WMI hat ein Problem festgestellt und muss beendet werden

markusg · 28.05.2013, 21:30

Den Intensivtest würd ich evtl. schon vorher anstellen, kann nämlich n paar Stunden dauern, aber das nur mal als Hinweis

Tomekk83 · 29.05.2013, 05:52

Kann das Programm nicht starten. Es erscheint die Meldung das SeaTools einen Fehler festgestellt hat und beendet werden muss...

markusg · 29.05.2013, 10:41

genaue Fehlermeldung?

Tomekk83 · 29.05.2013, 14:06

SeaTools hat einen Fehler festgestellt und muss beendet werden... Mehr steht da nicht. Und den kompletten Fehlerbericht kann ich nicht kopieren

markusg · 29.05.2013, 16:08

ok wir schaun erst mal weiter nach schadsoftware.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Tomekk83 · 29.05.2013, 17:35

Das ist das Ergebnis:

Code:

ATTFilter

18:32:41.0765 2184  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:32:42.0046 2184  ============================================================
18:32:42.0046 2184  Current date / time: 2013/05/29 18:32:42.0046
18:32:42.0046 2184  SystemInfo:
18:32:42.0046 2184  
18:32:42.0046 2184  OS Version: 5.1.2600 ServicePack: 3.0
18:32:42.0046 2184  Product type: Workstation
18:32:42.0046 2184  ComputerName: THOMAS-F2863FA5
18:32:42.0046 2184  UserName: Thomas
18:32:42.0046 2184  Windows directory: C:\WINDOWS
18:32:42.0046 2184  System windows directory: C:\WINDOWS
18:32:42.0046 2184  Processor architecture: Intel x86
18:32:42.0046 2184  Number of processors: 1
18:32:42.0046 2184  Page size: 0x1000
18:32:42.0046 2184  Boot type: Normal boot
18:32:42.0046 2184  ============================================================
18:32:42.0328 2184  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
18:32:42.0343 2184  ============================================================
18:32:42.0343 2184  \Device\Harddisk0\DR0:
18:32:42.0343 2184  MBR partitions:
18:32:42.0343 2184  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E849D80
18:32:42.0343 2184  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E849DBF, BlocksNum 0x1E845EFE
18:32:42.0359 2184  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3D08FCFC, BlocksNum 0x37671E04
18:32:42.0359 2184  ============================================================
18:32:42.0375 2184  D: <-> \Device\Harddisk0\DR0\Partition3
18:32:42.0406 2184  E: <-> \Device\Harddisk0\DR0\Partition2
18:32:42.0437 2184  C: <-> \Device\Harddisk0\DR0\Partition1
18:32:42.0437 2184  ============================================================
18:32:42.0437 2184  Initialize success
18:32:42.0437 2184  ============================================================
18:33:03.0421 2816  ============================================================
18:33:03.0421 2816  Scan started
18:33:03.0421 2816  Mode: Manual; SigCheck; TDLFS; 
18:33:03.0421 2816  ============================================================
18:33:03.0531 2816  ================ Scan system memory ========================
18:33:03.0531 2816  System memory - ok
18:33:03.0531 2816  ================ Scan services =============================
18:33:04.0500 2816  Abiosdsk - ok
18:33:04.0500 2816  abp480n5 - ok
18:33:04.0531 2816  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:33:05.0015 2816  ACPI - ok
18:33:05.0031 2816  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:33:05.0171 2816  ACPIEC - ok
18:33:05.0218 2816  [ AED478153EF2987B8F85574AED710519 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:05.0250 2816  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
18:33:05.0250 2816  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
18:33:05.0250 2816  adpu160m - ok
18:33:05.0296 2816  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:33:05.0421 2816  aec - ok
18:33:05.0437 2816  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:33:05.0468 2816  AFD ( UnsignedFile.Multi.Generic ) - warning
18:33:05.0468 2816  AFD - detected UnsignedFile.Multi.Generic (1)
18:33:05.0468 2816  Aha154x - ok
18:33:05.0468 2816  aic78u2 - ok
18:33:05.0484 2816  aic78xx - ok
18:33:05.0500 2816  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:33:05.0609 2816  Alerter - ok
18:33:05.0640 2816  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
18:33:05.0687 2816  ALG - ok
18:33:05.0687 2816  AliIde - ok
18:33:05.0703 2816  amsint - ok
18:33:05.0718 2816  [ 05676A56207CA37F3E76FAB3CEB97BD7 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
18:33:05.0750 2816  AntiVirMailService - ok
18:33:05.0781 2816  [ 90C69DF5FB36F8B74109583652575BD3 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
18:33:05.0812 2816  AntiVirSchedulerService - ok
18:33:05.0828 2816  [ B6F85597831F63C27FD278F4E05C3020 ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
18:33:05.0843 2816  AntiVirService - ok
18:33:05.0875 2816  [ 3370240F20C2AA5E17CD73F065D02FC1 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:33:05.0906 2816  AntiVirWebService - ok
18:33:05.0906 2816  AppMgmt - ok
18:33:05.0906 2816  asc - ok
18:33:05.0921 2816  asc3350p - ok
18:33:05.0921 2816  asc3550 - ok
18:33:05.0953 2816  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:33:05.0984 2816  aspnet_state - ok
18:33:06.0000 2816  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:33:06.0109 2816  AsyncMac - ok
18:33:06.0156 2816  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:33:06.0265 2816  atapi - ok
18:33:06.0296 2816  Atdisk - ok
18:33:06.0328 2816  [ B359821835CB8A00F48AEDBF40A50C19 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:33:06.0406 2816  Ati HotKey Poller - ok
18:33:06.0500 2816  [ 64145BE51638A9BBC4A2BFB7A189B980 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:33:06.0656 2816  ati2mtag - ok
18:33:06.0671 2816  [ 924971A182E07463765EF9FA8876F24F ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
18:33:06.0718 2816  AtiHDAudioService - ok
18:33:06.0718 2816  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:33:06.0828 2816  Atmarpc - ok
18:33:06.0843 2816  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:33:06.0968 2816  AudioSrv - ok
18:33:07.0000 2816  [ BB688F8F568F049C1AD241544405ADFD ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:33:07.0000 2816  audstub ( UnsignedFile.Multi.Generic ) - warning
18:33:07.0000 2816  audstub - detected UnsignedFile.Multi.Generic (1)
18:33:07.0015 2816  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:33:07.0046 2816  avgntflt - ok
18:33:07.0062 2816  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:33:07.0078 2816  avipbb - ok
18:33:07.0093 2816  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:33:07.0109 2816  avkmgr - ok
18:33:07.0140 2816  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:33:07.0250 2816  Beep - ok
18:33:07.0265 2816  [ C8DC5119FAF427894D83D6324ABA874A ] BITS            C:\WINDOWS\system32\qmgr.dll
18:33:07.0296 2816  BITS ( UnsignedFile.Multi.Generic ) - warning
18:33:07.0296 2816  BITS - detected UnsignedFile.Multi.Generic (1)
18:33:07.0328 2816  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
18:33:07.0375 2816  Browser ( UnsignedFile.Multi.Generic ) - warning
18:33:07.0375 2816  Browser - detected UnsignedFile.Multi.Generic (1)
18:33:07.0406 2816  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:33:07.0500 2816  cbidf2k - ok
18:33:07.0515 2816  cd20xrnt - ok
18:33:07.0531 2816  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:33:07.0640 2816  Cdaudio - ok
18:33:07.0640 2816  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:33:07.0890 2816  Cdfs - ok
18:33:07.0906 2816  [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:33:07.0937 2816  Cdrom ( UnsignedFile.Multi.Generic ) - warning
18:33:07.0937 2816  Cdrom - detected UnsignedFile.Multi.Generic (1)
18:33:07.0953 2816  Changer - ok
18:33:07.0953 2816  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:33:08.0093 2816  CiSvc - ok
18:33:08.0109 2816  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:33:08.0250 2816  ClipSrv - ok
18:33:08.0265 2816  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:08.0312 2816  clr_optimization_v2.0.50727_32 - ok
18:33:08.0328 2816  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:33:08.0390 2816  clr_optimization_v4.0.30319_32 - ok
18:33:08.0390 2816  CmdIde - ok
18:33:08.0406 2816  COMSysApp - ok
18:33:08.0406 2816  Cpqarray - ok
18:33:08.0437 2816  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:33:08.0578 2816  CryptSvc - ok
18:33:08.0578 2816  dac2w2k - ok
18:33:08.0578 2816  dac960nt - ok
18:33:08.0609 2816  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:33:08.0640 2816  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
18:33:08.0640 2816  DcomLaunch - detected UnsignedFile.Multi.Generic (1)
18:33:08.0656 2816  [ 7F19DBA1A467B838CCB23124A2C55568 ] DgiVecp         C:\WINDOWS\system32\Drivers\DgiVecp.sys
18:33:08.0656 2816  DgiVecp ( UnsignedFile.Multi.Generic ) - warning
18:33:08.0656 2816  DgiVecp - detected UnsignedFile.Multi.Generic (1)
18:33:08.0687 2816  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:33:08.0828 2816  Dhcp - ok
18:33:08.0843 2816  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:33:08.0984 2816  Disk - ok
18:33:09.0000 2816  dmadmin - ok
18:33:09.0015 2816  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:33:09.0171 2816  dmboot - ok
18:33:09.0171 2816  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:33:09.0296 2816  dmio - ok
18:33:09.0312 2816  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:33:09.0437 2816  dmload - ok
18:33:09.0437 2816  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:33:09.0593 2816  dmserver - ok
18:33:09.0609 2816  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:33:09.0765 2816  DMusic - ok
18:33:09.0796 2816  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:33:09.0812 2816  Dnscache ( UnsignedFile.Multi.Generic ) - warning
18:33:09.0812 2816  Dnscache - detected UnsignedFile.Multi.Generic (1)
18:33:09.0828 2816  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:33:09.0953 2816  Dot3svc - ok
18:33:09.0953 2816  dpti2o - ok
18:33:09.0984 2816  [ 0071F8825D14B16955CD0A0699AB7A6C ] drhard          C:\WINDOWS\system32\drivers\drhard.sys
18:33:09.0984 2816  drhard ( UnsignedFile.Multi.Generic ) - warning
18:33:09.0984 2816  drhard - detected UnsignedFile.Multi.Generic (1)
18:33:10.0000 2816  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:33:10.0125 2816  drmkaud - ok
18:33:10.0140 2816  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:33:10.0281 2816  EapHost - ok
18:33:10.0281 2816  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:33:10.0421 2816  ERSvc - ok
18:33:10.0437 2816  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
18:33:10.0453 2816  Eventlog ( UnsignedFile.Multi.Generic ) - warning
18:33:10.0453 2816  Eventlog - detected UnsignedFile.Multi.Generic (1)
18:33:10.0484 2816  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
18:33:10.0500 2816  EventSystem ( UnsignedFile.Multi.Generic ) - warning
18:33:10.0500 2816  EventSystem - detected UnsignedFile.Multi.Generic (1)
18:33:10.0515 2816  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:33:10.0640 2816  Fastfat - ok
18:33:10.0656 2816  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:33:10.0671 2816  FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
18:33:10.0671 2816  FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
18:33:10.0687 2816  [ FA59C12C34E4CB161F7CAA46D2A126F9 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:33:10.0703 2816  Fdc ( UnsignedFile.Multi.Generic ) - warning
18:33:10.0703 2816  Fdc - detected UnsignedFile.Multi.Generic (1)
18:33:10.0718 2816  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:33:10.0843 2816  Fips - ok
18:33:10.0843 2816  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:33:10.0968 2816  Flpydisk - ok
18:33:10.0968 2816  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:33:11.0093 2816  FltMgr - ok
18:33:11.0109 2816  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:33:11.0125 2816  FontCache3.0.0.0 - ok
18:33:11.0140 2816  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:33:11.0265 2816  Fs_Rec - ok
18:33:11.0281 2816  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:33:11.0421 2816  Ftdisk - ok
18:33:11.0515 2816  getbus - ok
18:33:11.0546 2816  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:33:11.0687 2816  Gpc - ok
18:33:11.0718 2816  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
18:33:11.0734 2816  gupdate - ok
18:33:11.0734 2816  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
18:33:11.0750 2816  gupdatem - ok
18:33:11.0750 2816  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:33:11.0890 2816  HDAudBus - ok
18:33:11.0921 2816  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:33:12.0046 2816  helpsvc - ok
18:33:12.0046 2816  HidServ - ok
18:33:12.0078 2816  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:33:12.0203 2816  hkmsvc - ok
18:33:12.0203 2816  hpn - ok
18:33:12.0234 2816  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:33:12.0265 2816  HTTP ( UnsignedFile.Multi.Generic ) - warning
18:33:12.0265 2816  HTTP - detected UnsignedFile.Multi.Generic (1)
18:33:12.0281 2816  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:33:12.0421 2816  HTTPFilter - ok
18:33:12.0421 2816  i2omgmt - ok
18:33:12.0421 2816  i2omp - ok
18:33:12.0421 2816  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:33:12.0546 2816  i8042prt - ok
18:33:12.0578 2816  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:33:12.0640 2816  idsvc - ok
18:33:12.0640 2816  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:33:12.0765 2816  Imapi - ok
18:33:12.0781 2816  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:33:12.0906 2816  ImapiService - ok
18:33:12.0921 2816  ini910u - ok
18:33:12.0921 2816  IntelIde - ok
18:33:12.0921 2816  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:33:13.0046 2816  Ip6Fw - ok
18:33:13.0062 2816  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:33:13.0187 2816  IpFilterDriver - ok
18:33:13.0203 2816  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:33:13.0328 2816  IpInIp - ok
18:33:13.0343 2816  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:33:13.0468 2816  IpNat - ok
18:33:13.0468 2816  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:33:13.0609 2816  IPSec - ok
18:33:13.0625 2816  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:33:13.0687 2816  IRENUM - ok
18:33:13.0703 2816  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:33:13.0843 2816  isapnp - ok
18:33:13.0843 2816  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:33:14.0000 2816  Kbdclass - ok
18:33:14.0046 2816  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:33:14.0203 2816  kmixer - ok
18:33:14.0218 2816  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:33:14.0234 2816  KSecDD ( UnsignedFile.Multi.Generic ) - warning
18:33:14.0234 2816  KSecDD - detected UnsignedFile.Multi.Generic (1)
18:33:14.0250 2816  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:33:14.0281 2816  lanmanserver - ok
18:33:14.0296 2816  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:33:14.0328 2816  lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
18:33:14.0328 2816  lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
18:33:14.0328 2816  lbrtfdc - ok
18:33:14.0343 2816  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:33:14.0468 2816  LmHosts - ok
18:33:14.0484 2816  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:33:14.0609 2816  Messenger - ok
18:33:14.0625 2816  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:33:14.0734 2816  mnmdd - ok
18:33:14.0750 2816  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:33:14.0890 2816  mnmsrvc - ok
18:33:14.0906 2816  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:33:15.0031 2816  Modem - ok
18:33:15.0109 2816  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt         C:\WINDOWS\system32\drivers\monfilt.sys
18:33:15.0250 2816  monfilt - ok
18:33:15.0250 2816  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:33:15.0421 2816  Mouclass - ok
18:33:15.0437 2816  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:33:15.0593 2816  MountMgr - ok
18:33:15.0625 2816  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:33:15.0656 2816  MozillaMaintenance - ok
18:33:15.0656 2816  mraid35x - ok
18:33:15.0671 2816  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:33:15.0828 2816  MRxDAV - ok
18:33:15.0859 2816  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:33:15.0921 2816  MRxSmb ( UnsignedFile.Multi.Generic ) - warning
18:33:15.0921 2816  MRxSmb - detected UnsignedFile.Multi.Generic (1)
18:33:15.0937 2816  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:33:16.0062 2816  MSDTC - ok
18:33:16.0078 2816  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:33:16.0218 2816  Msfs - ok
18:33:16.0218 2816  MSIServer - ok
18:33:16.0250 2816  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:33:16.0359 2816  MSKSSRV - ok
18:33:16.0375 2816  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:33:16.0500 2816  MSPCLOCK - ok
18:33:16.0515 2816  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:33:16.0640 2816  MSPQM - ok
18:33:16.0656 2816  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:33:16.0765 2816  mssmbios - ok
18:33:16.0765 2816  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:33:16.0781 2816  Mup ( UnsignedFile.Multi.Generic ) - warning
18:33:16.0781 2816  Mup - detected UnsignedFile.Multi.Generic (1)
18:33:16.0812 2816  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:33:16.0953 2816  napagent - ok
18:33:16.0968 2816  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:33:17.0093 2816  NDIS - ok
18:33:17.0109 2816  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:33:17.0140 2816  NdisTapi ( UnsignedFile.Multi.Generic ) - warning
18:33:17.0140 2816  NdisTapi - detected UnsignedFile.Multi.Generic (1)
18:33:17.0140 2816  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:33:17.0281 2816  Ndisuio - ok
18:33:17.0281 2816  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:33:17.0406 2816  NdisWan - ok
18:33:17.0406 2816  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:33:17.0437 2816  NDProxy - ok
18:33:17.0437 2816  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:33:17.0578 2816  NetBIOS - ok
18:33:17.0593 2816  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:33:17.0734 2816  NetBT - ok
18:33:17.0781 2816  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:33:17.0921 2816  NetDDE - ok
18:33:17.0921 2816  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:33:18.0046 2816  NetDDEdsdm - ok
18:33:18.0078 2816  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:33:18.0203 2816  Netlogon - ok
18:33:18.0218 2816  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
18:33:18.0343 2816  Netman - ok
18:33:18.0375 2816  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:18.0406 2816  NetTcpPortSharing - ok
18:33:18.0406 2816  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:33:18.0421 2816  Nla ( UnsignedFile.Multi.Generic ) - warning
18:33:18.0421 2816  Nla - detected UnsignedFile.Multi.Generic (1)
18:33:18.0421 2816  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:33:18.0531 2816  Npfs - ok
18:33:18.0546 2816  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:33:18.0671 2816  Ntfs - ok
18:33:18.0671 2816  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:33:18.0796 2816  NtLmSsp - ok
18:33:18.0828 2816  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:33:18.0953 2816  NtmsSvc - ok
18:33:18.0968 2816  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:33:19.0078 2816  Null - ok
18:33:19.0093 2816  [ 70217A23470F4BB4C8FB4ABE06813081 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
18:33:19.0125 2816  NVENETFD - ok
18:33:19.0140 2816  [ EA98BFE4931BD13D747D647C1859796E ] nvgts           C:\WINDOWS\system32\DRIVERS\nvgts.sys
18:33:19.0156 2816  nvgts - ok
18:33:19.0187 2816  [ BE8513730653384939A4D2D977C81027 ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
18:33:19.0218 2816  nvnetbus - ok
18:33:19.0250 2816  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:33:19.0375 2816  NwlnkFlt - ok
18:33:19.0375 2816  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:33:19.0500 2816  NwlnkFwd - ok
18:33:19.0515 2816  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:33:19.0656 2816  Parport - ok
18:33:19.0656 2816  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:33:19.0796 2816  PartMgr - ok
18:33:19.0812 2816  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:33:19.0921 2816  ParVdm - ok
18:33:19.0921 2816  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:33:20.0046 2816  PCI - ok
18:33:20.0062 2816  PCIDump - ok
18:33:20.0062 2816  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:33:20.0187 2816  PCIIde - ok
18:33:20.0203 2816  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:33:20.0296 2816  Pcmcia - ok
18:33:20.0296 2816  PDCOMP - ok
18:33:20.0312 2816  PDFRAME - ok
18:33:20.0312 2816  PDRELI - ok
18:33:20.0312 2816  PDRFRAME - ok
18:33:20.0328 2816  perc2 - ok
18:33:20.0328 2816  perc2hib - ok
18:33:20.0343 2816  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
18:33:20.0359 2816  PlugPlay ( UnsignedFile.Multi.Generic ) - warning
18:33:20.0359 2816  PlugPlay - detected UnsignedFile.Multi.Generic (1)
18:33:20.0359 2816  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:33:20.0453 2816  PolicyAgent - ok
18:33:20.0453 2816  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:33:20.0578 2816  PptpMiniport - ok
18:33:20.0578 2816  [ 2CB55427C58679F49AD600FCCBA76360 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
18:33:20.0703 2816  Processor - ok
18:33:20.0718 2816  [ C79EC9D0F7F3027A8271A30C50646BF2 ] prodrv05        C:\WINDOWS\System32\drivers\prodrv05.sys
18:33:20.0750 2816  prodrv05 ( UnsignedFile.Multi.Generic ) - warning
18:33:20.0750 2816  prodrv05 - detected UnsignedFile.Multi.Generic (1)
18:33:20.0765 2816  [ C0E2F2CA3977C47904091A7779F972F8 ] prohlp01        C:\WINDOWS\system32\drivers\prohlp01.sys
18:33:20.0812 2816  prohlp01 ( UnsignedFile.Multi.Generic ) - warning
18:33:20.0812 2816  prohlp01 - detected UnsignedFile.Multi.Generic (1)
18:33:20.0812 2816  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:33:20.0921 2816  ProtectedStorage - ok
18:33:20.0921 2816  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:33:21.0031 2816  PSched - ok
18:33:21.0046 2816  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:33:21.0140 2816  Ptilink - ok
18:33:21.0156 2816  ql1080 - ok
18:33:21.0156 2816  Ql10wnt - ok
18:33:21.0156 2816  ql12160 - ok
18:33:21.0171 2816  ql1240 - ok
18:33:21.0171 2816  ql1280 - ok
18:33:21.0187 2816  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:33:21.0281 2816  RasAcd - ok
18:33:21.0312 2816  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:33:21.0437 2816  RasAuto - ok
18:33:21.0437 2816  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:33:21.0546 2816  Rasl2tp - ok
18:33:21.0562 2816  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:33:21.0687 2816  RasMan - ok
18:33:21.0687 2816  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:33:21.0843 2816  RasPppoe - ok
18:33:21.0843 2816  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:33:21.0984 2816  Raspti - ok
18:33:22.0000 2816  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:33:22.0187 2816  Rdbss - ok
18:33:22.0203 2816  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:33:22.0312 2816  RDPCDD - ok
18:33:22.0343 2816  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:33:22.0390 2816  RDPWD ( UnsignedFile.Multi.Generic ) - warning
18:33:22.0390 2816  RDPWD - detected UnsignedFile.Multi.Generic (1)
18:33:22.0406 2816  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:33:22.0531 2816  RDSessMgr - ok
18:33:22.0546 2816  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:33:22.0656 2816  redbook - ok
18:33:22.0671 2816  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:33:22.0781 2816  RemoteAccess - ok
18:33:22.0796 2816  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:33:22.0921 2816  RpcLocator - ok
18:33:22.0937 2816  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:33:22.0953 2816  RpcSs ( UnsignedFile.Multi.Generic ) - warning
18:33:22.0953 2816  RpcSs - detected UnsignedFile.Multi.Generic (1)
18:33:22.0968 2816  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:33:23.0093 2816  RSVP - ok
18:33:23.0093 2816  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:33:23.0250 2816  SamSs - ok
18:33:23.0265 2816  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:33:23.0421 2816  SCardSvr - ok
18:33:23.0437 2816  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:33:23.0562 2816  Schedule - ok
18:33:23.0593 2816  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:33:23.0640 2816  Secdrv - ok
18:33:23.0656 2816  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:33:23.0765 2816  seclogon - ok
18:33:23.0781 2816  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
18:33:23.0890 2816  SENS - ok
18:33:23.0890 2816  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:33:24.0031 2816  serenum - ok
18:33:24.0031 2816  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:33:24.0140 2816  Serial - ok
18:33:24.0156 2816  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:33:24.0281 2816  Sfloppy - ok
18:33:24.0296 2816  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:33:24.0390 2816  SharedAccess - ok
18:33:24.0406 2816  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:33:24.0421 2816  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
18:33:24.0421 2816  ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
18:33:24.0421 2816  Simbad - ok
18:33:24.0421 2816  Sparrow - ok
18:33:24.0453 2816  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:33:24.0562 2816  splitter - ok
18:33:24.0578 2816  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:33:24.0609 2816  Spooler - ok
18:33:24.0625 2816  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:33:24.0671 2816  sr - ok
18:33:24.0687 2816  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:33:24.0734 2816  srservice - ok
18:33:24.0750 2816  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:33:24.0781 2816  Srv ( UnsignedFile.Multi.Generic ) - warning
18:33:24.0781 2816  Srv - detected UnsignedFile.Multi.Generic (1)
18:33:24.0796 2816  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:33:24.0859 2816  SSDPSRV - ok
18:33:24.0890 2816  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:33:24.0906 2816  ssmdrv - ok
18:33:24.0906 2816  SSPORT - ok
18:33:24.0906 2816  [ 026993AF862F4DA974BD2346C4957283 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:33:24.0921 2816  stisvc ( UnsignedFile.Multi.Generic ) - warning
18:33:24.0921 2816  stisvc - detected UnsignedFile.Multi.Generic (1)
18:33:24.0937 2816  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:33:25.0078 2816  swenum - ok
18:33:25.0078 2816  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:33:25.0203 2816  swmidi - ok
18:33:25.0203 2816  SwPrv - ok
18:33:25.0203 2816  symc810 - ok
18:33:25.0203 2816  symc8xx - ok
18:33:25.0218 2816  sym_hi - ok
18:33:25.0218 2816  sym_u3 - ok
18:33:25.0234 2816  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:33:25.0343 2816  sysaudio - ok
18:33:25.0375 2816  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:33:25.0500 2816  SysmonLog - ok
18:33:25.0515 2816  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:33:25.0640 2816  TapiSrv - ok
18:33:25.0671 2816  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:33:25.0703 2816  Tcpip ( UnsignedFile.Multi.Generic ) - warning
18:33:25.0703 2816  Tcpip - detected UnsignedFile.Multi.Generic (1)
18:33:25.0718 2816  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:33:25.0843 2816  TDPIPE - ok
18:33:25.0843 2816  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:33:25.0953 2816  TDTCP - ok
18:33:25.0968 2816  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:33:26.0125 2816  TermDD - ok
18:33:26.0125 2816  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:33:26.0234 2816  TermService - ok
18:33:26.0250 2816  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:33:26.0250 2816  Themes ( UnsignedFile.Multi.Generic ) - warning
18:33:26.0250 2816  Themes - detected UnsignedFile.Multi.Generic (1)
18:33:26.0250 2816  TosIde - ok
18:33:26.0265 2816  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:33:26.0375 2816  TrkWks - ok
18:33:26.0390 2816  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:33:26.0500 2816  Udfs - ok
18:33:26.0515 2816  ultra - ok
18:33:26.0531 2816  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:33:26.0656 2816  Update - ok
18:33:26.0671 2816  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:33:26.0734 2816  upnphost - ok
18:33:26.0750 2816  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
18:33:26.0890 2816  UPS - ok
18:33:26.0890 2816  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:33:27.0000 2816  usbehci - ok
18:33:27.0000 2816  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:33:27.0140 2816  usbhub - ok
18:33:27.0156 2816  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:33:27.0265 2816  usbohci - ok
18:33:27.0296 2816  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:33:27.0421 2816  usbprint - ok
18:33:27.0437 2816  [ AAA4CA51E293C23FE3FE1D916DC828AB ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:33:27.0468 2816  usbscan ( UnsignedFile.Multi.Generic ) - warning
18:33:27.0468 2816  usbscan - detected UnsignedFile.Multi.Generic (1)
18:33:27.0484 2816  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:33:27.0578 2816  USBSTOR - ok
18:33:27.0609 2816  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:33:27.0734 2816  VgaSave - ok
18:33:27.0796 2816  [ 242A8309B952F7CA9E220D3439955B0E ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
18:33:27.0828 2816  VIAHdAudAddService - ok
18:33:27.0843 2816  ViaIde - ok
18:33:27.0843 2816  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:33:27.0968 2816  VolSnap - ok
18:33:28.0015 2816  [ 81560BC265E0FCC6210E4A10290E666D ] VSS             C:\WINDOWS\System32\vssvc.exe
18:33:28.0031 2816  VSS ( UnsignedFile.Multi.Generic ) - warning
18:33:28.0031 2816  VSS - detected UnsignedFile.Multi.Generic (1)
18:33:28.0046 2816  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:33:28.0171 2816  W32Time - ok
18:33:28.0171 2816  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:33:28.0281 2816  Wanarp - ok
18:33:28.0296 2816  WDICA - ok
18:33:28.0328 2816  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:33:28.0421 2816  wdmaud - ok
18:33:28.0453 2816  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:33:28.0562 2816  WebClient - ok
18:33:28.0625 2816  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:33:28.0734 2816  winmgmt - ok
18:33:28.0750 2816  [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:33:28.0875 2816  WmdmPmSN - ok
18:33:28.0906 2816  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:33:29.0015 2816  WmiApSrv - ok
18:33:29.0062 2816  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:33:29.0125 2816  WPFFontCache_v0400 - ok
18:33:29.0156 2816  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:33:29.0265 2816  wscsvc - ok
18:33:29.0296 2816  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:33:29.0390 2816  wuauserv - ok
18:33:29.0406 2816  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:33:29.0531 2816  WZCSVC - ok
18:33:29.0546 2816  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:33:29.0656 2816  xmlprov - ok
18:33:29.0671 2816  ================ Scan global ===============================
18:33:29.0703 2816  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
18:33:29.0750 2816  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
18:33:29.0765 2816  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
18:33:29.0781 2816  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
18:33:29.0781 2816  [Global] - ok
18:33:29.0781 2816  ================ Scan MBR ==================================
18:33:29.0796 2816  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
18:33:30.0156 2816  \Device\Harddisk0\DR0 - ok
18:33:30.0156 2816  ================ Scan VBR ==================================
18:33:30.0156 2816  [ 8B06F52E0E5256282AA7B1A77206C8B9 ] \Device\Harddisk0\DR0\Partition1
18:33:30.0156 2816  \Device\Harddisk0\DR0\Partition1 - ok
18:33:30.0203 2816  [ 4541BBB6C0F9AD76A168667A1D422BFE ] \Device\Harddisk0\DR0\Partition2
18:33:30.0203 2816  \Device\Harddisk0\DR0\Partition2 - ok
18:33:30.0203 2816  [ 14AB16282DB81CB14A344AB35B6A7E78 ] \Device\Harddisk0\DR0\Partition3
18:33:30.0218 2816  \Device\Harddisk0\DR0\Partition3 - ok
18:33:30.0218 2816  ============================================================
18:33:30.0218 2816  Scan finished
18:33:30.0218 2816  ============================================================
18:33:30.0328 3924  Detected object count: 33
18:33:30.0328 3924  Actual detected object count: 33
18:33:53.0359 3924  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0359 3924  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0359 3924  AFD ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0359 3924  AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0359 3924  audstub ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0359 3924  audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0359 3924  BITS ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0359 3924  BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0359 3924  Browser ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0359 3924  Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  drhard ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  drhard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0375 3924  Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0375 3924  Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0390 3924  Mup ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0390 3924  Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  Nla ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  prodrv05 ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  prodrv05 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  prohlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  prohlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0406 3924  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0406 3924  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  Srv ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:33:53.0421 3924  VSS ( UnsignedFile.Multi.Generic ) - skipped by user
18:33:53.0421 3924  VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 29.05.2013, 19:12

Hi,
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Tomekk83 · 29.05.2013, 20:19

Scan ist fertig. Vor dem Start erschien die Meldung, das keine Wiederherstellungskonsole installiert ist, worauf diese dann installiert wurde. Dann kamen zwei Meldungen wonach ADVPack.DLL und iernonce.DLL keine gültige Windowsdateien sind.
Und anschließern das "sOrt.3XE" einen Fehler festgestellt hat und beendet werden muss.

Code:

ATTFilter

ComboFix 13-05-29.01 - Thomas 29.05.2013  20:55:18.1.1 - x86
ausgeführt von:: c:\dokumente und einstellungen\Thomas\Eigene Dateien\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infizierte Kopie von c:\windows\system32\wiaservc.dll wurde gefunden und desinfiziert 
Kopie von - c:\windows\ServicePackFiles\i386\wiaservc.dll wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-29  ))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 22:16 . 2004-08-04 12:00	920064	----a-w-	c:\windows\system32\wininet.dll
2013-04-16 22:16 . 2004-08-04 12:00	43520	------w-	c:\windows\system32\licmgr10.dll
2013-04-16 22:16 . 2004-08-04 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-04 12:00	385024	------w-	c:\windows\system32\html.iec
2013-04-12 14:00 . 2004-08-04 12:00	1876480	----a-w-	c:\windows\system32\win32k.sys
2013-03-08 08:36 . 2004-08-04 12:00	293888	----a-w-	c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2004-08-04 12:00	2195712	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2004-08-04 00:50	2072320	----a-w-	c:\windows\system32\ntkrnlpa.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2012-07-06 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll
[-] 2012-07-06 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260] . . c:\windows\system32\dllcache\browser.dll
[-] 2012-07-06 . B2CC8D85D27BF10C5FAF5B98C335978E . 78336 . . [5.1.2600.6260] . . c:\windows\$hf_mig$\KB2705219-v2\SP3QFE\browser.dll
[7] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2705219-v2$\browser.dll
[7] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[7] 2004-08-04 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[7] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 05:52 . C8DC5119FAF427894D83D6324ABA874A . 409088 . . [------] . . c:\windows\system32\qmgr.dll
[7] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[7] 2004-08-04 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[7] 2004-08-04 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[7] 2004-08-04 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-04-14 05:52 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[7] 2008-04-14 05:52 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[7] 2004-08-04 12:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2012-10-03 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293] . . c:\windows\system32\kernel32.dll
[-] 2012-10-03 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2012-10-03 . A9D5CAF09ABD70F1CA28891ECED7B9E4 . 1065472 . . [5.1.2600.6293] . . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$NtUninstallKB2758857$\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2004-08-04 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[-] 2013-05-07 . B58C905D107E8E8F884F4D41053AA463 . 6015488 . . [8.00.6001.23487] . . c:\windows\system32\mshtml.dll
[-] 2013-05-07 . B58C905D107E8E8F884F4D41053AA463 . 6015488 . . [8.00.6001.23487] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2013-03-02 . EA9230C5CF9E866AE60115D5200D0477 . 6012416 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2847204-IE8\mshtml.dll
[-] 2013-03-02 . EA9230C5CF9E866AE60115D5200D0477 . 6012416 . . [8.00.6001.19412] . . c:\windows\SoftwareDistribution\Download\ff6c54f870d693f1291a1503fe10436e\SP3GDR\mshtml.dll
[-] 2013-03-02 . 0E34682AFAF8CAD72B4D80EF56678356 . 6013440 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\mshtml.dll
[-] 2013-03-02 . 0E34682AFAF8CAD72B4D80EF56678356 . 6013440 . . [8.00.6001.23480] . . c:\windows\SoftwareDistribution\Download\ff6c54f870d693f1291a1503fe10436e\SP3QFE\mshtml.dll
[-] 2013-02-21 . F4ADD9A1DDCEFA09173D60FE83792372 . 3111936 . . [6.00.2900.6357] . . c:\windows\$hf_mig$\KB2817183\SP3QFE\mshtml.dll
[-] 2012-08-28 . 685AC6F538B3D4EBE03F19877187B4DF . 6008832 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2817183-IE8\mshtml.dll
[-] 2012-08-28 . 685AC6F538B3D4EBE03F19877187B4DF . 6008832 . . [8.00.6001.19328] . . c:\windows\SoftwareDistribution\Download\515eba7f09a7240e5085f972b3873112\SP3GDR\mshtml.dll
[-] 2012-08-28 . 871C7E18BC56164496CE97DE5C95E569 . 6010368 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll
[-] 2012-08-28 . 871C7E18BC56164496CE97DE5C95E569 . 6010368 . . [8.00.6001.23415] . . c:\windows\SoftwareDistribution\Download\515eba7f09a7240e5085f972b3873112\SP3QFE\mshtml.dll
[-] 2011-11-04 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2744842-IE8\mshtml.dll
[-] 2011-11-04 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170] . . c:\windows\SoftwareDistribution\Download\6f0001eef20051bb01af8d5175d40af8\SP3GDR\mshtml.dll
[-] 2011-11-04 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[-] 2011-11-04 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266] . . c:\windows\SoftwareDistribution\Download\6f0001eef20051bb01af8d5175d40af8\SP3QFE\mshtml.dll
[7] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[7] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\cc94e1045d82108b7a40f5576e9d61c9\SP3GDR\mshtml.dll
[7] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\cc94e1045d82108b7a40f5576e9d61c9\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
[7] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[7] 2004-08-04 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
.
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[7] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[7] 2004-08-04 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[7] 2004-08-04 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[7] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[7] 2004-08-04 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2013-03-07 . F6D0ADD14A380F027A0863A1EE337B93 . 2072320 . . [5.1.2600.6368] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2013-03-07 . F6D0ADD14A380F027A0863A1EE337B93 . 2072320 . . [5.1.2600.6368] . . c:\windows\system32\ntkrnlpa.exe
[-] 2013-03-07 . F6D0ADD14A380F027A0863A1EE337B93 . 2072320 . . [5.1.2600.6368] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2013-03-07 . 55A21C67E41EC94ECE980B33152E87F1 . 2072320 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntkrnlpa.exe
[-] 2012-04-11 . FCDFEE91E13E7A2433B053A53645EB39 . 2071424 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2813170$\ntkrnlpa.exe
[-] 2012-04-11 . C3124524EDDDA49504AE558352440F65 . 2071424 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 59BCD807F5FC0AB291E9EA1E2CB598B1 . 2071680 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2004-08-04 . CE41FC4C06499A389D39B301879535FB . 2059136 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
[-] 2013-03-07 . DACE71DFE04588B54C0396C6C2AC92EB . 2195712 . . [5.1.2600.6368] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2013-03-07 . DACE71DFE04588B54C0396C6C2AC92EB . 2195712 . . [5.1.2600.6368] . . c:\windows\system32\ntoskrnl.exe
[-] 2013-03-07 . DACE71DFE04588B54C0396C6C2AC92EB . 2195712 . . [5.1.2600.6368] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2013-03-07 . 8FE0900688FFDA8BBA1701D9E543F867 . 2195840 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntoskrnl.exe
[-] 2012-04-11 . 0D7DD9F68FA1B5D4A5571B0D53A8DF48 . 2194944 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2813170$\ntoskrnl.exe
[-] 2012-04-11 . 35BEC26067274CCFE4BE16CA22E54557 . 2194944 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B7EF0123C501FFD1B47A86B44E710FD2 . 2195072 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2004-08-04 . DC888C9C4CA0EEA7A3CB7E6B610F75C7 . 2183296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-29 98304]
"HDAudDeck"="c:\programme\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-06-01 33624064]
"CDAServer"="c:\programme\Gemeinsame Dateien\Common Desktop Agent\CDASrv.exe" [2012-03-09 350072]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-15 614400]
.
c:\dokumente und einstellungen\Thomas\Startmenü\Programme\Autostart\
OpenOffice.org 3.4.1.lnk - d:\programme\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\uninstall.exe"=
"c:\\Programme\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
.
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 getbus;getbus;c:\dokume~1\Thomas\LOKALE~1\Temp\getbus.sys [x]
S0 prohlp01;StarForce Protection Helper Driver v1;c:\windows\System32\drivers\prohlp01.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 prodrv05;StarForce Protection Environment Driver v5;c:\windows\System32\drivers\prodrv05.sys [x]
S2 AntiVirMailService;Avira Email Schutz;c:\programme\Avira\AntiVir Desktop\avmailc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 drhard;drhard; [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-24 10:56	1165776	----a-w-	c:\programme\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-07 20:50]
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2013-05-03 12:50]
.
2013-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2013-05-03 12:50]
.
.
------- Zusätzlicher Suchlauf -------
.
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\zw1hk74g.default\
FF - ExtSQL: 2013-05-03 14:36; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-05-13 15:08; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\dokumente und einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\zw1hk74g.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-05-29 21:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HDAudDeck = c:\programme\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????? 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(696)
c:\programme\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(2568)
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\programme\OpenOffice.org 3\program\soffice.exe
d:\programme\OpenOffice.org 3\program\soffice.bin
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-29  21:15:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-05-29 19:13
.
Vor Suchlauf: 8 Verzeichnis(se), 244.759.445.504 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 245.651.836.928 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 0006768111CD9DF5E14019B083127EDA

markusg · 29.05.2013, 21:09

Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Tomekk83 · 29.05.2013, 23:45

Kann das Programm nicht starten

"Runtime Error '48': File not found: advpack"

markusg · 30.05.2013, 12:09

ok versuch mal:
Hitman Pro - Download - Filepony

Hitmanpro laden, doppelklicken, auf scan klicken.
Nichts löschen.
auf weiter klicken. Log speichern unter, bzw als xml speichern und posten, oder packen und anhängen

Tomekk83 · 30.05.2013, 20:06

Die Ergebnisse hab ich angehängt

markusg · 30.05.2013, 20:53

ok das sind nur kookies.
ist die Fehlermeldung noch mal aufgetreten?b

Tomekk83 · 30.05.2013, 20:59

Heute Mittag mal. Aber seit drei Stunden nicht mehr

markusg · 30.05.2013, 21:02

ok, kannst du mal in den abgesicherten Modus gehen, in deinem Konto anmelden und das Festplattendiagnose Tool dort mal probieren?

29.05.2013, 10:41	#18
markusg /// Malware-holic	WMI hat ein Problem festgestellt und muss beendet werden genaue Fehlermeldung? __________________ __________________

WMI hat ein Problem festgestellt und muss beendet werden

Plagegeister aller Art und deren Bekämpfung: WMI hat ein Problem festgestellt und muss beendet werden