Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.10.2014, 16:06   #1
profdopenudl
 
Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



Hi.

Habe nur einen Verdacht. Kenne mich mit den Logfiles nicht so wirklich aus, aber habe es mal gepostet.

Seit längerem verstellt sich meine Uhr, unten recht's, immer wieder. Kann auch nicht wirklich neu synchroniesieren und manche Internetseiten sagen mir dann, dass das Sicherheitszertifikat abgeloffen sei. Hat laut Google einen Zusammenhang mit der Uhrzeit.

Und seit vorgestern ist es quasi unmöglich im Browser zu surfen.
Es geht immer wieder 1-2 min und dann spinnt es rum und macht garnicht's mehr.

Wollte jetzt mal Eure Meinung hören und gegebenfalls um Hilfe bitten.

Danke mal

Habe Windows 7

Logfiles:

defogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:24 on 14/10/2014 (Produzent)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-10-2014
Ran by Produzent (administrator) on PRODUZENT-PC on 14-10-2014 22:28:22
Running from C:\Users\Produzent\Desktop
Loaded Profile: Produzent (Available profiles: Produzent)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
() C:\Program Files\RocketDock\RocketDock.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui-1.0.3.exe
() C:\Program Files\OpenVPN\bin\openvpn.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Produzent\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [440632 2014-08-29] (Malwarebytes Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-237654910-3141975521-2953661306-1000\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2014-03-03] (TrueCrypt Foundation)
HKU\S-1-5-21-237654910-3141975521-2953661306-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-237654910-3141975521-2953661306-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-237654910-3141975521-2953661306-1000\...\Policies\Explorer: [NoDrives] 0x00000000
HKU\S-1-5-21-237654910-3141975521-2953661306-1000\...\MountPoints2: {6b7487b2-9ebf-11e3-9637-806e6f6e6963} - D:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
BootExecute: autocheck autochk /r \??\F:autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10DACF3DDD36CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files\avira\Internet Explorer\avira32.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF user.js: detected! => C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\abs@avira.com [2014-10-09]
FF Extension: Avira Savings Advisor - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\ciuvo-extension@avira.de [2014-03-03]
FF Extension: WOT - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-03]
FF Extension: Classic Theme Restorer - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-12]
FF Extension: Facebook Blocker - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\info@skymeissner.com.xpi [2014-03-03]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-07-07]
FF Extension: NoScript - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-03]
FF Extension: Adblock Plus - C:\Users\Produzent\AppData\Roaming\Mozilla\Firefox\Profiles\f761nl4b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-03]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2012-05-31] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47896 2014-08-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-14] (Avira GmbH)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [91016 2014-01-23] ()
S1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [20616 2014-01-23] ()
S1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [540168 2014-01-23] ()
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1a\WNt500x86\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 22:28 - 2014-10-14 22:28 - 00011384 _____ () C:\Users\Produzent\Desktop\FRST.txt
2014-10-14 22:28 - 2014-10-14 22:28 - 00000000 ____D () C:\FRST
2014-10-14 22:27 - 2014-10-14 22:27 - 01101824 _____ (Farbar) C:\Users\Produzent\Desktop\FRST.exe
2014-10-14 22:24 - 2014-10-14 22:24 - 00000480 _____ () C:\Users\Produzent\Desktop\defogger_disable.log
2014-10-14 22:24 - 2014-10-14 22:24 - 00000000 _____ () C:\Users\Produzent\defogger_reenable
2014-10-14 22:14 - 2014-10-14 22:14 - 00050477 _____ () C:\Users\Produzent\Desktop\Defogger.exe
2014-10-14 19:24 - 2014-10-14 19:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-09 09:24 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-24 22:42 - 2014-10-14 21:46 - 00000072 _____ () C:\Users\Produzent\Desktop\werbe whatsapp.txt
2014-09-24 20:00 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 22:24 - 2014-02-26 10:30 - 00000000 ____D () C:\Users\Produzent
2014-10-14 22:12 - 2014-03-20 01:06 - 00000000 ____D () C:\Users\Produzent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-10-14 22:12 - 2014-03-16 22:33 - 00000000 ____D () C:\Program Files\Image-Line
2014-10-14 22:11 - 2014-03-20 01:07 - 00000000 ____D () C:\Program Files\VstPlugins
2014-10-14 22:08 - 2014-02-26 10:27 - 01157966 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 21:42 - 2014-03-03 14:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 21:27 - 2014-03-11 21:33 - 00000000 ____D () C:\Users\Produzent\AppData\Roaming\vlc
2014-10-14 21:19 - 2014-03-17 11:54 - 00000000 ____D () C:\Users\Produzent\AppData\Roaming\Winamp
2014-10-14 21:18 - 2009-07-14 06:34 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 21:18 - 2009-07-14 06:34 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 21:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-14 20:09 - 2014-03-03 14:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-14 19:08 - 2014-03-04 10:54 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 19:08 - 2014-03-03 15:05 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 19:08 - 2014-03-03 15:05 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-14 18:58 - 2014-07-16 14:56 - 00000000 ____D () C:\Program Files\JDownloader
2014-10-09 13:38 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-09 10:10 - 2014-07-14 16:44 - 00019960 _____ () C:\Windows\wininit.ini
2014-10-09 10:08 - 2014-03-17 12:43 - 00000000 ____D () C:\Users\Produzent\Theme
2014-10-09 10:07 - 2014-07-14 19:57 - 00271051 _____ () C:\Quarantine.lst
2014-09-25 05:12 - 2014-03-15 22:38 - 00000000 ____D () C:\Windows\rescache
2014-09-24 22:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-24 20:42 - 2014-03-03 14:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 20:42 - 2014-03-03 14:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Produzent\AppData\Local\Temp\avgnt.exe
C:\Users\Produzent\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Produzent\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Produzent\AppData\Local\Temp\TUUUninstallHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-09 09:44

==================== End Of Log ============================
         

Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-10-2014
Ran by Produzent at 2014-10-14 22:28:59
Running from C:\Users\Produzent\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ATI Stream SDK v2 Developer (HKLM\...\{86B247F9-1D5E-CCC6-3280-71486D9A4E70}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Avira Savings Advisor (HKLM\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Dogecoin (HKCU\...\Dogecoin) (Version: 1.6.0.0 - Dogecoin)
Edison (HKLM\...\Edison) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version:  - )
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{E5F9BFAF-2FD9-4637-BA4E-5C2BC3A0763D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IL DrumSynth Live (HKLM\...\IL DrumSynth Live) (Version:  - Image-Line)
IL Gross Beat (HKLM\...\IL Gross Beat) (Version:  - Image-Line)
IL Harmless (HKLM\...\IL Harmless) (Version:  - Image-Line)
IL Harmor (HKLM\...\IL Harmor) (Version:  - Image-Line)
IL Juice Pack (HKLM\...\IL Juice Pack) (Version:  - Image-Line)
IL MiniHost (HKLM\...\IL MiniHost) (Version:  - Image-Line)
IL Ogun (HKLM\...\IL Ogun) (Version:  - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version:  - Image-Line)
IL Slicex (HKLM\...\IL Slicex) (Version:  - Image-Line)
IL Vocodex (HKLM\...\IL Vocodex) (Version:  - Image-Line)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maximus (HKLM\...\Maximus) (Version:  - Image-Line)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mkv2vob (HKLM\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
Mozilla Firefox 33.0 (x86 de) (HKLM\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.2.2 (HKLM\...\OpenVPN) (Version: 2.2.2 - )
PDF24 Creator 6.3.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Raptr (HKLM\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Sony Mobile Update Service (HKLM\...\Update Service) (Version: 2.14.4.201403101311 - Sony Mobile Communications AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sytrus (HKLM\...\Sytrus) (Version:  - Image-Line)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer)
TP-LINK TL-WN721N_WN722N Treiber (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.2.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.2.1 - TP-LINK)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VLC Codec Pack 2.0.5 (HKLM\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 Codec Pack 4.0.9 (HKLM\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-237654910-3141975521-2953661306-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

==================== Restore Points  =========================

09-10-2014 07:51:10 Geplanter Prüfpunkt
09-10-2014 09:12:03 Windows Update
14-10-2014 20:08:49 TuneUp Utilities 2014 wird entfernt
14-10-2014 20:09:45 TuneUp Utilities 2014 (de-DE) wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D31FAC5-677C-43C6-8469-386B3EC90119} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2526B3EF-FF03-4194-A10D-B48FFAD933C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4D5F8D2F-E498-4D31-80FA-8F7915130C03} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {60DB3746-478E-4EE9-95EA-CEB2CC2A7D9B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {63C94587-BCF7-4F31-8CF0-2559CC4E8FFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {7F778310-40B8-44B6-A43D-B7BCEC280B8D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {8EB59010-41AC-434F-8F12-FAAE14635F85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {97E1D444-795F-40B2-BA5D-C6F0C3817F7A} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files\avira\Internet Explorer\swu.vbs"
Task: {F46D9FAB-7AA4-49CE-AFAF-D536085CB5FB} - System32\Tasks\Driver Booster SkipUAC (Produzent) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-16 13:01 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-07-14 14:17 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-14 14:17 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-14 14:17 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-14 14:17 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-14 14:17 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-18 11:59 - 2014-08-27 15:00 - 00052472 ____N () C:\Users\Produzent\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-16 13:01 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2011-12-15 19:29 - 2011-12-15 19:29 - 00104712 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui-1.0.3.exe
2011-12-15 19:29 - 2011-12-15 19:29 - 00510464 _____ () C:\Program Files\OpenVPN\bin\openvpn.exe
2011-12-15 19:29 - 2011-12-15 19:29 - 00090112 _____ () C:\Program Files\OpenVPN\bin\lzo2.dll
2014-10-14 21:17 - 2014-10-14 21:17 - 00014336 _____ () C:\Users\Produzent\AppData\Local\Temp\WDE4B80.tmp\ml_online.lng
2014-10-14 21:17 - 2014-10-14 21:17 - 00036352 _____ () C:\Users\Produzent\AppData\Local\Temp\WDE4B80.tmp\ombrowser.lng
2013-12-13 04:47 - 2013-12-13 04:47 - 00333824 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2014-10-14 19:24 - 2014-10-14 19:24 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-10-14 22:14 - 2014-10-14 22:14 - 00050477 _____ () C:\Users\Produzent\Desktop\Defogger.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-237654910-3141975521-2953661306-500 - Administrator - Disabled)
Gast (S-1-5-21-237654910-3141975521-2953661306-501 - Limited - Disabled)
Produzent (S-1-5-21-237654910-3141975521-2953661306-1000 - Administrator - Enabled) => C:\Users\Produzent

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2014 09:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 08:09:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 07:07:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 05:41:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDQuarantine.exe, Version 2.4.40.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 970

Startzeit: 01cfe3b7c3a49fe0

Endzeit: 11

Anwendungspfad: C:\Program Files\Spybot - Search & Destroy 2\SDQuarantine.exe

Berichts-ID:

Error: (10/14/2014 05:27:12 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (10/09/2014 01:43:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDQuarantine.exe, Version 2.4.40.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c94

Startzeit: 01cfe3b384710420

Endzeit: 17

Anwendungspfad: C:\Program Files\Spybot - Search & Destroy 2\SDQuarantine.exe

Berichts-ID:

Error: (10/09/2014 01:36:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm winamp.exe, Version 5.6.6.3516 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e24

Startzeit: 01cfe3b3a0137aa0

Endzeit: 45

Anwendungspfad: C:\Program Files\Winamp\winamp.exe

Berichts-ID: 6ef547d1-4fa8-11e4-a43e-001966493684

Error: (10/09/2014 01:21:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:45:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (10/09/2014 07:32:53 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"


System errors:
=============
Error: (10/14/2014 09:11:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
UimBus
Uim_DEVIM
Uim_IM

Error: (10/14/2014 09:10:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (10/14/2014 09:10:17 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (10/14/2014 09:08:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/14/2014 08:10:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
UimBus
Uim_DEVIM
Uim_IM

Error: (10/14/2014 08:09:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (10/14/2014 08:09:21 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (10/14/2014 08:07:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/14/2014 07:07:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom
UimBus
Uim_DEVIM
Uim_IM

Error: (10/14/2014 07:07:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================
Error: (10/14/2014 09:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 08:09:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 07:07:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 05:41:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDQuarantine.exe2.4.40.10397001cfe3b7c3a49fe011C:\Program Files\Spybot - Search & Destroy 2\SDQuarantine.exe

Error: (10/14/2014 05:27:12 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (10/09/2014 01:43:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDQuarantine.exe2.4.40.103c9401cfe3b38471042017C:\Program Files\Spybot - Search & Destroy 2\SDQuarantine.exe

Error: (10/09/2014 01:36:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: winamp.exe5.6.6.3516e2401cfe3b3a0137aa045C:\Program Files\Winamp\winamp.exe6ef547d1-4fa8-11e4-a43e-001966493684

Error: (10/09/2014 01:21:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:45:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Officejet Pro 8600\DriverStore\Pipeline\amd64\hpinkins5912.exe

Error: (10/09/2014 07:32:53 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 48%
Total physical RAM: 2047.28 MB
Available physical RAM: 1050.61 MB
Total Pagefile: 4094.55 MB
Available Pagefile: 2709.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:176.02 GB) NTFS
Drive f: () (Fixed) (Total:394.4 GB) (Free:158.14 GB) NTFS
Drive x: () (Fixed) (Total:536.98 GB) (Free:344.93 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B56CAEEC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 5CF7342E)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 0F882CC9)
Partition 1: (Active) - (Size=394.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=537.1 GB) - (Type=0C)

==================== End Of Log ============================
         
Gmer

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-14 22:55:33
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HD250HJ rev.FH100-05 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\PRODUZ~1\AppData\Local\Temp\pwdcruog.sys


---- System - GMER 2.1 ----

SSDT            8E29792E                                                                                                                        ZwCreateSection
SSDT            8E297938                                                                                                                        ZwRequestWaitReplyPort
SSDT            8E297933                                                                                                                        ZwSetContextThread
SSDT            8E29793D                                                                                                                        ZwSetSecurityObject
SSDT            8E297942                                                                                                                        ZwSystemDebugControl
SSDT            8E2978CF                                                                                                                        ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                        82C92A15 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                          82CCC212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                                             82CD358C 4 Bytes  [2E, 79, 29, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                                                             82CD38E8 4 Bytes  [38, 79, 29, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                                                             82CD392C 4 Bytes  [33, 79, 29, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1613                                                                                             82CD39A8 4 Bytes  [3D, 79, 29, 8E]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1667                                                                                             82CD39FC 4 Bytes  [42, 79, 29, 8E]
.text           ...                                                                                                                             

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                                                                        fltmgr.sys
---- Processes - GMER 2.1 ----

Library         C:\Program Files\TuneUp Utilities 2014\SDShelEx-win32.dll (*** hidden *** ) @ C:\Program Files\RocketDock\RocketDock.exe [772]  0x572C0000                                                                                                                                           
Library         C:\Program Files\TuneUp Utilities 2014\SDShelEx-win32.dll (*** hidden *** ) @ C:\Windows\Explorer.EXE [1716]                    0x572C0000                                                                                                                                           
Library         C:\Program Files\TuneUp Utilities 2014\DseShExt-x86.dll (*** hidden *** ) @ C:\Windows\Explorer.EXE [1716]                      0x57160000                                                                                                                                           

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                                           unknown MBR code

---- EOF - GMER 2.1 ----
         

Danke noch mals

Alt 15.10.2014, 16:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



Hi,

ist das ein Desktop Rechner oder Laptop?


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Avira Savings Advisor

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 15.10.2014, 16:58   #3
profdopenudl
 
Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



Erstmal danke für die schnelle Antwort
Echt super.

Habe ein PC also kein Laptop.


Habe beide Programme ausgeführt.
Bei dem Uninstaller habe ich über 600 Beiträge gelöscht und bei dem anderen Programm kam garnicht's raus.
Also hat nicht's gefunden.

Was soll ich jetzt noch machen oder war's das?

Sorry erst jetzt das Log file gesehen...

Code:
ATTFilter
23:55:15.0735 0x1718  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:55:19.0618 0x1718  ============================================================
23:55:19.0619 0x1718  Current date / time: 2014/10/14 23:55:19.0618
23:55:19.0619 0x1718  SystemInfo:
23:55:19.0619 0x1718  
23:55:19.0619 0x1718  OS Version: 6.1.7601 ServicePack: 1.0
23:55:19.0619 0x1718  Product type: Workstation
23:55:19.0619 0x1718  ComputerName: PRODUZENT-PC
23:55:19.0619 0x1718  UserName: Produzent
23:55:19.0619 0x1718  Windows directory: C:\Windows
23:55:19.0619 0x1718  System windows directory: C:\Windows
23:55:19.0619 0x1718  Processor architecture: Intel x86
23:55:19.0619 0x1718  Number of processors: 2
23:55:19.0619 0x1718  Page size: 0x1000
23:55:19.0619 0x1718  Boot type: Normal boot
23:55:19.0619 0x1718  ============================================================
23:55:21.0022 0x1718  KLMD registered as C:\Windows\system32\drivers\48310640.sys
23:55:21.0330 0x1718  System UUID: {FF8829A5-2055-FF6E-7F95-D46032F30F7B}
23:55:22.0019 0x1718  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
23:55:22.0019 0x1718  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:55:22.0021 0x1718  ============================================================
23:55:22.0021 0x1718  \Device\Harddisk0\DR0:
23:55:22.0021 0x1718  MBR partitions:
23:55:22.0021 0x1718  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:55:22.0021 0x1718  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192000
23:55:22.0021 0x1718  \Device\Harddisk1\DR1:
23:55:22.0022 0x1718  MBR partitions:
23:55:22.0022 0x1718  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
23:55:22.0022 0x1718  ============================================================
23:55:22.0030 0x1718  Initialize success
23:55:22.0030 0x1718  ============================================================
23:56:08.0946 0x17ac  ============================================================
23:56:08.0946 0x17ac  Scan started
23:56:08.0946 0x17ac  Mode: Manual; SigCheck; TDLFS; 
23:56:08.0946 0x17ac  ============================================================
23:56:08.0946 0x17ac  KSN ping started
23:56:34.0997 0x17ac  KSN ping finished: true
23:56:35.0387 0x17ac  ================ Scan system memory ========================
23:56:35.0387 0x17ac  System memory - ok
23:56:35.0387 0x17ac  ================ Scan services =============================
23:56:35.0449 0x17ac  1394ohci - ok
23:56:35.0465 0x17ac  ACPI - ok
23:56:35.0481 0x17ac  AcpiPmi - ok
23:56:35.0512 0x17ac  AdobeFlashPlayerUpdateSvc - ok
23:56:35.0512 0x17ac  adp94xx - ok
23:56:35.0543 0x17ac  adpahci - ok
23:56:35.0559 0x17ac  adpu320 - ok
23:56:35.0574 0x17ac  AeLookupSvc - ok
23:56:35.0590 0x17ac  AFD - ok
23:56:35.0605 0x17ac  agp440 - ok
23:56:35.0637 0x17ac  aic78xx - ok
23:56:35.0746 0x17ac  ALG - ok
23:56:35.0746 0x17ac  aliide - ok
23:56:35.0746 0x17ac  AMD External Events Utility - ok
23:56:35.0761 0x17ac  amdagp - ok
23:56:35.0761 0x17ac  amdide - ok
23:56:35.0824 0x17ac  amdiox86 - ok
23:56:35.0855 0x17ac  AmdK8 - ok
23:56:35.0917 0x17ac  amdkmdag - ok
23:56:35.0964 0x17ac  amdkmdap - ok
23:56:35.0964 0x17ac  AmdPPM - ok
23:56:35.0980 0x17ac  amdsata - ok
23:56:35.0980 0x17ac  amdsbs - ok
23:56:35.0980 0x17ac  amdxata - ok
23:56:35.0995 0x17ac  AntiVirSchedulerService - ok
23:56:36.0011 0x17ac  AntiVirService - ok
23:56:36.0027 0x17ac  AppID - ok
23:56:36.0042 0x17ac  AppIDSvc - ok
23:56:36.0042 0x17ac  Appinfo - ok
23:56:36.0058 0x17ac  AppMgmt - ok
23:56:36.0073 0x17ac  arc - ok
23:56:36.0073 0x17ac  arcsas - ok
23:56:36.0089 0x17ac  aspnet_state - ok
23:56:36.0089 0x17ac  AsyncMac - ok
23:56:36.0089 0x17ac  atapi - ok
23:56:36.0105 0x17ac  athur - ok
23:56:36.0120 0x17ac  AtiHDAudioService - ok
23:56:36.0136 0x17ac  AtiHdmiService - ok
23:56:36.0136 0x17ac  AudioEndpointBuilder - ok
23:56:36.0151 0x17ac  Audiosrv - ok
23:56:36.0151 0x17ac  avgntflt - ok
23:56:36.0167 0x17ac  avipbb - ok
23:56:36.0183 0x17ac  Avira.OE.ServiceHost - ok
23:56:36.0183 0x17ac  avkmgr - ok
23:56:36.0198 0x17ac  AxInstSV - ok
23:56:36.0198 0x17ac  b06bdrv - ok
23:56:36.0214 0x17ac  b57nd60x - ok
23:56:36.0229 0x17ac  BDESVC - ok
23:56:36.0229 0x17ac  Beep - ok
23:56:36.0229 0x17ac  BFE - ok
23:56:36.0245 0x17ac  BITS - ok
23:56:36.0245 0x17ac  blbdrive - ok
23:56:36.0261 0x17ac  bowser - ok
23:56:36.0261 0x17ac  BrFiltLo - ok
23:56:36.0261 0x17ac  BrFiltUp - ok
23:56:36.0276 0x17ac  Browser - ok
23:56:36.0276 0x17ac  Brserid - ok
23:56:36.0276 0x17ac  BrSerWdm - ok
23:56:36.0292 0x17ac  BrUsbMdm - ok
23:56:36.0292 0x17ac  BrUsbSer - ok
23:56:36.0292 0x17ac  BTHMODEM - ok
23:56:36.0307 0x17ac  bthserv - ok
23:56:36.0307 0x17ac  cdfs - ok
23:56:36.0323 0x17ac  cdrom - ok
23:56:36.0323 0x17ac  CertPropSvc - ok
23:56:36.0339 0x17ac  circlass - ok
23:56:36.0339 0x17ac  CLFS - ok
23:56:36.0339 0x17ac  clr_optimization_v2.0.50727_32 - ok
23:56:36.0354 0x17ac  clr_optimization_v4.0.30319_32 - ok
23:56:36.0370 0x17ac  CmBatt - ok
23:56:36.0370 0x17ac  cmdide - ok
23:56:36.0385 0x17ac  CNG - ok
23:56:36.0385 0x17ac  Compbatt - ok
23:56:36.0417 0x17ac  CompositeBus - ok
23:56:36.0417 0x17ac  COMSysApp - ok
23:56:36.0417 0x17ac  crcdisk - ok
23:56:36.0432 0x17ac  CryptSvc - ok
23:56:36.0432 0x17ac  CSC - ok
23:56:36.0448 0x17ac  CscService - ok
23:56:36.0448 0x17ac  DcomLaunch - ok
23:56:36.0463 0x17ac  defragsvc - ok
23:56:36.0463 0x17ac  DfsC - ok
23:56:36.0463 0x17ac  Dhcp - ok
23:56:36.0479 0x17ac  discache - ok
23:56:36.0495 0x17ac  Disk - ok
23:56:36.0495 0x17ac  dmvsc - ok
23:56:36.0495 0x17ac  Dnscache - ok
23:56:36.0510 0x17ac  dot3svc - ok
23:56:36.0510 0x17ac  DPS - ok
23:56:36.0510 0x17ac  drmkaud - ok
23:56:36.0526 0x17ac  DXGKrnl - ok
23:56:36.0526 0x17ac  EapHost - ok
23:56:36.0526 0x17ac  ebdrv - ok
23:56:36.0541 0x17ac  EFS - ok
23:56:36.0541 0x17ac  elxstor - ok
23:56:36.0541 0x17ac  ErrDev - ok
23:56:36.0573 0x17ac  ESProtectionDriver - ok
23:56:36.0588 0x17ac  EventSystem - ok
23:56:36.0588 0x17ac  exfat - ok
23:56:36.0588 0x17ac  fastfat - ok
23:56:36.0604 0x17ac  Fax - ok
23:56:36.0604 0x17ac  fdc - ok
23:56:36.0604 0x17ac  fdPHost - ok
23:56:36.0619 0x17ac  FDResPub - ok
23:56:36.0619 0x17ac  FileInfo - ok
23:56:36.0635 0x17ac  Filetrace - ok
23:56:36.0635 0x17ac  flpydisk - ok
23:56:36.0760 0x17ac  FltMgr - ok
23:56:36.0791 0x17ac  FontCache - ok
23:56:36.0807 0x17ac  FontCache3.0.0.0 - ok
23:56:36.0807 0x17ac  FsDepends - ok
23:56:36.0822 0x17ac  Fs_Rec - ok
23:56:36.0838 0x17ac  fvevol - ok
23:56:36.0838 0x17ac  gagp30kx - ok
23:56:36.0853 0x17ac  ggflt - ok
23:56:36.0853 0x17ac  ggsemc - ok
23:56:36.0869 0x17ac  gpsvc - ok
23:56:36.0869 0x17ac  hcw85cir - ok
23:56:36.0885 0x17ac  HdAudAddService - ok
23:56:36.0885 0x17ac  HDAudBus - ok
23:56:36.0900 0x17ac  HidBatt - ok
23:56:36.0900 0x17ac  HidBth - ok
23:56:36.0916 0x17ac  HidIr - ok
23:56:36.0916 0x17ac  hidserv - ok
23:56:36.0931 0x17ac  HidUsb - ok
23:56:36.0947 0x17ac  hkmsvc - ok
23:56:36.0947 0x17ac  HomeGroupListener - ok
23:56:36.0947 0x17ac  HomeGroupProvider - ok
23:56:36.0963 0x17ac  HpSAMD - ok
23:56:36.0963 0x17ac  HTTP - ok
23:56:36.0963 0x17ac  hwpolicy - ok
23:56:36.0978 0x17ac  i8042prt - ok
23:56:36.0978 0x17ac  iaStorV - ok
23:56:36.0978 0x17ac  idsvc - ok
23:56:37.0009 0x17ac  IEEtwCollectorService - ok
23:56:37.0025 0x17ac  iirsp - ok
23:56:37.0025 0x17ac  IKEEXT - ok
23:56:37.0025 0x17ac  intelide - ok
23:56:37.0041 0x17ac  intelppm - ok
23:56:37.0041 0x17ac  IPBusEnum - ok
23:56:37.0041 0x17ac  IpFilterDriver - ok
23:56:37.0056 0x17ac  iphlpsvc - ok
23:56:37.0056 0x17ac  IPMIDRV - ok
23:56:37.0072 0x17ac  IPNAT - ok
23:56:37.0072 0x17ac  IRENUM - ok
23:56:37.0072 0x17ac  isapnp - ok
23:56:37.0087 0x17ac  iScsiPrt - ok
23:56:37.0087 0x17ac  kbdclass - ok
23:56:37.0103 0x17ac  kbdhid - ok
23:56:37.0103 0x17ac  KeyIso - ok
23:56:37.0103 0x17ac  KSecDD - ok
23:56:37.0119 0x17ac  KSecPkg - ok
23:56:37.0119 0x17ac  KtmRm - ok
23:56:37.0119 0x17ac  LanmanServer - ok
23:56:37.0134 0x17ac  LanmanWorkstation - ok
23:56:37.0134 0x17ac  lltdio - ok
23:56:37.0150 0x17ac  lltdsvc - ok
23:56:37.0150 0x17ac  lmhosts - ok
23:56:37.0150 0x17ac  LSI_FC - ok
23:56:37.0165 0x17ac  LSI_SAS - ok
23:56:37.0165 0x17ac  LSI_SAS2 - ok
23:56:37.0181 0x17ac  LSI_SCSI - ok
23:56:37.0181 0x17ac  luafv - ok
23:56:37.0197 0x17ac  MbaeSvc - ok
23:56:37.0212 0x17ac  MBAMProtector - ok
23:56:37.0228 0x17ac  MBAMScheduler - ok
23:56:37.0228 0x17ac  MBAMService - ok
23:56:37.0243 0x17ac  MBAMWebAccessControl - ok
23:56:37.0259 0x17ac  McComponentHostService - ok
23:56:37.0259 0x17ac  megasas - ok
23:56:37.0259 0x17ac  MegaSR - ok
23:56:37.0275 0x17ac  MMCSS - ok
23:56:37.0275 0x17ac  Modem - ok
23:56:37.0290 0x17ac  monitor - ok
23:56:37.0290 0x17ac  mouclass - ok
23:56:37.0290 0x17ac  mouhid - ok
23:56:37.0306 0x17ac  mountmgr - ok
23:56:37.0306 0x17ac  MozillaMaintenance - ok
23:56:37.0321 0x17ac  mpio - ok
23:56:37.0321 0x17ac  mpsdrv - ok
23:56:37.0337 0x17ac  MpsSvc - ok
23:56:37.0337 0x17ac  MRxDAV - ok
23:56:37.0337 0x17ac  mrxsmb - ok
23:56:37.0353 0x17ac  mrxsmb10 - ok
23:56:37.0353 0x17ac  mrxsmb20 - ok
23:56:37.0368 0x17ac  msahci - ok
23:56:37.0368 0x17ac  msdsm - ok
23:56:37.0384 0x17ac  MSDTC - ok
23:56:37.0384 0x17ac  Msfs - ok
23:56:37.0399 0x17ac  mshidkmdf - ok
23:56:37.0399 0x17ac  msisadrv - ok
23:56:37.0399 0x17ac  MSiSCSI - ok
23:56:37.0415 0x17ac  msiserver - ok
23:56:37.0415 0x17ac  MSKSSRV - ok
23:56:37.0415 0x17ac  MSPCLOCK - ok
23:56:37.0431 0x17ac  MSPQM - ok
23:56:37.0431 0x17ac  MsRPC - ok
23:56:37.0446 0x17ac  mssmbios - ok
23:56:37.0446 0x17ac  MSTEE - ok
23:56:37.0462 0x17ac  MTConfig - ok
23:56:37.0462 0x17ac  Mup - ok
23:56:37.0462 0x17ac  napagent - ok
23:56:37.0477 0x17ac  NativeWifiP - ok
23:56:37.0477 0x17ac  NDIS - ok
23:56:37.0477 0x17ac  NdisCap - ok
23:56:37.0493 0x17ac  NdisTapi - ok
23:56:37.0493 0x17ac  Ndisuio - ok
23:56:37.0509 0x17ac  NdisWan - ok
23:56:37.0509 0x17ac  NDProxy - ok
23:56:37.0509 0x17ac  NetBIOS - ok
23:56:37.0524 0x17ac  NetBT - ok
23:56:37.0524 0x17ac  Netlogon - ok
23:56:37.0524 0x17ac  Netman - ok
23:56:37.0540 0x17ac  NetMsmqActivator - ok
23:56:37.0540 0x17ac  NetPipeActivator - ok
23:56:37.0555 0x17ac  netprofm - ok
23:56:37.0555 0x17ac  NetTcpActivator - ok
23:56:37.0555 0x17ac  NetTcpPortSharing - ok
23:56:37.0571 0x17ac  nfrd960 - ok
23:56:37.0571 0x17ac  NlaSvc - ok
23:56:37.0571 0x17ac  Npfs - ok
23:56:37.0587 0x17ac  nsi - ok
23:56:37.0587 0x17ac  nsiproxy - ok
23:56:37.0602 0x17ac  Ntfs - ok
23:56:37.0602 0x17ac  Null - ok
23:56:37.0602 0x17ac  NVENETFD - ok
23:56:37.0618 0x17ac  nvraid - ok
23:56:37.0618 0x17ac  nvstor - ok
23:56:37.0618 0x17ac  nv_agp - ok
23:56:37.0633 0x17ac  ohci1394 - ok
23:56:37.0649 0x17ac  OpenVPNService - ok
23:56:37.0649 0x17ac  p2pimsvc - ok
23:56:37.0649 0x17ac  p2psvc - ok
23:56:37.0665 0x17ac  Parport - ok
23:56:37.0665 0x17ac  partmgr - ok
23:56:37.0680 0x17ac  Parvdm - ok
23:56:37.0680 0x17ac  PcaSvc - ok
23:56:37.0680 0x17ac  pci - ok
23:56:37.0696 0x17ac  pciide - ok
23:56:37.0696 0x17ac  pcmcia - ok
23:56:37.0711 0x17ac  pcw - ok
23:56:37.0711 0x17ac  PEAUTH - ok
23:56:37.0711 0x17ac  PeerDistSvc - ok
23:56:37.0727 0x17ac  pla - ok
23:56:37.0743 0x17ac  PlugPlay - ok
23:56:37.0758 0x17ac  PNRPAutoReg - ok
23:56:37.0758 0x17ac  PNRPsvc - ok
23:56:37.0758 0x17ac  PolicyAgent - ok
23:56:37.0774 0x17ac  Power - ok
23:56:37.0774 0x17ac  PptpMiniport - ok
23:56:37.0774 0x17ac  Processor - ok
23:56:37.0789 0x17ac  ProfSvc - ok
23:56:37.0789 0x17ac  ProtectedStorage - ok
23:56:37.0805 0x17ac  Psched - ok
23:56:37.0805 0x17ac  ql2300 - ok
23:56:37.0805 0x17ac  ql40xx - ok
23:56:37.0821 0x17ac  QWAVE - ok
23:56:37.0821 0x17ac  QWAVEdrv - ok
23:56:37.0821 0x17ac  RasAcd - ok
23:56:37.0836 0x17ac  RasAgileVpn - ok
23:56:37.0836 0x17ac  RasAuto - ok
23:56:37.0836 0x17ac  Rasl2tp - ok
23:56:37.0852 0x17ac  RasMan - ok
23:56:37.0852 0x17ac  RasPppoe - ok
23:56:37.0852 0x17ac  RasSstp - ok
23:56:37.0867 0x17ac  rdbss - ok
23:56:37.0867 0x17ac  rdpbus - ok
23:56:37.0883 0x17ac  RDPCDD - ok
23:56:37.0883 0x17ac  RDPDR - ok
23:56:37.0883 0x17ac  RDPENCDD - ok
23:56:37.0899 0x17ac  RDPREFMP - ok
23:56:37.0899 0x17ac  RDPWD - ok
23:56:37.0914 0x17ac  rdyboost - ok
23:56:37.0914 0x17ac  RemoteAccess - ok
23:56:37.0914 0x17ac  RemoteRegistry - ok
23:56:37.0930 0x17ac  RpcEptMapper - ok
23:56:37.0930 0x17ac  RpcLocator - ok
23:56:37.0930 0x17ac  RpcSs - ok
23:56:37.0945 0x17ac  rspndr - ok
23:56:37.0945 0x17ac  RSUSBSTOR - ok
23:56:37.0961 0x17ac  s3cap - ok
23:56:37.0961 0x17ac  SamSs - ok
23:56:37.0961 0x17ac  SANDRA - ok
23:56:37.0977 0x17ac  sbp2port - ok
23:56:37.0977 0x17ac  SCardSvr - ok
23:56:37.0992 0x17ac  scfilter - ok
23:56:37.0992 0x17ac  Schedule - ok
23:56:37.0992 0x17ac  SCPolicySvc - ok
23:56:38.0008 0x17ac  SDRSVC - ok
23:56:38.0008 0x17ac  SDScannerService - ok
23:56:38.0023 0x17ac  SDUpdateService - ok
23:56:38.0023 0x17ac  SDWSCService - ok
23:56:38.0023 0x17ac  secdrv - ok
23:56:38.0039 0x17ac  seclogon - ok
23:56:38.0039 0x17ac  SENS - ok
23:56:38.0055 0x17ac  SensrSvc - ok
23:56:38.0055 0x17ac  Serenum - ok
23:56:38.0055 0x17ac  Serial - ok
23:56:38.0070 0x17ac  sermouse - ok
23:56:38.0070 0x17ac  SessionEnv - ok
23:56:38.0086 0x17ac  sffdisk - ok
23:56:38.0086 0x17ac  sffp_mmc - ok
23:56:38.0101 0x17ac  sffp_sd - ok
23:56:38.0101 0x17ac  sfloppy - ok
23:56:38.0101 0x17ac  SharedAccess - ok
23:56:38.0117 0x17ac  ShellHWDetection - ok
23:56:38.0117 0x17ac  sisagp - ok
23:56:38.0117 0x17ac  SiSRaid2 - ok
23:56:38.0133 0x17ac  SiSRaid4 - ok
23:56:38.0133 0x17ac  Smb - ok
23:56:38.0148 0x17ac  SNMPTRAP - ok
23:56:38.0148 0x17ac  spldr - ok
23:56:38.0164 0x17ac  Spooler - ok
23:56:38.0164 0x17ac  sppsvc - ok
23:56:38.0164 0x17ac  sppuinotify - ok
23:56:38.0179 0x17ac  srv - ok
23:56:38.0179 0x17ac  srv2 - ok
23:56:38.0179 0x17ac  srvnet - ok
23:56:38.0195 0x17ac  SSDPSRV - ok
23:56:38.0195 0x17ac  ssmdrv - ok
23:56:38.0211 0x17ac  SstpSvc - ok
23:56:38.0211 0x17ac  stexstor - ok
23:56:38.0226 0x17ac  StillCam - ok
23:56:38.0226 0x17ac  StiSvc - ok
23:56:38.0242 0x17ac  storflt - ok
23:56:38.0242 0x17ac  StorSvc - ok
23:56:38.0242 0x17ac  storvsc - ok
23:56:38.0257 0x17ac  swenum - ok
23:56:38.0257 0x17ac  swprv - ok
23:56:38.0257 0x17ac  SysMain - ok
23:56:38.0273 0x17ac  TabletInputService - ok
23:56:38.0273 0x17ac  tap0901 - ok
23:56:38.0273 0x17ac  TapiSrv - ok
23:56:38.0289 0x17ac  TBS - ok
23:56:38.0289 0x17ac  Tcpip - ok
23:56:38.0289 0x17ac  TCPIP6 - ok
23:56:38.0304 0x17ac  tcpipreg - ok
23:56:38.0304 0x17ac  TDPIPE - ok
23:56:38.0320 0x17ac  TDTCP - ok
23:56:38.0320 0x17ac  tdx - ok
23:56:38.0335 0x17ac  TeamViewer9 - ok
23:56:38.0351 0x17ac  TermDD - ok
23:56:38.0351 0x17ac  TermService - ok
23:56:38.0351 0x17ac  Themes - ok
23:56:38.0367 0x17ac  THREADORDER - ok
23:56:38.0367 0x17ac  TrkWks - ok
23:56:38.0382 0x17ac  truecrypt - ok
23:56:38.0382 0x17ac  TrustedInstaller - ok
23:56:38.0382 0x17ac  tssecsrv - ok
23:56:38.0398 0x17ac  TsUsbFlt - ok
23:56:38.0398 0x17ac  TsUsbGD - ok
23:56:38.0413 0x17ac  tunnel - ok
23:56:38.0413 0x17ac  uagp35 - ok
23:56:38.0429 0x17ac  udfs - ok
23:56:38.0429 0x17ac  UI0Detect - ok
23:56:38.0445 0x17ac  UimBus - ok
23:56:38.0445 0x17ac  Uim_DEVIM - ok
23:56:38.0445 0x17ac  Uim_IM - ok
23:56:38.0460 0x17ac  uliagpkx - ok
23:56:38.0460 0x17ac  umbus - ok
23:56:38.0476 0x17ac  UmPass - ok
23:56:38.0476 0x17ac  UmRdpService - ok
23:56:38.0476 0x17ac  upnphost - ok
23:56:38.0491 0x17ac  usbaudio - ok
23:56:38.0491 0x17ac  usbccgp - ok
23:56:38.0491 0x17ac  usbcir - ok
23:56:38.0507 0x17ac  usbehci - ok
23:56:38.0507 0x17ac  usbhub - ok
23:56:38.0523 0x17ac  usbohci - ok
23:56:38.0523 0x17ac  usbprint - ok
23:56:38.0523 0x17ac  USBSTOR - ok
23:56:38.0538 0x17ac  usbuhci - ok
23:56:38.0538 0x17ac  UxSms - ok
23:56:38.0538 0x17ac  VaultSvc - ok
23:56:38.0554 0x17ac  vdrvroot - ok
23:56:38.0554 0x17ac  vds - ok
23:56:38.0554 0x17ac  vga - ok
23:56:38.0569 0x17ac  VgaSave - ok
23:56:38.0569 0x17ac  vhdmp - ok
23:56:38.0569 0x17ac  viaagp - ok
23:56:38.0585 0x17ac  ViaC7 - ok
23:56:38.0585 0x17ac  viaide - ok
23:56:38.0601 0x17ac  vmbus - ok
23:56:38.0601 0x17ac  VMBusHID - ok
23:56:38.0601 0x17ac  volmgr - ok
23:56:38.0616 0x17ac  volmgrx - ok
23:56:38.0616 0x17ac  volsnap - ok
23:56:38.0616 0x17ac  vsmraid - ok
23:56:38.0632 0x17ac  VSS - ok
23:56:38.0632 0x17ac  vwifibus - ok
23:56:38.0647 0x17ac  vwififlt - ok
23:56:38.0647 0x17ac  vwifimp - ok
23:56:38.0663 0x17ac  W32Time - ok
23:56:38.0663 0x17ac  WacomPen - ok
23:56:38.0663 0x17ac  WANARP - ok
23:56:38.0679 0x17ac  Wanarpv6 - ok
23:56:38.0679 0x17ac  wbengine - ok
23:56:38.0694 0x17ac  WbioSrvc - ok
23:56:38.0694 0x17ac  wcncsvc - ok
23:56:38.0694 0x17ac  WcsPlugInService - ok
23:56:38.0710 0x17ac  Wd - ok
23:56:38.0710 0x17ac  Wdf01000 - ok
23:56:38.0710 0x17ac  WdiServiceHost - ok
23:56:38.0725 0x17ac  WdiSystemHost - ok
23:56:38.0725 0x17ac  WebClient - ok
23:56:38.0725 0x17ac  Wecsvc - ok
23:56:38.0741 0x17ac  wercplsupport - ok
23:56:38.0741 0x17ac  WerSvc - ok
23:56:38.0757 0x17ac  WfpLwf - ok
23:56:38.0757 0x17ac  WIMMount - ok
23:56:38.0757 0x17ac  WinDefend - ok
23:56:38.0772 0x17ac  WinHttpAutoProxySvc - ok
23:56:38.0772 0x17ac  Winmgmt - ok
23:56:38.0788 0x17ac  WinRM - ok
23:56:38.0803 0x17ac  WinUsb - ok
23:56:38.0803 0x17ac  Wlansvc - ok
23:56:38.0819 0x17ac  WmiAcpi - ok
23:56:38.0819 0x17ac  wmiApSrv - ok
23:56:38.0835 0x17ac  WPCSvc - ok
23:56:38.0835 0x17ac  WPDBusEnum - ok
23:56:38.0835 0x17ac  ws2ifsl - ok
23:56:38.0850 0x17ac  wscsvc - ok
23:56:38.0850 0x17ac  WSearch - ok
23:56:38.0866 0x17ac  wuauserv - ok
23:56:38.0866 0x17ac  WudfPf - ok
23:56:38.0881 0x17ac  WUDFRd - ok
23:56:38.0881 0x17ac  wudfsvc - ok
23:56:38.0897 0x17ac  WwanSvc - ok
23:56:38.0913 0x17ac  ================ Scan global ===============================
23:56:38.0913 0x17ac  [ Global ] - ok
23:56:38.0913 0x17ac  ================ Scan MBR ==================================
23:56:38.0928 0x17ac  [ B7310D12FF8857D5B67EAA63423EDB33 ] \Device\Harddisk0\DR0
23:56:39.0381 0x17ac  \Device\Harddisk0\DR0 - ok
23:56:39.0396 0x17ac  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
23:56:39.0443 0x17ac  \Device\Harddisk1\DR1 - ok
23:56:39.0443 0x17ac  ================ Scan VBR ==================================
23:56:39.0443 0x17ac  [ F9184788B05154AC9117467DD5E2014D ] \Device\Harddisk0\DR0\Partition1
23:56:39.0443 0x17ac  \Device\Harddisk0\DR0\Partition1 - ok
23:56:39.0443 0x17ac  [ C59B5E9973BF969CF2768CE616E29BA3 ] \Device\Harddisk0\DR0\Partition2
23:56:39.0443 0x17ac  \Device\Harddisk0\DR0\Partition2 - ok
23:56:39.0459 0x17ac  [ 5B7C9894213A0DAED2B2E6E713C6866B ] \Device\Harddisk1\DR1\Partition1
23:56:39.0459 0x17ac  \Device\Harddisk1\DR1\Partition1 - ok
23:56:39.0459 0x17ac  ================ Scan generic autorun ======================
23:56:39.0459 0x17ac  Sidebar - ok
23:56:39.0459 0x17ac  mctadmin - ok
23:56:39.0459 0x17ac  Sidebar - ok
23:56:39.0459 0x17ac  mctadmin - ok
23:56:39.0459 0x17ac  TrueCrypt - ok
23:56:39.0474 0x17ac  RocketDock - ok
23:56:39.0474 0x17ac  Spybot-S&D Cleaning - ok
23:56:39.0552 0x17ac  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
23:56:39.0568 0x17ac  Win FW state via NFP2: enabled
23:56:42.0641 0x17ac  ============================================================
23:56:42.0641 0x17ac  Scan finished
23:56:42.0641 0x17ac  ============================================================
23:56:42.0641 0x1458  Detected object count: 0
23:56:42.0641 0x1458  Actual detected object count: 0
23:56:50.0987 0x0dcc  Deinitialize success
         
__________________

Alt 16.10.2014, 12:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



CMOS Batterie auf dem Mainboard erneuern.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.10.2014, 16:22   #5
profdopenudl
 
Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



Wie mache ich das? Muss man dazu löten oder sowas?
Sorry kenne mich da nicht so wirklich aus.


Alt 17.10.2014, 08:28   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Standard

Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!



Nein. Rechner aus, Stromkabel weg. Seitlich den Deckel abnehmen, auf dem Board steckt ne Batterie, ähnlich wie denen in Uhren oder KFZ-Schlüsseln.
__________________
--> Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!

Antwort

Themen zu Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!
antivirus, avira savings advisor entfernen, defender, downloader, driver booster, fehlercode 0x81000006, fehlercode 126, fehlercode windows, flash player, homepage, nodrives, officejet, prozessor, refresh, security, services.exe, software, svchost.exe, vista, windows



Ähnliche Themen: Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!


  1. Mailware im Browser ,surfen fast unmöglich
    Log-Analyse und Auswertung - 03.08.2015 (15)
  2. Windows Vista erneutes Werbung öffnen macht Surfen wieder unmöglich
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (15)
  3. Windows7: Toolbars, Werbung Istart. Surfen unmöglich
    Log-Analyse und Auswertung - 13.09.2014 (13)
  4. Dauerhaftes Werbung öffnen macht Surfen fast unmöglich
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (17)
  5. Uhrzeit wird verstellt
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (3)
  6. Beim surfen öffnet sich immer ein leeres Fenster! Hab ich ein Trojaner auf meinem PC?
    Plagegeister aller Art und deren Bekämpfung - 24.12.2013 (12)
  7. windows 7 - programme schließen nicht, surfen unmöglich wegen ständigen Popups und Weiterleitungen, lange Ladezeiten der Programme -Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  8. Werbe-Popupfenster machen "surfen" im Internet unmöglich
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (9)
  9. Virus? seit neustem Uhrzeit verstellt/ Browser sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (15)
  10. Meine Uhrzeit im Computer verstellt sich dauernd?
    Netzwerk und Hardware - 22.04.2012 (2)
  11. Uhrzeit verstellt sich immer, TrojanCheck spielt verrückt, habe ich einen Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2011 (4)
  12. Internet Explorer startet automatisch werbung und lautstärke verstellt sich
    Log-Analyse und Auswertung - 20.07.2010 (5)
  13. Systemzeit verstellt sich um 9 Stunden
    Plagegeister aller Art und deren Bekämpfung - 10.05.2009 (7)
  14. Uhr verstellt sich, ungewollte Fenster öffnen sich während dem Surfen
    Log-Analyse und Auswertung - 20.09.2008 (0)
  15. Desktop verstellt sich automatisch/ spyware warnungen
    Log-Analyse und Auswertung - 30.09.2006 (3)
  16. Startseite des IE verstellt sich auf Sexseite
    Log-Analyse und Auswertung - 21.11.2004 (6)
  17. Uhrzeit verändert sich bei Neustart, wie kommts?
    Plagegeister aller Art und deren Bekämpfung - 22.03.2003 (5)

Zum Thema Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! - Hi. Habe nur einen Verdacht. Kenne mich mit den Logfiles nicht so wirklich aus, aber habe es mal gepostet. Seit längerem verstellt sich meine Uhr, unten recht's, immer wieder. Kann - Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich!...
Archiv
Du betrachtest: Virusvermutung: Uhrzeit verstellt sich immer und surfen ist unmöglich! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.