![]() |
|
Log-Analyse und Auswertung: wisptis.exe doppelt - Ist das System sauber/sicher?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() wisptis.exe doppelt - Ist das System sauber/sicher? Moin! Grund des Topics ist - wie der Titel schon sagt - das mir aufgefallen ist, dass ich die Datei "wisptis.exe" doppelt im Taskmanager habe. Einmal unter meinem Benutzernamen laufend mit Arbeitsspeichergröße von 5.172K und der Beschreibung "Microsoft-Komponente für Stift- und Fingereingabe" sowie einmal ohne Benutzername, Arbeitsspeichergröße von 4.584K und ohne Beschreibung. Möchte ich den letzteren Task beenden, bekomme ich nur die Info dass der Zugriff verweigert wird. Zudem gesellen sich sehr vereinzelt Aktivitäten beim PC die mich doch sehr stuzig machen. --> Beispiel: - Vor ein paar Minuten ein Pop-Up von Outlook ich solle mein Netzwerk-Kennwort eingeben. Pop-Server, Benutzernahme und Kennwort waren schon eingetragen. Ich hatte das Programm jedoch seit mehreren Minuten minimiert im Hintergrund offen und habe nicht damit gearbeitet. - Vereinzelt: Meine Maus und meine Tastatur reagieren urplötzlich nicht mehr. Ich habe zwar eine Funkmaus, aber Batterien und Signal sind nach Überprüfung immer noch voll gewesen. Das Bewegen des Cursors war nur über mein Grafiktablet möglich (hier keine Fehler). Ich habe daraufhin meinen Empfänger für die Maus in eine andere USB-Buchse gesteckt (vorher an einem Verteiler, danach direkt am Tower), der Fehler lies sich dadurch aber nur manchmal beheben, teils auch erst nach ein paar weiteren Minuten. Wie in der Anleitung verlangt hier die Scanlogs: [CODE].DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by *** at 19:46:01 on 2012-04-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8190.5844 [GMT 2:00] . AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Windows\system32\taskeng.exe C:\Windows\DAODx.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Program Files (x86)\FreePDF_XP\fpassist.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Users\me\Desktop\Defogger.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe mRun: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition_Download-Version\TrayServer.exe mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce: [ Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2F42DE9A-E8AC-4B0D-A977-3C99D1491B25} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{B5F7C226-0BDD-4D03-963F-4534A8D4BFE3} : DhcpNameServer = 83.169.186.161 83.169.186.225 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} {72853161-30C5-4D22-B7F9-0BBC1D38A37E} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {DBC80044-A445-435b-BC74-9C25C1C588A9} {E33CF602-D945-461A-83F0-819F76A199F8} mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe mRun-x64: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [(Standard)] mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition_Download-Version\TrayServer.exe mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce-x64: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce-x64: [ Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\k1co1prd.default\ FF - prefs.js: network.proxy.type - 0 FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - component: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru\components\ffvkplugin.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll . ============= SERVICES / DRIVERS =============== . R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-11-2 365336] R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-21 2348352] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360] R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-9 382272] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-1-25 5790064] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-1-25 487280] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?] R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-7 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 253600] S3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\system32\DRIVERS\BthAvrcp.sys --> C:\Windows\system32\DRIVERS\BthAvrcp.sys [?] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800] S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-7 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?] S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe --> C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [?] . =============== Created Last 30 ================ . 2012-04-13 17:12:50 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{076ADE0B-B2DD-4E16-992E-46A1EE2F6089}\offreg.dll 2012-04-13 15:20:49 -------- d-----w- C:\Users\***\AppData\Roaming\Malwarebytes 2012-04-13 15:20:44 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-13 15:20:43 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-13 15:20:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-13 15:04:57 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{076ADE0B-B2DD-4E16-992E-46A1EE2F6089}\mpengine.dll 2012-04-11 17:34:50 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-11 17:34:50 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-11 17:34:49 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-11 17:32:56 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-11 17:32:56 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-11 17:32:56 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-11 17:32:55 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-11 17:32:55 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-11 17:32:55 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-11 17:32:55 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-10 22:16:20 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-10 21:58:21 -------- d-----w- C:\Users\***\AppData\Local\Secunia PSI 2012-04-10 21:58:06 -------- d-----w- C:\Program Files (x86)\Secunia 2012-04-04 05:53:56 182160 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2012-03-31 19:43:04 -------- d-----w- C:\Program Files (x86)\24h Fotoservice Weckbrodt SilverX 2012-03-31 19:35:38 -------- d-----w- C:\Program Files (x86)\SaalDesignSoftware 2012-03-29 17:34:04 -------- d-----w- C:\Program Files\iTunes 2012-03-29 17:34:04 -------- d-----w- C:\Program Files\iPod . ==================== Find3M ==================== . 2012-04-10 22:16:20 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-20 19:04:49 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-23 07:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-15 10:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-02-15 10:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-10 03:14:04 6074176 ----a-w- C:\Windows\System32\nvcpl.dll 2012-02-10 03:14:01 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-02-10 03:07:03 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-02-10 03:07:00 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-02-10 03:07:00 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-02-10 03:07:00 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-02-10 03:05:59 2497985 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-02-09 19:05:44 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-02-07 09:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-01-25 06:38:39 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-01-25 06:38:38 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-01-25 06:33:30 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-01-18 14:56:08 19936 ------w- C:\Windows\System32\pwdrvio.sys 2012-01-18 14:56:06 13280 ------w- C:\Windows\System32\pwdspio.sys 2012-01-18 14:56:02 1013320 ----a-w- C:\Windows\System32\pwNative.exe 2012-01-17 12:46:01 31040 ----a-w- C:\Windows\System32\nvhdap64.dll 2012-01-17 12:45:56 188224 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2012-01-17 12:45:55 1451840 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll . ============= FINISH: 19:46:33,61 =============== und Attach: Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 21.01.2011 01:26:18 System Uptime: 13.04.2012 19:23:17 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | M4A87TD EVO Processor: AMD Phenom(tm) II X6 1055T Processor | AM3 | 2800/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 371,559 GiB free. D: is FIXED (NTFS) - 466 GiB total, 15,303 GiB free. E: is FIXED (NTFS) - 466 GiB total, 315,472 GiB free. F: is CDROM () G: is CDROM () H: is FIXED (NTFS) - 847 GiB total, 673,886 GiB free. I: is Removable J: is Removable K: is Removable L: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP225: 30.03.2012 18:12:39 - Windows Update RP226: 01.04.2012 19:00:20 - Windows-Sicherung RP227: 03.04.2012 18:06:25 - Windows Update RP228: 09.04.2012 14:50:18 - Windows Update RP229: 09.04.2012 14:56:14 - Windows-Sicherung RP230: 11.04.2012 00:11:57 - Windows Update RP231: 11.04.2012 19:32:35 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 24h-Fotoservice 24h Fotoservice Weckbrodt Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Community Help Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe Media Player Adobe PDF Library Files Adobe Photoshop CS3 Adobe Photoshop CS5 Adobe Reader X (10.1.3) - Deutsch Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 aioscnnr Apple Application Support Apple Software Update C4USelfUpdater Canon Utilities Digital Photo Professional 3.9 Canon Utilities EOS Utility Canon Utilities WFT Utility CDex extraction audio center essentials FileZilla Client 3.5.0 Filters Unlimited 2.0.3 Firebird SQL Server - MAGIX Edition Free Studio version 5.2.1 FreePDF (Remove only) Google Earth Google Update Helper GPL Ghostscript 9.01 HP Officejet 6500 E710a-f Hilfe HP Update I.R.I.S. OCR IrfanView (remove only) Java Auto Updater Java(TM) 6 Update 31 JDownloader 0.9 Kaspersky Anti-Virus 2011 KODAK All-in-One Software ksDIP MAGIX Screenshare MAGIX Speed burnR (MSI) MAGIX Video deluxe 17 Plus Sonderedition Download-Version Malwarebytes Anti-Malware Version 1.61.0.1400 Marketsplash Schnellzugriffe McAfee Security Scan Plus Mein CEWE FOTOBUCH Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (German) 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MiniTool Partition Wizard Home Edition 7.1 mIRC Mozilla Firefox 11.0 (x86 de) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Neat Image v6.0 Pro+ Nero Suite NVIDIA 3D Vision Controller Driver NVIDIA PhysX NVIDIA Stereoscopic 3D Driver ocr OpenOffice.org 3.3 PC Inspector File Recovery PDF Settings PDF Settings CS5 Platform PreReq Renesas Electronics USB 3.0 Host Controller Driver Saal Design Software Secunia PSI (2.0.0.4003) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition UltraVnc Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition VIA Plattform-Geräte-Manager VLC media player 2.0.1 WebTablet IE Plugin WebTablet Netscape Plugin Winamp Winamp Erkennungs-Plug-in . ==== End Of File =========================== Vielleicht noch zur Info: Ich bin eigentlich nie mit dem Administratorprofil drin, aktuell auch nicht. Und: Die ausgegebenen Logs des DDS konnte ich zwar über Datei -> Speichern unter speichern, aber finden konnte ich diese Dateien anschließend nicht mehr (obwohl auf dem Desktop gespeichert). Konnte sie nur sichern indem ich den Inhalt in den Editor kopiere, das fand ich doch ein wenig merkwürdig. (zumal die Dateien im "Speichern unter" Fenster schon sichtbar waren, faktisch aber nicht existierten.) Danke schonmal vorab! ![]() Geändert von Ska (13.04.2012 um 20:08 Uhr) Grund: [quote] mit [code] getauscht - ist übersichtlicher ;) |
Themen zu wisptis.exe doppelt - Ist das System sauber/sicher? |
acrobat update, bonjour, computer, converter, defender, desktop, fehler, firefox, flash player, google, google earth, home, kaspersky, maus, mozilla, mp3, nvidia update, office 2007, officejet, plug-in, programm, realtek, rundll, secunia psi, security, security scan, software, speichern unter, svchost.exe, system, taskmanager, tastatur, tower, usb 3.0, windows, windows 7 home, wisptis.exe doppelt, zugriff verweigert |