poste die beiden Logfile hier, möglichst in CODE-Tags.

mjoe · 06.03.2013, 17:06

DDS Logfile:

Code:

ATTFilter

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16464
Run by JO at 17:01:47 on 2013-03-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.6125.4544 [GMT 1:00]
.
AV: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee  Anti-Virus und Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130306154621.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe                                                                                                                                                                                                                     
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - C:\Users\JO\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{41BDDC60-743D-4545-A241-2512A1326679} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{6444FE3B-C153-497B-99A2-D0377A7DCD3B} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{6444FE3B-C153-497B-99A2-D0377A7DCD3B}\34F4E44594E455944595 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6444FE3B-C153-497B-99A2-D0377A7DCD3B}\75C414E4D2739313441383 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{6444FE3B-C153-497B-99A2-D0377A7DCD3B}\75C414E4D2839323831353 : DHCPNameServer = 192.168.2.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realtrimmer.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - 
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20130306154621.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realtrimmer.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-10-13 339776]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-29 55856]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-29 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-5 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-5 682344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-5-29 241016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-5-29 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-5-29 182312]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2011-5-29 14112]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2011-3-8 102400]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsnxc64.sys [2011-3-7 98816]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-5-29 259192]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-1-28 2402080]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-5-29 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-29 2656280]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-5-29 550080]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2011-5-29 19968]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-4-29 29344]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-10-13 69672]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-5 24176]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-10-13 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-10-13 515528]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-8 413800]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-4-29 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-4-29 51872]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-4-29 259232]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-4-29 109216]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-4-29 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-4-29 59040]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-4-29 283296]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-4-29 288416]
S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-1-13 104096]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-23 196440]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-5-29 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-10-13 106112]
S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-2-18 652016]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-4-29 146592]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-4-29 91296]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-6-16 378472]
S4 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-11 2923392]
.
=============== Created Last 30 ================
.
2013-03-06 12:50:37	--------	d-----w-	C:\Windows\ERUNT
2013-03-06 12:50:32	--------	d-----w-	C:\JRT
2013-03-06 11:31:31	98816	----a-w-	C:\Windows\sed.exe
2013-03-06 11:31:31	256000	----a-w-	C:\Windows\PEV.exe
2013-03-06 11:31:31	208896	----a-w-	C:\Windows\MBR.exe
2013-03-05 20:32:58	35104	----a-w-	C:\Windows\System32\TURegOpt.exe
2013-03-05 20:32:57	26400	----a-w-	C:\Windows\System32\authuitu.dll
2013-03-05 20:32:57	21792	----a-w-	C:\Windows\SysWow64\authuitu.dll
2013-03-05 20:32:35	--------	d-----w-	C:\Users\JO\AppData\Roaming\TuneUp Software
2013-03-05 20:32:24	--------	d-----w-	C:\Program Files (x86)\TuneUp Utilities 2013
2013-03-05 20:31:55	--------	d-----w-	C:\ProgramData\TuneUp Software
2013-03-05 20:31:26	--------	d-sh--w-	C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-05 20:31:26	--------	d--h--w-	C:\ProgramData\Common Files
2013-03-05 11:11:31	--------	d-----w-	C:\Users\JO\AppData\Roaming\Malwarebytes
2013-03-05 11:11:14	--------	d-----w-	C:\ProgramData\Malwarebytes
2013-03-05 11:11:06	24176	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-03-05 11:11:06	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-04 21:14:15	--------	d-----w-	C:\ProgramData\SecTaskMan
2013-02-26 17:11:29	--------	d-----w-	C:\Users\JO\AppData\Roaming\torrent
2013-02-20 14:29:06	--------	d-----w-	C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-20 14:26:27	--------	d-----w-	C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-20 14:25:53	--------	d-----w-	C:\Program Files (x86)\Microsoft Analysis Services
2013-02-13 23:21:11	996352	----a-w-	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 23:21:11	768000	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 18:54:54	5553512	----a-w-	C:\Windows\System32\ntoskrnl.exe
2013-02-13 18:54:54	3967848	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 18:54:54	3913064	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 18:54:44	3153408	----a-w-	C:\Windows\System32\win32k.sys
2013-02-13 18:54:41	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2013-02-13 18:54:41	215040	----a-w-	C:\Windows\System32\winsrv.dll
2013-02-13 18:54:41	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 18:54:40	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2013-02-13 18:54:40	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2013-02-13 18:54:38	2048	----a-w-	C:\Windows\SysWow64\user.exe
2013-02-13 18:54:25	288088	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 18:54:25	1913192	----a-w-	C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M  ====================
.
2013-02-27 21:16:48	71024	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 21:16:48	691568	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-13 21:17:03	9728	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02	2560	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42	10752	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21	4096	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08	5632	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07	5632	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31	9728	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31	2560	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18	10752	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07	3584	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48	4096	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41	5632	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40	5632	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40	3072	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40	3072	---ha-w-	C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00	1247744	----a-w-	C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22	1988096	----a-w-	C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31	293376	----a-w-	C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00	249856	----a-w-	C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43	220160	----a-w-	C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35	1504768	----a-w-	C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04	1643520	----a-w-	C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28	1175552	----a-w-	C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01	604160	----a-w-	C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58	207872	----a-w-	C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14	187392	----a-w-	C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30	2565120	----a-w-	C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17	363008	----a-w-	C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47	161792	----a-w-	C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25	1080832	----a-w-	C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21	1230336	----a-w-	C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39	333312	----a-w-	C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32	1887232	----a-w-	C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21	296960	----a-w-	C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57	3419136	----a-w-	C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04	245248	----a-w-	C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33	648192	----a-w-	C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30	221184	----a-w-	C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42	194560	----a-w-	C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04	1238528	----a-w-	C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40	1424384	----a-w-	C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36	3928064	----a-w-	C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06	417792	----a-w-	C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58	364544	----a-w-	C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43	465920	----a-w-	C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52	522752	----a-w-	C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42	1158144	----a-w-	C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09	1682432	----a-w-	C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09	2312704	----a-w-	C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03	1392128	----a-w-	C:\Windows\System32\wininet.dll
2013-01-09 01:11:06	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47	599040	----a-w-	C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2013-01-04 06:11:21	2284544	----a-w-	C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13	2776576	----a-w-	C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2012-12-26 08:55:26	69672	----a-w-	C:\Windows\System32\drivers\cfwids.sys
2012-12-26 08:52:44	339776	----a-w-	C:\Windows\System32\drivers\mfewfpk.sys
2012-12-26 08:52:34	182312	----a-w-	C:\Windows\System32\mfevtps.exe
2012-12-26 08:51:34	10288	----a-w-	C:\Windows\System32\drivers\mfeclnk.sys
2012-12-26 08:51:24	106112	----a-w-	C:\Windows\System32\drivers\mferkdet.sys
2012-12-26 08:50:48	771096	----a-w-	C:\Windows\System32\drivers\mfehidk.sys
2012-12-26 08:49:42	515528	----a-w-	C:\Windows\System32\drivers\mfefirek.sys
2012-12-26 08:49:00	309400	----a-w-	C:\Windows\System32\drivers\mfeavfk.sys
2012-12-26 08:48:30	178840	----a-w-	C:\Windows\System32\drivers\mfeapfk.sys
2012-12-16 17:11:22	46080	----a-w-	C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03	367616	----a-w-	C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28	295424	----a-w-	C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20	34304	----a-w-	C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16	441856	----a-w-	C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31	2746368	----a-w-	C:\Windows\System32\gameux.dll
2012-12-07 12:26:17	308736	----a-w-	C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43	2576384	----a-w-	C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04	30720	----a-w-	C:\Windows\System32\usk.rs
2012-12-07 11:20:03	43520	----a-w-	C:\Windows\System32\csrr.rs
2012-12-07 11:20:03	23552	----a-w-	C:\Windows\System32\oflc.rs
2012-12-07 11:20:01	45568	----a-w-	C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01	44544	----a-w-	C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01	20480	----a-w-	C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00	20480	----a-w-	C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59	20480	----a-w-	C:\Windows\System32\pegi.rs
2012-12-07 11:19:58	46592	----a-w-	C:\Windows\System32\fpb.rs
2012-12-07 11:19:57	40960	----a-w-	C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57	21504	----a-w-	C:\Windows\System32\grb.rs
2012-12-07 11:19:57	15360	----a-w-	C:\Windows\System32\djctq.rs
2012-12-07 11:19:56	55296	----a-w-	C:\Windows\System32\cero.rs
2012-12-07 11:19:55	51712	----a-w-	C:\Windows\System32\esrb.rs
.
============= FINISH: 17:02:49,39 ===============

--- --- ---

Code:

ATTFilter

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 03.10.2011 13:30:06
System Uptime: 06.03.2013 16:33:52 (1 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | N/A | 2001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 579 GiB total, 466,2 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP116: 20.02.2013 15:24:47 - Installed Microsoft Office Professional Plus 2010
RP117: 20.02.2013 15:33:35 - Microsoft PowerPoint Viewer wird entfernt
RP118: 20.02.2013 23:38:38 - Windows Update
RP119: 22.02.2013 08:30:56 - Windows Update
RP120: 23.02.2013 00:36:09 - Windows Update
RP121: 27.02.2013 22:34:30 - Windows Update
RP122: 05.03.2013 21:32:00 - TuneUp Utilities 2013 wird installiert
RP123: 06.03.2013 11:01:01 - Malwarebytes Anti-Rootkit Restore Point
.
==== Image File Execution Options =============
.
IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: realtrimmer.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO: rnxproc.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: realtrimmer.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-IFEO: rnxproc.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
.
==== Installed Programs ======================
.
????? Windows Live
?????? Windows Live
??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ??????????
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
???????????? Windows Live
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 9
Adobe Premiere Elements 9
Adobe Reader X (10.1.5) MUI
Apple Application Support
Apple Mobile Device Support
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 4
Atheros WiFi Driver Installation
Bluetooth Win7 Suite (64)
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Corel WinDVD
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
Elements 9 Organizer
Elements STI Installer
Facebook Video Calling 1.2.0.287
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Free YouTube to MP3 Converter version 3.11.37.1212
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
ImgBurn
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 22 (64-bit)
Junk Mail filter update
Malwarebytes Anti-Malware Version 1.70.0.1100
McAfee Internet Security
Media Gallery
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office Klick-und-Los 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Starter 2010 - Deutsch
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
NVIDIA 3D Vision Treiber 268.93
NVIDIA 3D Vision Video Player
NVIDIA Grafiktreiber 268.93
NVIDIA HD-Audiotreiber 1.2.22.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 268.93
Opera 12.14
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Qualcomm Atheros Direct Connect
Quick Web Access
Raccolta foto di Windows Live
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Remote Keyboard
Remote Play with PlayStation 3
Renesas Electronics USB 3.0 Host Controller Driver
S?????? f?t???af??? t?? Windows Live
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shared C Run-time for x64
Skype™ 6.1
SmartSound Quicktracks for Premiere Elements 9.0
Sony Corporation
SSLx64
SSLx86
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Synaptics Pointing Device Driver
TeamViewer 7
TuneUp Utilities 2013
TuneUp Utilities Language Pack (de-DE)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
V3DPX86
VAIO-Handbuch
VAIO-Support für Übertragungen
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote-Tastatur 
VAIO - Remote Play mit PlayStation®3
VAIO 3D Portal
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Event Service
VAIO F Series - Summer 2011 Screensaver
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Improvement
VAIO Improvement Validation
VAIO Sample Contents
VAIO Smart Network
VAIO Update
VCCx86
VESx64
VESx86
VGClientX64
VGClientX86
VIx64
VIx86
VPMx64
VSNx64
VSNx86
VU5x64
VU5x86
VWSTx86
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX control for remote connections
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
.
==== End Of File ===========================

cosinus · 06.03.2013, 22:22

Auch das Log ist unauffällig
Hast du das Problem nur mit dem Opera-Browser?
Wird immer noch etwas in TEMP gefunden von Malwarebytes?

06.03.2013, 22:22	#21
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	>> Backdoor.Bot, Trojan.Bitminer << Auch das Log ist unauffällig Hast du das Problem nur mit dem Opera-Browser? Wird immer noch etwas in TEMP gefunden von Malwarebytes? __________________ --> >> Backdoor.Bot, Trojan.Bitminer <<

>> Backdoor.Bot, Trojan.Bitminer <<

Log-Analyse und Auswertung: >> Backdoor.Bot, Trojan.Bitminer <<